> How about this for instance? I am a net banking user. > I login to my bank > a/c from my non-superuser a/c. Malware, say a > keylogger, running on my > system can cause some damage - perhaps not to the > 'system' the way you > meant. But a compromised bank a/c is more damaging to > me than say, a > formatted hard disk. ;) > > So, it is not necessarily pointless.
A keylogger is a hardware device which is required to be installed either into a USB or a PS/2 port. In the security field, we call this "going physical". A software "keylogger" is theoretically possible, but it would require messing with DTrace to hide the process running - a nontrivial task even for the elite few. The paper is available on the 'Net, if you're curious. Also, to execute this software keylogger, it would still have to go through normal mechanisms to automatically start every time you log in - .profile, .login or .cshrc, places where such things are very easily spottable. In other words, the attack would work only once, if ever, and after that it would be useless because you could easily find it, disable it, and remove it. Executables on UNIX must be explicitly set with `chmod +x` - you don't get to execute a binary executable directly from an application, at least not in the Mozilla that comes with Solaris. Finally, the sneaky way would perhaps be to perform some clever OpenOffice.org / StarOffice scripting attack, but that would only work for the infected document, rendering the attack useless after the first time. And installing the keylogger to start up at login via an OOo / SO macro would also be easily spottable. Pointless. This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
