Interesting People mailing list archives
IP: KeyGhost
From: Dave Farber <farber () cis upenn edu>
Date: Mon, 19 Jun 2000 05:54:12 -0400
Subject: fyi: KeyGhost To: Dave Farber <farber () cis upenn edu> From: Jeff.Hodges () stanford edu Date: Mon, 19 Jun 2000 00:42:21 -0700 For IP.. ------- Forwarded Messages Date: Sun, 18 Jun 2000 12:53:17 -0700 From: Steve Reid <sreid () sea-to-sky net> To: cryptography () c2 net Subject: KeyGhost We all know hardware keyboard loggers are possible. Now there is a commercial product called KeyGhost: http://www.keyghost.com/ Here is an independant review: http://www.dansdata.com/keyghost.htm Several forms are available or planned, each capable of storing 97k or 500k (Pro version) of keystrokes: - - Keyboard cable extension with a bump in the wire. - - PS2-to-AT / AT-to-PS2 adapter or cable extender with no visible bump in the wire. The hardware is concealed within the connecter. - - Regular computer keyboard or Microsoft Natural keyboard with the hardware concealed within the keyboard case. 500k is a lot of keystrokes. Forward-secret protocols won't help you if the plaintexts of all your communications are recorded by one of these. ------- Message 2 Date: Sun, 18 Jun 2000 21:57:06 -0400 From: Dave Emery <die () die com> To: Steve Reid <sreid () sea-to-sky net> Cc: cryptography () c2 net Subject: Re: KeyGhost On Sun, Jun 18, 2000 at 12:53:17PM -0700, Steve Reid wrote:We all know hardware keyboard loggers are possible. Now there is a commercial product called KeyGhost: http://www.keyghost.com/ ... 500k is a lot of keystrokes. Forward-secret protocols won't help you if the plaintexts of all your communications are recorded by one of these.One hopes that the US Customs Service and the other federal agencies involved in enforcing Title III of the Omnibus Safe Streets and Crime Control Act of 1968 (18 USC 2518) covering devices "primarily useful for the serreptitious interception of wire, oral or electronic communications" (which was originally aimed at bugs and similar listening devices) learns of these things and bans them from sale to the public as the same kind of electronic contraband that similar gismos that fit into telephones replacing the normal microphone or speaker with a lookalike version that transmits the conversations to a remote receiver. In fact, compared to some of the rather innocent things they have recently put on the Title III banned list, this thing seems like a slam dunk for federal control - especially the version that looks just like a AT to PS2 adapter or has the thing built into an otherwise ordinary looking and behaving keyboard. I might immediately hasten to add, that as an EE familiar with this sort of technology (in a casual way), it should both be possible to make a version that is signficantly smaller (the actual chips are tiny - its just the packages that are large and directly mounting the required chips on a substrate and bonding them out directly to the circuit is an old technology that is well proven and very practical for something like this), and also to make versions that contain burst radio transmitters that dump the keystroke memory in a brief wideband burst of digital information in response to an interrogation by an eavesdropper with a transmitter or perhaps every so often when the PC is turned on, or when it boots or something similar. Such infrequent transmissions would be much harder for a TSCM electronic countermeasures sweep to find than something that radiated continuously. - -- Dave Emery N1PRE, die () die com DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 ------- End of Forwarded Messages
Current thread:
- IP: KeyGhost Dave Farber (Jun 19)