Security Basics mailing list archives
Re: centrally monitored "keylogger"
From: Jonathan Loh <kj6loh () yahoo com>
Date: Fri, 15 Oct 2004 18:35:25 -0700 (PDT)
You're scaring us. Can you say 1984, or Brave new world? --- Jason Coombs <jasonc () science org> wrote:
> Just because we can, morally and ethically, should we. Yes, we should. The can of worms is already open. Computer evidence is allowed in court, and the only way to prove a negative with respect to computer evidence is to have a positive log of everything that was done with the computer and every change that was made to data with the knowledge and consent of the computer owner. Who the computer operator is at the time a key is pressed is something that keyloggers won't necessarily help determine, and even two factor authentication doesn't help with this if anyone can sit down at a box and operate it after authentication has occurred. Big problems. Real problems. Full forensic logging of everything is the only solution. Video surveillance of the computer at all times helps answer the question "who was the operator while these keys were pressed?". Also, keystrokes are not enough -- we must log all mouse movements/clicks and everything that passes through the keyboard input buffer (because software can write to this buffer, too, it isn't restricted to keyboard input only). Or we can get rid of computers. Your pick. Regards, Jason Coombs jasonc () science org Andrew Shore wrote:I agree that as a sys admin ensuring that systems are secure should be ahigh priority.However, I feel that monitoring every key stoke goes beyond the pale. Just because we can, morally and ethically, should we....
_______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
Current thread:
- centrally monitored "keylogger" tito.basa (Oct 12)
- Re: centrally monitored "keylogger" xyberpix (Oct 14)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- RE: centrally monitored "keylogger" David Gillett (Oct 15)
- RE: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" xyberpix (Oct 14)
- <Possible follow-ups>
- RE: centrally monitored "keylogger" Andrew Shore (Oct 13)
- RE: centrally monitored "keylogger" Andrew Shore (Oct 14)
- Re: centrally monitored "keylogger" Jason Coombs (Oct 15)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" Jonathan Loh (Oct 18)
- Re: centrally monitored "keylogger" Greg (Oct 18)
- Re: centrally monitored "keylogger" tito.basa (Oct 15)
- RE: centrally monitored "keylogger" xyberpix (Oct 18)
- Re: centrally monitored "keylogger" Jason Coombs (Oct 15)
- RE: centrally monitored "keylogger" adisegna (Oct 15)
- RE: centrally monitored "keylogger" Sadler, Connie (Oct 15)