LD SoftwareBespoke Software, Web Design, Security Consultants and Host Services.

Menu

Sentinel
You have been warned!
We have caught 5848 shameful hackers.

NukeSentinel(tm)

Paypal Referral
Sign up for PayPal and start accepting credit card payments instantly.

Link Exchange
Join our free link exchange

Click Here
 
Keystroke logging

Online Advertising

Keystroke logging

Magic Lantern

From Wikipedia the free encyclopedia, by MultiMedia

Home | Up | Next


Keystroke logging (often called keylogging) is a diagnostic used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the internet and can be used by anyone for the same purposes.

Keystroke logging can be achieved by both hardware and software means. Commercially available systems include devices which are attached to the keyboard cable (and thus are instantly installable, but visible if the user makes a thorough inspection) and also devices which can be installed in keyboards (and are thus invisible, but require some basic knowledge of soldering to install). Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus or worm. It is also said that using an onscreen keyboard is a way to combat these, as it only requires clicks of the mouse. That is, however, false information, because a keyboard event message must be sent to the external target program to type text. Every software keylogger can log the text typed with an onscreen keyboard.

What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A Trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.

Young and Yung devised several methods for solving this problem and presented them in their 1997 IEEE Security & Privacy paper [YY97] (their paper from '96 touches on it as well). They presented a deniable password snatching attack in which the keystroke logging Trojan is installed using a virus (or worm). An attacker that is caught with the virus or worm can claim to be a victim. The cryptotrojan asymmetrically encrypts the pilfered login/password pairs using the public key of the Trojan author and covertly broadcasts the resulting ciphertext. They mentioned that the ciphertext can be steganographically encoded and posted to a public bulletin board (e.g., Usenet). They also mentioned having the cryptotrojan unconditionally write the asymmetric ciphertexts to the last few unused sectors of every writable disk that is inserted into the machine. The sectors remain marked as "unused". Nowadays this can done using a USB token. So, the Trojan author may be one of dozens or even thousands of people that are given the stolen information. Only the Trojan author can decrypt the ciphertext because only the author knows the needed private decryption key. This attack is from the field known as Cryptovirology.

The FBI used a keystroke logger to obtain the PGP pass phrase of Nicodemo Scarfo, Jr.. He plead guilty to running an illegal gambling operation in 2002. ("Mobster's son pleads guilty of gambling; computer spying helped seal case" Asssociated Press, 1 Mar 2002) The FBI has also reportedly developed a trojan-horse-delivered keylogger program known as Magic Lantern.

References

[YY97] A. Young, M. Yung, "Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage," IEEE Symposium on Security & Privacy, pages 224-235, May 4-7, 1997.

See also

External links


Home | Up | Keystroke logging | AntiVirus Gold | Bonzi Buddy | C2.LOP | CoolWebSearch | HuntBar | Internet Optimizer | PSGuard | SpyAxe | SpyTrooper | WorldAntiSpy | XXXDial | Zango Messenger | Phone Home | Claria Corporation | Cydoor | New.net

Online Advertising, made by MultiMedia | Free content and software

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

 
You can syndicate our News with backend.php And our Forums with rss.php
You can also access our feeds via Feedburner Site News and LD Software Forums
© 2009 ld-software.co.uk All Rights Reserved.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.33 Seconds