X keyboard sniffing

[grue () engin umich edu (Paul Howell)]

Greetings,

Sorry if I'm late to this subject, but I had a light bulb go off
recently WRT X keyboard sniffing and I was hoping one of you 
might be able to help.

I've known about 'xkey' and the like for several years now, and 
have a pretty good understanding of host vs. user based authentication
as it relates to the X server.

I had believed that X keyboard sniffing was made slightly harder 
by the obscurity of programs like 'xkey'.  

But to my amazement, I found that the standard 'X11/bin' programs
'xwininfo' and 'xev' can be used to sniff keystrokes, assuming that
one can connect to the X server.

All I have to do is 'xwininfo -root -tree -display <host>:<dpy>' and
look for the window id of the window I'm interested in.  Then I just
'xev -id <id>' and I'm watching keystrokes.

I have a pretty clear notion that X isn't secure, and being able
to connect to the X server is a big can of worms, but I never 
realized that standard tools could be used this way.  

"doctor, it hurts when I do that" doctor: "so don't do that"...

So protect the X server...

Maybe don't use X, but that's real convenient.

But is there anything else I can do, short of removing 'xev' that
would make sense?

Even if I remove it, someone else can build one.  So is there anything
I can do?  

Thanks.

Paul Howell
Computer Aided Engineering Network, The University of Michigan
2121 Bonisteel Drive                    voice: (313)936-2486
Ann Arbor, MI 48109-2092                  fax: (313)936-3107