Full Disclosure mailing list archives

Re: Most common keystroke loggers?

From: Lionel Ferette <lionel.ferette () belnet be>
Date: Fri, 2 Dec 2005 08:04:44 +0100

In the wise words of Valdis.Kletnieks () vt edu, on Thursday 01 December 2005 
18:57:
[SNIP]

Using crypto all the way from the web server to a smart-card (so all the
compromised system can see is encrypted data it can't get the key for) can
help yere.

Even then, you would need a card reader with integrated pinpad. Otherwise, the 
keylogger can still sniff the PIN code entry - and then generate any 
signature it wants by accessing the PC/SC layer directly (been there, done 
that).

Lionel

-- 
"To understand how progress failed to make our lives easier,
please press 3"

Lionel Ferette
BELNET CERT Coordinator

Tel: +32 2 7903385                  http://cert.belnet.be/
Fax: +32 2 7903375                  PGP Key Id: 0x5662FD4B

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Most common keystroke loggers?, (continued)
- - Re: Most common keystroke loggers? foofus (Dec 01)
    - Re: Most common keystroke loggers? Mike Jones (Dec 01)
    - Re: Most common keystroke loggers? deepquest (Dec 01)
    - RE: Most common keystroke loggers? Lyal Collins (Dec 01)
    - Re: Most common keystroke loggers? deepquest (Dec 01)
    - Re: Most common keystroke loggers? php0t (Dec 01)
    - Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
    - Re: Most common keystroke loggers? php0t (Dec 01)
    - RE: Most common keystroke loggers? Lyal Collins (Dec 01)
    - Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
  - Re: Most common keystroke loggers? Lionel Ferette (Dec 01)
    - Re: Most common keystroke loggers? Nick FitzGerald (Dec 02)
- Re: Most common keystroke loggers? Blue Boar (Dec 01)
  - Re: Most common keystroke loggers? Dave Korn (Dec 01)
    - Re: Re: Most common keystroke loggers? Thierry Zoller (Dec 01)
    - Re: Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
    - RE: Re: Most common keystroke loggers? Aditya Deshmukh (Dec 01)
  - RE: Most common keystroke loggers? Debasis Mohanty (Dec 01)
  - Re: Most common keystroke loggers? Kyle Lutze (Dec 01)
    - Re: Most common keystroke loggers? Blue Boar (Dec 01)
    - Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)

(Thread continues...)