Hi, I came across your addies in a search off ask Jeeves and thought perhaps due to the way your interests run you might be up on this topic. I'm a Sr. Support Analyst for a large vendor and recently was asked by one of my casual internet contacts if there was a way to prevent a "keyboard logging" surveillance program from prevailing on their system and reporting the goings on from their keyboard. In an effort to be helpful, I set about my normal pattern of research and found that there seems to be a ton of info promoting various products, yet there is virtually nothing I could find which offers any realistic or reliable countermeasures that can be taken to prevent someone from logging the output from your keyboard. Even the hackers seem to think it isn't a threat to anyone's privacy. Weird... So anyway, all I'm asking is that should you know where I can find resources that assist me in defeating such software (especially if it's undetected), I would gratefully accept any guidance you could offer. That's all I need, I won't take anymore of your time. Peace, Tom (aka Santa) _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com
If you have to worry about people installing keyboard logging programs on your machine without your permission, either - you're using a public shared machine at a coffeeshop or school or Kinko's to do things you think need security, or - you're using your employer's machine, and shouldn't do things that are inappropriate to do at work, - you're using your employer's machine, and need a new employer who trusts his employees instead of feeling compelled to spy on them, - you're using your employer's machine, and your employer has a serious security problem with people trying to crack in at night, - you're sharing your home machine with a teenager who runs all sorts of game programs downloaded off the net or borrowed from friends, viruses and all, - you've got serious security problems of your own - if they can sneak in and install programs like that, they can install anything else they want, copy your hard disk, probably even steal your hard disk, or - the paranoids really are out to get you. For the shared-machine problem, don't use insecure machines to do secure stuff. Use disposable email accounts, American Express one-shot credit card numbers, and if you must log in to something, use one-time passwords (either S/Key or SecureID tokens or some similar mechanism.) There's been some work done on encryption programs that run in hand-held computers, whether Palm Pilot things with displays or JavaRings or smartcards without them. Matt Blaze, Ian Goldberg, and Martin Minow have done presentations on those topics. I'll leave you to figure out employer problems, and there are professionals who can help with paranoia, as long as you get to them before the Feds get to you. One approach for the teenager problem (or the related problem of machines for lab use, especially firewall research) is removable disk drives. You can get disk drive drawers for IDE/Ultra/DMA/etc for about $20, and spare disks are only $100 or so. Keep a clean copy for installing software you trust, password-protected-screensavered to reduce accidents, and give the kid his own disk to play with, plus teach him how to reinstall software from CD-ROM when it gets trashed. It's the computer equivalent of buying a full-sized beater car for your kid to learn to drive in - extra weight, airbags, and an exterior you don't care about dents in. If the kid has his own machine, and you're sharing a network, that's more trouble. You'll have to firewall your machine off from the kid's, or at least mainly run the clean copy disconnected from the net, and make sure the kid keeps current virus protection installed and running. At 12:05 PM 12/18/00 -0900, PFSanta Claus wrote:
Hi, I came across your addies in a search off ask Jeeves and thought perhaps due to the way your interests run you might be up on this topic. I'm a Sr. Support Analyst for a large vendor and recently was asked by one of my casual internet contacts if there was a way to prevent a "keyboard logging" surveillance program from prevailing on their system and reporting the goings on from their keyboard. In an effort to be helpful, I set about my normal pattern of research and found that there seems to be a ton of info promoting various products, yet there is virtually nothing I could find which offers any realistic or reliable countermeasures that can be taken to prevent someone from logging the output from your keyboard. Even the hackers seem to think it isn't a threat to anyone's privacy. Weird...
Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Somebody wrote in response to Bill Stewart's message: At least under Windows 98 you can "Start", "Programs", "Accessories", "System Tools", "System Information", and list the "System Hooks". Most keyboard sniffers are installed as "hooks". If you see a new one, you may have a problem. Here's what a JYA machine shows (sorry if the table wraps): Hook type Hooked by Application DLL path Application path ____________________________________________________________________________ ____________________________________________________ Keyboard Wbhook32.dll WEBSCANX.EXE C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\Wbhook32.dll Same as DLL path CBT Pgphk.dll PGPTRAY.EXE C:\WINDOWS\SYSTEM\pgphk.dll D:\PGP658\PGPTRAY.EXE Mouse Wbhook32.dll WEBSCANX.EXE C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\Wbhook32.dll Same as DLL path Surely Network Associates/PGP have no connection to the snoopers, but why scan keyboard and mouse?
participants (3)
-
Bill Stewart
-
John Young
-
PFSanta Claus