Re: keyboard loggers.

19 Dec 2000

      Alright... gotta get my two centz in here.

#Yo out to Bill S... always good advice

I'm guessing that with santa's problem it is almost impossible to keep 
people from putting key loggers onto a system if they have physical access 
to them.

HPFS (Easy to beat)
NTFS (Easy to beat)
NTFS 5 (Easy to beat)
UFS (Easy to beat)
FAT (hahahahahhaha)

It's all risk assessment Santa. If you don't trust your elves ya gotta pull 
the floppy, Zip, CD-ROM etc... access.

Key loggers are easy to code and can be named whatever you call them. You 
could however write a simple program to look for all the executable files on 
your systems and the do a sum of the previous days results to see if there 
are any changes. Intrusion detection is key to picking this stuff up... its 
a process you engauge in. Not a capability you will be able to attain.

Scoty

"It's all about the Pentium"
                         -Wierd Al
...
From: Bill Stewart <bill.stewart@pobox.com>
To: "PFSanta Claus" <pf_santa@hotmail.com>, cypherpunks@toad.com
Subject: Re: keyboard loggers.
Date: Mon, 18 Dec 2000 23:23:22 -0800
If you have to worry about people installing keyboard logging
programs on your machine without your permission, either
- you're using a public shared machine at a coffeeshop or school
  or Kinko's to do things you think need security, or
- you're using your employer's machine, and shouldn't do things
  that are inappropriate to do at work,
- you're using your employer's machine, and need a new employer
  who trusts his employees instead of feeling compelled
  to spy on them,
- you're using your employer's machine, and your employer has
  a serious security problem with people trying to crack in at night,
- you're sharing your home machine with a teenager who runs
  all sorts of game programs downloaded off the net
  or borrowed from friends, viruses and all,
- you've got serious security problems of your own -
  if they can sneak in and install programs like that,
  they can install anything else they want,
  copy your hard disk, probably even steal your hard disk, or
- the paranoids really are out to get you.
For the shared-machine problem, don't use insecure machines
to do secure stuff.  Use disposable email accounts,
American Express one-shot credit card numbers,
and if you must log in to something, use one-time passwords
(either S/Key or SecureID tokens or some similar mechanism.)
There's been some work done on encryption programs that run
in hand-held computers, whether Palm Pilot things with displays
or JavaRings or smartcards without them.  Matt Blaze, Ian Goldberg,
and Martin Minow have done presentations on those topics.
I'll leave you to figure out employer problems,
and there are professionals who can help with paranoia,
as long as you get to them before the Feds get to you.
One approach for the teenager problem (or the related problem of
machines for lab use, especially firewall research)
is removable disk drives.  You can get disk drive drawers for
IDE/Ultra/DMA/etc for about $20, and spare disks are only $100 or so.
Keep a clean copy for installing software you trust,
password-protected-screensavered to reduce accidents,
and give the kid his own disk to play with,
plus teach him how to reinstall software from CD-ROM
when it gets trashed.  It's the computer equivalent of
buying a full-sized beater car for your kid to learn to drive in -
extra weight, airbags, and an exterior you don't care about dents in.
If the kid has his own machine, and you're sharing a network,
that's more trouble.  You'll have to firewall your machine
off from the kid's, or at least mainly run the clean copy
disconnected from the net, and make sure the kid keeps
current virus protection installed and running.
...
Hi,
   I came across your addies in a search off ask Jeeves and thought
At 12:05 PM 12/18/00 -0900, PFSanta Claus wrote:
perhaps
...
due to the way your interests run you might be up on this topic. I'm a 
Sr.
Support Analyst for a large vendor and recently was asked by one of my
casual internet contacts if there was a way to prevent a "keyboard 
logging"
surveillance program from prevailing on their system and reporting the
goings on from their keyboard. In an effort to be helpful, I set about my
normal pattern of research and found that there seems to be a ton of info
promoting various products, yet there is virtually nothing I could find
which offers any realistic or reliable countermeasures that can be taken 
to
prevent someone from logging the output from your keyboard. Even the 
hackers
seem to think it isn't a threat to anyone's privacy. Weird...
Thanks!
      			Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

Scot Scot

tags

participants (1)