Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-Keylogging Recommendations?

Posted by timothy on from the start-thinking-lawyer dept.

BeeazleBub writes "A friend asked me about the best programs to detect and remove spyware/logging/monitoring software that might have been placed on her computer by a spouse. Since there are a plethora of good and bad programs out there, I thought I would ask the slashdot crew for their recommendations. What is simple, reliable and most effective? I'm sure some of you have had the same question or circumstance. (No, booting from a Linux CD is not an option for this user)."

14 of 179 comments (clear)

  1. Most Worthless Ask Slashdot Ever. by inTheLoo · · Score: 5, Insightful

    It's a domestic dispute that no one wants to get into. The obvious solution, to own your computer with free software, is not an option. All that's left is to delve into the cesspool of Winblows "solutions" and other inappropriate technical answers to an environment of broken trust.

    --
    No calls now, I'm ...
    1. Re:Most Worthless Ask Slashdot Ever. by Simon+(S2) · · Score: 4, Insightful

      I agree. There is no solution. There are hardware keyloggers, software keyloggers, the spouse could log all traffic to/from the machine or take a screenshot every now and then. There is no solution to this. Trust your spouse or grap your computer and lock it somewhere only you have the key to.

      --
      I just don't trust anything that bleeds for five days and doesn't die.
    2. Re:Most Worthless Ask Slashdot Ever. by powerlord · · Score: 4, Interesting

      Trust your spouse or grap your computer and lock it somewhere only you have the key to.


      Too true.

      Nowadays, if you need a "trusted" computer, think about getting a Mac Airbook that you can slip into a folder in a filing cabinet when not in use, or keep with you all the time.

      Using a laptop raises the hurdle for installing a hardware keylogger (they're usually just dongles that sit between the keyboard and the computer), and using OS X should raise the bar a bit to install malware (not that it doesn't exist, it just might be more difficult to find, and navigating in OS X will be more challenging for a user not use to it).

      Using a small footprint laptop (like the Air), means you can hide it "in plain site", or in a place you can ensure physical control over (although personal control trumps al others for security).

      Realize that unless you're using encrypted protocols to browse web sites or send/receive email, your traffic could still be intercepted on the network, but that again requires a more sophisticated user than the average "Spouse who installed a keylogger".
      --
      This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
    3. Re:Most Worthless Ask Slashdot Ever. by NewbieProgrammerMan · · Score: 5, Insightful

      Oh, there's a solution: the friend needs to uninstall their spouse.

      Honestly, if you're at the point in a relationship where you're spying on each other, it's time to just throw in the towel and find a partner you can trust.

      --
      [b.belong('us') for b in bases if b.owner() == 'you']
    4. Re:Most Worthless Ask Slashdot Ever. by plover · · Score: 5, Insightful

      Marriage is "til death do you part", not "until we aren't happy anymore."

      Sorry, gotta call utter bullshit on this one.

      Seriously, if you are in an abusive relationship, LEAVE. Leave before it gets worse, leave before it injures or kills you.

      A psychologically abusive relationship is just as bad as a physically abusive one -- perhaps worse, because the victim is led to believe a pack of lies that keeps them from leaving.

      There is no reason to stay married in this situation. If you're worried about the whole "till death do us part" thing, consider that the abuser broke the vows first by failing to love and honor.

      --
      John
    5. Re:Most Worthless Ask Slashdot Ever. by NewbieProgrammerMan · · Score: 4, Insightful

      If you're worried about the whole "till death do us part" thing, consider that the abuser broke the vows first by failing to love and honor. What an excellent point. That I haven't seen it stated so clearly until now probably says something unfortunate about the amount of slack given to abusers.
      --
      [b.belong('us') for b in bases if b.owner() == 'you']
  2. I'll bet there's a good back story by astrashe · · Score: 5, Insightful

    I'll bet there's a really interesting story behind this.

    Here's the answer. She's trying to solve a human problem with a technical solution. It won't work. If she has to use a suspect windows computer, there's no software that will guarantee it's clean. It can't be done.

    And if you can't trust the person you're married to, your main problems in life aren't computer problems.

    1. Re:I'll bet there's a good back story by MBCook · · Score: 4, Insightful

      I agree. My first thought was "don't get involved."

      Even if you think the husband is a spouse-abusing homicidal maniac, don't do this. If there is evidence, turn him into the police. Otherwise stay out.

      She can google it. She can take it somewhere (like Best Buy, Circuit City, etc). I know their terrible, but hey. If they work things out, you are the guy who tried to help her get out of the marriage. That won't ender you to him. If things go farther, how do you think you'll be treated if there was a key-logger and your solution didn't work? If there is no key-logger and she is just reaching and scared and overwhelmed, then playing into that could make things worse (in the harder for them to get together and fix their marriage if possible sense).

      She can use another computer, reinstall Windows, whatever. Don't get in the middle of someone else's fight (unless it is to save their life or some such, in which case, again, call the police). I seriously doubt doing this will make your life easier in any way.

      Tell her to go to a private eye. Talk to a (better) divorce attorney. But tell her you don't want to get involved in this.

      --
      Comment forecast: Bits of genius surrounded by a sea of mediocrity.
  3. Divorce. by The+Warlock · · Score: 4, Insightful

    Only solution. Either the wife is spying on the guy, in which case she doesn't trust him, or the guy is baselessly convinced that his wife is spying on him, in which case he doesn't trust her. Either way, this relationship is doomed.

    --
    I've upped my standards, so up yours.
  4. Format disk by coldfarnorth · · Score: 4, Informative

    Format, Reinstall. That wipes software. Splurge and buy a new keyboard if you don't trust it. Do a quick look for suspicious looking hardware. That should handle the worst. Ah, and change the locks to the house. No point going to all the trouble is the Ex-Spouse has access to the machine.

    --
    Lets start refering to The War Against Terror by it's initials. . .
  5. Simple by Bill,+Shooter+of+Bul · · Score: 5, Funny

    Just install a key logger of your own. Then you'll be able to see any access he's been making, including any to the keylogger he has installed.

    From my own experience, Tin foil hats are good, but access to the government computers to make sure they aren't after you is more comforting to me.

    Note to federal agents: I have not gained access to your computers. And you might want to change your desktop wallpaper, scantily clad women on a work computer is just begging for a lawsuit.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  6. Re:Impossible by caitriona81 · · Score: 4, Informative
    More possible data gathering points:
    • Previously compromised accounts (email/chat/google web history)
    • Email forwarding settings (yes this is overt, but how many users actually look at their forwarding rules)
    • Recoverable "deleted" files on disk
    • Browser plugins
    • Saved passwords - even if they are "encrypted" any encryption that allows the application to read the password lets someone else do so as well.
    Solutions to these additional threats:
    • Every time a compromise is suspected, change all passwords from a secure computer immediately.
    • Check forwarding rules, particularly to web-based email services.
    • Always use SSL/TLS encryption whenever they are available. Learn not to give passwords over unencrypted channels - this won't help you against a keylogger, but it will help you against sniffing.
    • Be aware that "deleting" files doesn't really delete them unless you use specialized tools
    Further protection against keyloggers.
    • Reformat.
    • Make your computer as tamper-evident as possible. Buy a UPS so that if the computer reboots, there will be a reason for it. Keep the computer turned on. Secure all accounts on the computer with a password. If it's Windows, encrypt the SAM database with a password that you have to enter at bootup. Remove your own administrator rights, and have a separate administrator account that you only use to install software. Use a BIOS password. Disable booting from anything other than the hard drive. Install physical locks on the case to prevent it from being opened. Epoxy over the screws on the keyboard (after you've bought a new one).
    • Use an alternative web browser.
    • Be careful about opening links and attachments in email. Learn about phishing, particularly the type of targeted phishing that can be attempted by someone with intimate knowledge of their target. (Don't trust the return address on mails in particular - many of the keyloggers out there get on via a trojan horse that you have to be tricked into running)
    • If any evidence of tampering is found, start over.
    • Learn about computer security. http://www.cert.org/homeusers/ is one of the best starting places for non-technical users. Even if you don't understand it all, you have a starting place to ask questions.
    • Remember, trust is the enemy of security. Look for it. Understand how it makes you vulnerable, and decide if the risks are acceptable or not. This mindset extends all the way from the bare metal up to the human being at the keyboard. You have to start to think that way to really be able to keep a computer secure.
  7. Re:Divorce by PachmanP · · Score: 4, Insightful

    Divorce is messy and you lose half your stuff. Further more some take the "til death" vows seriously. This leaves open the superior option, Murder.

    --
    You're thinking small. Why miniaturize the laser, when we could instead enlarge the sharks? -John Searle
  8. Here are some good ones.... by Skylinux · · Score: 4, Informative

    Since most of the posts are not answering your question at all, here are some programs which can help.

    I have been fixing Windows computers for over 10 years and can suggest the following programs from personal experience. There is no guarantee that they will find all keyloggers but they will detect the progs you find by using google.

    1) Spybot Search & Destroy (free) http://www.safer-networking.org/
        This is a spyware checker, cleaner. It will also find keyloggers and screen capturing software
    2) Antivir (free for personal use) http://www.free-av.com/
        This is an Antivirus / malware program which I have found to kick the shit out of Norton Antivirus (Personal + Corporate) and McAfee.
    3) Norton Antivirus 2008 (not free)
        This is another antivirus program, it is not as good as Antivir but it may contain different malware signatures then Antivir.
    4) Adaware (free) http://www.lavasoftusa.com/
        Like Spybot but less strict, I don't use it anymore but you should run it anyway.
    5) Windows Defender (free) http://www.microsoft.com/athome/security/spyware/software/default.mspx
        This one is made (purchased) by Microsoft and is actually quite good, I can highly recommend it to remove crap from a computer. This one is free and includes an "active shield"

    If you run suggestions 1,2,4 and 5 above you can assume that your computer is clean. To be sure format and reload.

    As for the rest, follow the advice above and end the relationship....

    --
    Everyone who buys Wild Hunt will receive 16 specially prepared DLCs absolutely for free, regardless of platform.