Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-Keylogging Recommendations?

Posted by timothy on from the start-thinking-lawyer dept.

BeeazleBub writes "A friend asked me about the best programs to detect and remove spyware/logging/monitoring software that might have been placed on her computer by a spouse. Since there are a plethora of good and bad programs out there, I thought I would ask the slashdot crew for their recommendations. What is simple, reliable and most effective? I'm sure some of you have had the same question or circumstance. (No, booting from a Linux CD is not an option for this user)."

36 of 179 comments (clear)

  1. Most Worthless Ask Slashdot Ever. by inTheLoo · · Score: 5, Insightful

    It's a domestic dispute that no one wants to get into. The obvious solution, to own your computer with free software, is not an option. All that's left is to delve into the cesspool of Winblows "solutions" and other inappropriate technical answers to an environment of broken trust.

    --
    No calls now, I'm ...
    1. Re:Most Worthless Ask Slashdot Ever. by Simon+(S2) · · Score: 4, Insightful

      I agree. There is no solution. There are hardware keyloggers, software keyloggers, the spouse could log all traffic to/from the machine or take a screenshot every now and then. There is no solution to this. Trust your spouse or grap your computer and lock it somewhere only you have the key to.

      --
      I just don't trust anything that bleeds for five days and doesn't die.
    2. Re:Most Worthless Ask Slashdot Ever. by powerlord · · Score: 4, Interesting

      Trust your spouse or grap your computer and lock it somewhere only you have the key to.


      Too true.

      Nowadays, if you need a "trusted" computer, think about getting a Mac Airbook that you can slip into a folder in a filing cabinet when not in use, or keep with you all the time.

      Using a laptop raises the hurdle for installing a hardware keylogger (they're usually just dongles that sit between the keyboard and the computer), and using OS X should raise the bar a bit to install malware (not that it doesn't exist, it just might be more difficult to find, and navigating in OS X will be more challenging for a user not use to it).

      Using a small footprint laptop (like the Air), means you can hide it "in plain site", or in a place you can ensure physical control over (although personal control trumps al others for security).

      Realize that unless you're using encrypted protocols to browse web sites or send/receive email, your traffic could still be intercepted on the network, but that again requires a more sophisticated user than the average "Spouse who installed a keylogger".
      --
      This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
    3. Re:Most Worthless Ask Slashdot Ever. by NewbieProgrammerMan · · Score: 5, Insightful

      Oh, there's a solution: the friend needs to uninstall their spouse.

      Honestly, if you're at the point in a relationship where you're spying on each other, it's time to just throw in the towel and find a partner you can trust.

      --
      [b.belong('us') for b in bases if b.owner() == 'you']
    4. Re:Most Worthless Ask Slashdot Ever. by plover · · Score: 5, Insightful

      Marriage is "til death do you part", not "until we aren't happy anymore."

      Sorry, gotta call utter bullshit on this one.

      Seriously, if you are in an abusive relationship, LEAVE. Leave before it gets worse, leave before it injures or kills you.

      A psychologically abusive relationship is just as bad as a physically abusive one -- perhaps worse, because the victim is led to believe a pack of lies that keeps them from leaving.

      There is no reason to stay married in this situation. If you're worried about the whole "till death do us part" thing, consider that the abuser broke the vows first by failing to love and honor.

      --
      John
    5. Re:Most Worthless Ask Slashdot Ever. by NewbieProgrammerMan · · Score: 4, Insightful

      If you're worried about the whole "till death do us part" thing, consider that the abuser broke the vows first by failing to love and honor. What an excellent point. That I haven't seen it stated so clearly until now probably says something unfortunate about the amount of slack given to abusers.
      --
      [b.belong('us') for b in bases if b.owner() == 'you']
    6. Re:Most Worthless Ask Slashdot Ever. by NewbieProgrammerMan · · Score: 2, Insightful

      For all we know, this elaborate game of deception and control is foreplay for this couple. <tone="snarky, eye-rolling asshole">Yeah, because every time I've seen couples in which one person spies on the other, it was clearly loving foreplay. I'm sure that's by far the top motivation for spyware sales and PI hires.</tone> Give me a break.
      --
      [b.belong('us') for b in bases if b.owner() == 'you']
  2. I'll bet there's a good back story by astrashe · · Score: 5, Insightful

    I'll bet there's a really interesting story behind this.

    Here's the answer. She's trying to solve a human problem with a technical solution. It won't work. If she has to use a suspect windows computer, there's no software that will guarantee it's clean. It can't be done.

    And if you can't trust the person you're married to, your main problems in life aren't computer problems.

    1. Re:I'll bet there's a good back story by MBCook · · Score: 4, Insightful

      I agree. My first thought was "don't get involved."

      Even if you think the husband is a spouse-abusing homicidal maniac, don't do this. If there is evidence, turn him into the police. Otherwise stay out.

      She can google it. She can take it somewhere (like Best Buy, Circuit City, etc). I know their terrible, but hey. If they work things out, you are the guy who tried to help her get out of the marriage. That won't ender you to him. If things go farther, how do you think you'll be treated if there was a key-logger and your solution didn't work? If there is no key-logger and she is just reaching and scared and overwhelmed, then playing into that could make things worse (in the harder for them to get together and fix their marriage if possible sense).

      She can use another computer, reinstall Windows, whatever. Don't get in the middle of someone else's fight (unless it is to save their life or some such, in which case, again, call the police). I seriously doubt doing this will make your life easier in any way.

      Tell her to go to a private eye. Talk to a (better) divorce attorney. But tell her you don't want to get involved in this.

      --
      Comment forecast: Bits of genius surrounded by a sea of mediocrity.
    2. Re:I'll bet there's a good back story by Idaho · · Score: 2, Insightful

      Here's the answer. She's trying to solve a human problem with a technical solution. It won't work. If she has to use a suspect windows computer, there's no software that will guarantee it's clean. It can't be done.


      You are absolutely right, which pretty much ends this discussion right there.

      Normally I'd suggest to do a complete Windows reinstall (assuming you have to run Windows), or install Linux, but you can't trust a Linux machine either, if others have physical access to them (and they know what they're doing).

      In any case this is a completely moot point for the exact reasons you mentioned.

      Assuming the real (non-tech) problem at hand here cannot easily be addressed, I'd suggest maybe buying an Asus EEE PC (since they're not too expensive and relatively easy to carry with you all the time). In addition, buy an USB stick or SD-card, and only store your data on those. They will easily fit in your wallet. But yeah, buying new hardware to work around this problem does not sound like a real solution, to be frank.
      --
      Every expression is true, for a given value of 'true'
    3. Re:I'll bet there's a good back story by nacturation · · Score: 2, Interesting

      If they work things out, you are the guy who tried to help her get out of the marriage. I got the impression that this just might be the submitter's goal. Maybe the wife and him are having an affair and she (and he) wants to keep it from the husband.

      Either way, your and the GP's comments are spot on. There isn't a technical solution to a social problem.
      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
    4. Re:I'll bet there's a good back story by Khaed · · Score: 2, Informative
      I know it's an existing reason. I want to know why:

      I'd like to know why "booting from a Linux CD" isn't an option, though.


      There's a reason I directly quoted the summary; I recognize THAT it's not an option. Why it's not an option is the question.
  3. Divorce. by The+Warlock · · Score: 4, Insightful

    Only solution. Either the wife is spying on the guy, in which case she doesn't trust him, or the guy is baselessly convinced that his wife is spying on him, in which case he doesn't trust her. Either way, this relationship is doomed.

    --
    I've upped my standards, so up yours.
  4. Divorce by jps25 · · Score: 3, Insightful

    If trust in a relationship is gone and you have to play hide and seek, there's only one option left. Divorce.

    1. Re:Divorce by Planesdragon · · Score: 2, Insightful

      Let me guess: you're single?

      "Trust" means "I trust that I know my partner, and know what they are capable of and what they can be relied upon."

      It does NOT mean "I trust my partner to do X."

      For example, my wife can't trust me to take out the trash, and I can't trust her to change the oil in our car. Does that mean we should get a divorce?

    2. Re:Divorce by PachmanP · · Score: 4, Insightful

      Divorce is messy and you lose half your stuff. Further more some take the "til death" vows seriously. This leaves open the superior option, Murder.

      --
      You're thinking small. Why miniaturize the laser, when we could instead enlarge the sharks? -John Searle
    3. Re:Divorce by Khaed · · Score: 2, Insightful

      There's a huge difference between "she doesn't change the oil" and "I need to monitor every keystroke she makes."

      If you need to monitor everything someone does then you don't trust them.

  5. Format disk by coldfarnorth · · Score: 4, Informative

    Format, Reinstall. That wipes software. Splurge and buy a new keyboard if you don't trust it. Do a quick look for suspicious looking hardware. That should handle the worst. Ah, and change the locks to the house. No point going to all the trouble is the Ex-Spouse has access to the machine.

    --
    Lets start refering to The War Against Terror by it's initials. . .
  6. that's the least of her problems by Stradivarius · · Score: 3, Informative

    If I had any good recommendations for such tools, I'd give them, but I don't, so I'll try to help in another way. I'll pose some questions that hopefully your friend will be asking herself:

    1) Isn't this missing the forest for the trees? If a marriage is so lacking in trust that she thinks her spouse is spying on her, there's a problem. If her spouse actually did install such a thing, there is similarly a problem. This is a much greater problem than the software itself. If she wants to save the marriage, this is the sort of situation where a counselor or similar trusted third party could be very helpful.

    2) If the logger or other software is indeed there, what is she worried about him discovering? If she's just (rightfully) angry about the installation of this software, and trying to demonstrate a point by removing it, that's one thing. But if there actually is something she wants to hide, again this is a far bigger problem in the relationship than the software.

    Good luck to your friend. This sounds like a tough spot to be in.

    1. Re:that's the least of her problems by Basje · · Score: 3, Insightful

      Or maybe he is. For all we know BeeazleBub, the poster, is having an affair with her. A friend indeed.

      --
      the pun is mightier than the sword
    2. Re:that's the least of her problems by dissy · · Score: 2, Interesting

      Perhaps she is trying to gather valuable information for the divorce. If that was the case, then a detached 3rd party who is a specialist in the field should be doing the forensics.

      If she takes the computer in for repair with claims if running slow and suspect being the target of a directed attack, then that can be used as evidence.
      If joe schmoe guy who is her friend does the same, the court would most likely ignore or strike that evidence out, and also gives the husband an attack vector by claiming this guy planted it to undermine their marriage or trying to get into her pants, which would not only have the evidence thrown out, but look worse for her own case.

      Sadly, this service will be expensive. You can't really trust best buy or geek squad to not just glaze their eyes over at your description, hear only 'virus', and just format the machine and reinstall.
      Now, if she just wants the keylogger gone, this is a good solution. However for gathering evidence, it is disastrous.

      The problem is the poster never mentioned their intentions. The way to go about doing this is VASTLY different depending on if they want to find and prove its there, or just get rid of it.
  7. No luck by Peter+H.S. · · Score: 2, Insightful

    If booting of a Linux CD isn't an option because it is perceived as "too technical" no other tool can help (even booting from a clean media wouldn't help against physical keyloggers or sniffers).
    A small Asus EEE PC with a encrypted SSD, grub/bios password and hidden away may allow the person to communicate in secret with some measurement of security against non-technical opponents with limited resources, if the person is able to use some kind of SSL proxy so that the data can't be sniffed easily. Tempest attacks or even simple hidden cameras may spoil even that.

    So, get a divorce instead.

    --
    Regards

  8. Simple by Bill,+Shooter+of+Bul · · Score: 5, Funny

    Just install a key logger of your own. Then you'll be able to see any access he's been making, including any to the keylogger he has installed.

    From my own experience, Tin foil hats are good, but access to the government computers to make sure they aren't after you is more comforting to me.

    Note to federal agents: I have not gained access to your computers. And you might want to change your desktop wallpaper, scantily clad women on a work computer is just begging for a lawsuit.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  9. Impossible by Just+Some+Guy · · Score: 2, Insightful

    There's no way to be 100% certain that nothing's being logged. Possible data gathering points:

    • Software logger in the OS
    • Rootkit
    • Keyboard plugged into a hardware logger
    • Keyboard contains a hardware logger
    • Computer case contains a hardware logger
    • Linksys router is actually running Linux, using tcpdump to log outbound packets or forward them to another computer

    No, there is no software you can run that will tell you if you're being monitored, by virtue of the fact that such software is impossible.

    Have her get a cheap laptop - maybe an Eee PC - and configure OpenVPN to a friendly router. You're a geek, right? If you're serious about her privacy, make it happen.

    --
    Dewey, what part of this looks like authorities should be involved?
    1. Re:Impossible by caitriona81 · · Score: 4, Informative
      More possible data gathering points:
      • Previously compromised accounts (email/chat/google web history)
      • Email forwarding settings (yes this is overt, but how many users actually look at their forwarding rules)
      • Recoverable "deleted" files on disk
      • Browser plugins
      • Saved passwords - even if they are "encrypted" any encryption that allows the application to read the password lets someone else do so as well.
      Solutions to these additional threats:
      • Every time a compromise is suspected, change all passwords from a secure computer immediately.
      • Check forwarding rules, particularly to web-based email services.
      • Always use SSL/TLS encryption whenever they are available. Learn not to give passwords over unencrypted channels - this won't help you against a keylogger, but it will help you against sniffing.
      • Be aware that "deleting" files doesn't really delete them unless you use specialized tools
      Further protection against keyloggers.
      • Reformat.
      • Make your computer as tamper-evident as possible. Buy a UPS so that if the computer reboots, there will be a reason for it. Keep the computer turned on. Secure all accounts on the computer with a password. If it's Windows, encrypt the SAM database with a password that you have to enter at bootup. Remove your own administrator rights, and have a separate administrator account that you only use to install software. Use a BIOS password. Disable booting from anything other than the hard drive. Install physical locks on the case to prevent it from being opened. Epoxy over the screws on the keyboard (after you've bought a new one).
      • Use an alternative web browser.
      • Be careful about opening links and attachments in email. Learn about phishing, particularly the type of targeted phishing that can be attempted by someone with intimate knowledge of their target. (Don't trust the return address on mails in particular - many of the keyloggers out there get on via a trojan horse that you have to be tricked into running)
      • If any evidence of tampering is found, start over.
      • Learn about computer security. http://www.cert.org/homeusers/ is one of the best starting places for non-technical users. Even if you don't understand it all, you have a starting place to ask questions.
      • Remember, trust is the enemy of security. Look for it. Understand how it makes you vulnerable, and decide if the risks are acceptable or not. This mindset extends all the way from the bare metal up to the human being at the keyboard. You have to start to think that way to really be able to keep a computer secure.
  10. Ugh, didn't anyone read Cryptonomicon? by rwa2 · · Score: 2, Insightful

    C'mon, this is Slashdot.

    Obviously you just modify your space bar and numlock LED drivers to perform all I/O in morse code.

    Then you type in and display bunch of misleading information to entrap the eavesdropper into doing something silly / stupid / illegal and nab 'em on it.

    As far as still being able to check your email and bank accounts and stuff without compromising your passwords, just set up some kind of password vault that uses biometric authentication or something so you never have to type in your actual login / password on the untrusted machine. You'd have to do the setup for the private key and all on a trusted system of course.

  11. Is the spouse out of the house? by Cruciform · · Score: 3, Interesting

    Most people are assuming that the spouse resides in the same residence. If the spouse is already out of the house due to separation, and is possibly using spyware/hardware to collect information for blackmail or court, then there is the option of having someone over to purge the system and visually inspect it.
    Any networking hardware like routers that could be compromised would need to be replaced or reflashed. Since she doesn't have the capability of dealing with a boot CD, her only option is third party intervention or going to the library to use their computers.
    We're missing too much info...
    How tech savvy is the spouse? Does he still live there? What kind of network setup is being used? etc. etc.

  12. A friend.... by wbren · · Score: 3, Insightful

    A friend asked me about...
    A friend... riiiiiight....
    --
    -William Brendel
  13. So Let's Summarize... by florescent_beige · · Score: 2, Insightful

    Comes to /. for technical advice: good!

    Gets from /. relationship advice: o noes!!!!

    --
    Equine Mammals Are Considerably Smaller
  14. Why do... by geekboy642 · · Score: 3, Funny

    Why do these moronic ask slashdot questions always rule out the one useful answer in the very question?

    "A Linux live CD is not an option". Bullshit. You windows-swilling pansy, grow some balls and try Linux. It won't kill you, it won't make you gay, and it won't rape your dog. Are you terrified of being free from >99% of viruses/trojans/spyware/adware/rootkits? Is there some kind of Stockholm syndrome going on here? You LIKE it when windows beats you, don't you? You hide the bruises, that's why you always wear those sweaters.

    You sick, twisted fuck.

    --
    Just another "DOJ fascist authoritarian totalitarian bootlicker" -- Zeio
  15. detecting malware .. by rs232 · · Score: 2, Informative

    Under Windows, there is no sure way of detecting malware once it's already installed, as it takes steps to hide itself.

    The only sure way is a clean install or re-imaging from a hidden partition at boot. Something that would be a pain to set up and probably wouldn't even work with the current incarnation of Windows.

    Your bet bet is to get your friend to install these Sysinternals ">utilitys and see if they can detect the keylogger by its activity. Monitoring activity at the firewall is also a good place to detect suspicious activity.

    What is it about Windows that your friend absolutly needs to use. Are there alternatives out there.

    If you absolutly can't survive without Microsoft applications then why not use a version of Linux that comes with CrossOver, this allows Windows applications to run natively on Linux, without the the same level of malware threat. Eg, by clicking on an URL or opening an email attachment.

    --
    davecb5620@gmail.com
  16. use a computer outside the home by pbhj · · Score: 2, Insightful

    If the problem is being spied on by their spouse then using a computer outside the home sounds the best option.

    I did a website for a women's aid group ("WA"), they wanted information about how to keep it hidden from an abusive partner that the women were in touch with WA. I did a review of what the national centers gave as advice, including details of removing history files and such. In the end I settled for the only method being to use a public computer (eg at a library).

    Someone else can spy on you for sure, but unless your partner works at the City IT center or for the library (or wherever) then it's not going to be your partner spying on you.

    If you _need_ to get out the house and contact someone and your being abused and can't - please call directory enquiries and contact your local Womens' Aid organisation. They can advise you, give you temporary accommodation in a safehouse, help you talk to the police, help you seek mediation; basically empower you to take back control of your situation.

  17. Here are some good ones.... by Skylinux · · Score: 4, Informative

    Since most of the posts are not answering your question at all, here are some programs which can help.

    I have been fixing Windows computers for over 10 years and can suggest the following programs from personal experience. There is no guarantee that they will find all keyloggers but they will detect the progs you find by using google.

    1) Spybot Search & Destroy (free) http://www.safer-networking.org/
        This is a spyware checker, cleaner. It will also find keyloggers and screen capturing software
    2) Antivir (free for personal use) http://www.free-av.com/
        This is an Antivirus / malware program which I have found to kick the shit out of Norton Antivirus (Personal + Corporate) and McAfee.
    3) Norton Antivirus 2008 (not free)
        This is another antivirus program, it is not as good as Antivir but it may contain different malware signatures then Antivir.
    4) Adaware (free) http://www.lavasoftusa.com/
        Like Spybot but less strict, I don't use it anymore but you should run it anyway.
    5) Windows Defender (free) http://www.microsoft.com/athome/security/spyware/software/default.mspx
        This one is made (purchased) by Microsoft and is actually quite good, I can highly recommend it to remove crap from a computer. This one is free and includes an "active shield"

    If you run suggestions 1,2,4 and 5 above you can assume that your computer is clean. To be sure format and reload.

    As for the rest, follow the advice above and end the relationship....

    --
    Everyone who buys Wild Hunt will receive 16 specially prepared DLCs absolutely for free, regardless of platform.
  18. Re:Forget that... by budword · · Score: 2, Insightful

    Or she wants to IM or Email her lover without him finding out, and her "friend" wants our help to make sure she doesn't get caught. Why do you think the "spouse" would want to spy ? Oh I know, he's just fucking crazy. Hey, lets ask slashdot how we can get away with this. Good plan. Evidently said spouse doesn't read /.

  19. Re:Anti-Keylogger Home Trial by geminidomino · · Score: 2, Insightful

    Supposedly this program ignores the question of are keyloggers present : it just encodes signals from the keyboard and reconstructs them downstream. How would that work? If the keylogger is hooked into the kernel, QFX would have to be as well, probably using the same hooks(essentially, being a keylogger that encodes it's log, then decodes it and re-feeds it into the kernel.

    Might be a way to defeat keylogging if it was implemented in hardware, but in software, I'm dubious.
  20. Re:Cheaters must be monitored. by Khaed · · Score: 2, Informative

    This doesn't really conflict with what I said.

    "If you have to monitor someone, you don't trust them."

    And staying stuck in that relationship isn't healthy. Even the Catholic church allows for divorce in the case of adultery.