Blue Boar wrote in news:[EMAIL PROTECTED]
> Shannon Johnston wrote:
>> Hi All,
>> I'm looking for input on what you all believe the most common keystroke
>> loggers are. I've been challenged to write an authentication method (for
>> a web site) that can be secure while using a compromised system.
>
> I don't think that's possible for all compromise situations, given
> today's desktop OS software.
How about one-time passwords? Just go ahead and *let* them keylog it all
they like; by the time they've snarfed a pw, it's no use any more. (See
S/Key for more details.)
cheers,
DaveK
--
Can't think of a witty .sigline today....
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
