Domain: keelog.com
Stories and comments across the archive that link to keelog.com.
Comments · 7
-
Re:Bank Security Guy here
I feel for you. That claim would be hilarious if it wasn't so serious.
Have you send them this page or something similar and the question whether their sw also protect against those? -
Re:Better security might help
I can't argue your point about the need to care about security and raising awareness. However the idea that locking down your box could stop the government is naive. If they can convince a judge they can get a warrant. With a warrant you simply enter the residence and install something like a hardware keylogger (that's a commercial one, they come much smaller) or a pinhole camera.
Your TrueCyrpt secured hard drive hosting your locked down Operating System behind the firewall of doom that only ever connects to the outside world through a VPN and random proxies means jack when a keyboard logger records your keystrokes or the camera watches you put them in. You can't secure against a warrant and direct physical access in that type of situation. The only thing that you can do is to focus on having a tamper evident system that alerts you.
Resources would be better spent on shoring up Tripwire like tools for everyday users so that they can know they have been compromised in the first place. There are open source versions of trip wire and I would encourage anyone concerned about these types of issues to work on maturing what is there and bringing it to the masses in a form that they everyday person can effectively use.
-
Hardware Keyloggers
Feeling secure firing up a clean desktop?
Might want to check the back of the PC or even better bring your own keyboard.
The solution is better than nothing but I still wouldn't trust Internet cafe's --> http://www.keelog.com/ -
Re:Simple
Doesn't access to your workstation == access to your password == logging on as you? Consider how trivial it would be for one of those contractors to slip in an unobtrusive hardware keylogger onto your computer and then harvest everything you type from the next room?
NB: this is one reason why I now do most of my passwords using KeePass - it effectively makes 1 factor authentication into 2 factor which at least stops incidental / opportunistic keylogging attacks.
-
Re:Remove the buzzwords
Privilege escalation? You've got to be kidding me. I challenge you to find an example of malware that attempts to exploit privilege escalation vulnerabilities. There might be a few out there, but based on my experience administering hundreds of windows boxes used by kids over the last ten years, they are not even remotely common.
In the real world where risk/reward ratio is considered, a separate limited account for the kids is an acceptable solution.
LOL at your experience.
Challenge Accepted.Any kiddo only needs 5 minutes to insert those between your PC and your keyboard to get all your passwords.
Next challenge?
-
Re:Physical Keylogger
As the other replies have stated, I don't remember them mentioning a physical keylogger. They do exist though. They sit in between the keyboards ps/2 plug and the systems ps/2 slot (USB varieties work the same). It looks like they just intercept and log the keystrokes, no software to detect on the host pc and no login needed.
-
You guys haven't heard about...?
There's this company which makes little only-physically-detectable (the computer has no idea, and no means of detection) PS/2 connectors with keylogging capabilities and built-in RAM for storage: http://www.keelog.com/
They even sell kits to make your own if you're too much of a tightwad to pay for a pre-built one!
--A