Full Disclosure mailing list archives
Re: Most common keystroke loggers?
From: foofus () foofus net
Date: Thu, 1 Dec 2005 11:55:36 -0600
On Thu, Dec 01, 2005 at 10:24:50AM -0700, Shannon Johnston wrote:
I'm looking for input on what you all believe the most common keystroke loggers are. I've been challenged to write an authentication method (for a web site) that can be secure while using a compromised system.
I can think of authentication methods that work (i.e., provide acceptably reliable assurance that the user is who he/she claims to be, without giving an eavesdropper the means to impersonate the user in future authentication transactions) under these conditions. I can't think of a way of providing any assurance that actions taken in the user's name are authentic representations of the user's intentions (i.e., a way of ensuring that requests made on the user's behalf are legitimate) if the user's system is compromised. Is that part of the challenge? --Foofus. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Most common keystroke loggers? Shannon Johnston (Dec 01)
- Re: Most common keystroke loggers? foofus (Dec 01)
- Re: Most common keystroke loggers? Very Unprivate Software (Dec 01)
- Re: Most common keystroke loggers? Mike Jones (Dec 01)
- Re: Most common keystroke loggers? Valdis . Kletnieks (Dec 01)
- Re: Most common keystroke loggers? foofus (Dec 01)
- Re: Most common keystroke loggers? Mike Jones (Dec 01)
- Re: Most common keystroke loggers? deepquest (Dec 01)
- RE: Most common keystroke loggers? Lyal Collins (Dec 01)
- Re: Most common keystroke loggers? deepquest (Dec 01)
- Re: Most common keystroke loggers? php0t (Dec 01)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- Re: Most common keystroke loggers? foofus (Dec 01)