Security Basics mailing list archives
Re: centrally monitored "keylogger"
From: "Greg" <pchandyman () ozemail com au>
Date: Sat, 16 Oct 2004 14:13:05 +1000
----- Original Message ----- From: "Jason Coombs" <jasonc () science org> To: "Andrew Shore" <andrew.shore () holistecs com> Cc: "Jantz, EJ" <EJantz () bswintl com>; <security-basics () securityfocus com> Sent: Friday, October 15, 2004 9:25 AM Subject: Re: centrally monitored "keylogger"
Just because we can, morally and ethically, should we.Yes, we should. The can of worms is already open. Computer evidence is allowed in court, and the only way to prove a negative with respect to computer evidence is to have a positive log of everything that was done with the computer and every change that was made to data with the knowledge and consent of the computer owner.
Just one interjection by me, here. I can prove that a person did something on my machine on Sept 1st 2010 or Sept 1st 1990 simply by changing the date. I can also testify that there are people who can do so much MORE than I can that I could be left thinking I am safe when I am not. Having proven the above and then done that testifying, I would have thought that would introduce enough reasonable doubt to make any computer proof seem untrustworthy. Let's face it, a heck of a lot of supposed "security people" didn't know half the stuff existed in XP when it came out that they know now yet it was there. So, why isn't there some problem no-one but the hacker who found it knows about as yet? I am no hacker but even I, back in 1983 in order to get work done faster, was changing routines on a mainframe so I could benefit from it via a simple method that no-one could pin down even though they were reasonably sure I was doing it (as a user, back then). If my simple urge to get my work done faster could lead me to that, imagine what the urge to hack in people who REALLY know what they are doing WELL could do. The only proven method to stop a hacker I know about so far is "pull the plug" because I have BEEN on another security list where two individuals were arguing and one proved his point on every machine ON that list. My simple rule of thumb is that whatever you want to find out on a computer probably can be found out. If someone thinks something is impossible in that area, then it is more than likely just because the person doesn't know enough. You have all heard of the user with a little knowledge who becomes an annoyance to him/herself. Well, a would-be security person having a little knowledge is about the same and let's face it, if you are here, you are likely still learning. Greg.
Current thread:
- centrally monitored "keylogger" tito.basa (Oct 12)
- Re: centrally monitored "keylogger" xyberpix (Oct 14)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- RE: centrally monitored "keylogger" David Gillett (Oct 15)
- RE: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" xyberpix (Oct 14)
- <Possible follow-ups>
- RE: centrally monitored "keylogger" Andrew Shore (Oct 13)
- RE: centrally monitored "keylogger" Andrew Shore (Oct 14)
- Re: centrally monitored "keylogger" Jason Coombs (Oct 15)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" Jonathan Loh (Oct 18)
- Re: centrally monitored "keylogger" Greg (Oct 18)
- Re: centrally monitored "keylogger" tito.basa (Oct 15)
- RE: centrally monitored "keylogger" xyberpix (Oct 18)
- Re: centrally monitored "keylogger" Jason Coombs (Oct 15)
- RE: centrally monitored "keylogger" adisegna (Oct 15)
- RE: centrally monitored "keylogger" Sadler, Connie (Oct 15)