Re: Backup encryption key
> its a standard application, but I do understand your point. if you > "insist", you can install the App on a U3 disc format. this way it > will run from the USB without the need to reinstall it. > Then how would you connect to a Linux machine? > as for the app: > - http://www.download3k.com/Install-Family-Key-Logger.html (simple app) > - http://fraggedone.netfirms.com/security.html - search for Keystroke > loggers, many links > - my own favorite few years back was "Subseven". Its a very old tool, > that allow you to create your own trojan and back-door entry. The > application allow for many many options, very flexible and has many > ready-templates. There are many download links available, google it > and try your luck. I strongly advice you to read the manual and close > your FW before you start play with it; other wise both your Anti-virus > and firewall will have a hear-attack.. > Thanks, I will take a look at those. I do no actually need a keylogger, but I want to know what I am up against when I use public computers. Thanks. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
> This one runs in kernel space and plants itself beneath the keyboard > driver, so it can capture everything and is almost undetectable. And Windows will run that as a "portable app", ie, no installation required? A malicious entity can just run that on any public computer and collect info? > There are numerous hardware keyloggers that require only somewhere > to hide behind the pc. > Actually, I am aware of those. For some reason, I do not feel worried about that, but I will start checking for good measure! -- Dotan Cohen http://what-is-what.com http://gibberish.co.il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
> I can write a Windows key logger in about half an hour, and I don't think > you would need admin in order to run it (making it run in other people's > session is another matter). > I see. Coming from the Linux world, I just figured that if it was doable then someone had already made such a tool available. I suppose that Rule #36 is not valid in the Windows ecosystem, where users are expected to pay for everything. Thanks for the info. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
Dotan Cohen wrote: Try this: http://amecisco.com/iks2000.htm It's a limited demo version, but enough to give you an idea. Thanks, Shahar. It seems that this is something that the computer admin must install, not a "portable app" or something similar. So, so long as I trust the admin (for instance, at the Technion's libraries) I should be safe so long as I reboot before using the computer and performing sensitive operations. In other words, some malicious student could not get my logins by exploiting the library computers that I do use. I would only be at risk using internet cafes and such, where I do not trust the admins. I can write a Windows key logger in about half an hour, and I don't think you would need admin in order to run it (making it run in other people's session is another matter). Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
> Try this: > http://amecisco.com/iks2000.htm > It's a limited demo version, but enough to give you an idea. > Thanks, Shahar. It seems that this is something that the computer admin must install, not a "portable app" or something similar. So, so long as I trust the admin (for instance, at the Technion's libraries) I should be safe so long as I reboot before using the computer and performing sensitive operations. In other words, some malicious student could not get my logins by exploiting the library computers that I do use. I would only be at risk using internet cafes and such, where I do not trust the admins. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
On Saturday 25 April 2009, 13:11, Dotan Cohen wrote: > Really? Should I be worried? For that matter, do you have the address > of some keylogging software that I could play with in a virtual > Windows machine? I have googled just now, but I cannot find anything > that doesn't cost money. I will be responsible with it, I promise, but > in any case you might want to send a link or info off-list just in > case. Thanks. > Try this: http://amecisco.com/iks2000.htm It's a limited demo version, but enough to give you an idea. Shahar ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
> Easy, > 1. connect the USB > 2. Run the TrueCrypt (http://www.truecrypt.org/) This is the problematic step. If you came to my computer with your USB key and asked to install a program so that you could use your key, I would not let you. Nor could you use it at a public facility such as a library. > 3. Mount the un-partitioned disk (on the USB) drive. I will be asked > for the password in the mounting process. > [10 seconds, so far] > > Unless the station has something that will copy the disk, while > connected; the password by itself wouldn't help anybody (its a local > disk, not a web application accessed by anybody with my password). > > That said, but since i always worry about key logger and such, I very > much try to avoid using it from a PC/station I do not trust (I know > how easy key-loggers are to deploy ;) > Really? Should I be worried? For that matter, do you have the address of some keylogging software that I could play with in a virtual Windows machine? I have googled just now, but I cannot find anything that doesn't cost money. I will be responsible with it, I promise, but in any case you might want to send a link or info off-list just in case. Thanks. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il