Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Most common keystroke loggers?

From: David Harker <david.harker () oneiria co uk>
Date: Thu, 01 Dec 2005 17:51:53 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It may be easier and safer to require the user to follow onscreen
instructions for character substitution into their password than attempt
to defeat many individual bits of software. Since it's online, a munged
dynamic image could be used to supply the instructions quite easily...
just a thought.

D

Shannon Johnston wrote:

Hi All,
I'm looking for input on what you all believe the most common keystroke
loggers are. I've been challenged to write an authentication method (for
a web site) that can be secure while using a compromised system.

Thanks,
Shannon
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDjzg5v9m3+Z4yoCYRAk5IAJ9jBdNNzoQHcv9SZyUAz4GepY4qqQCfTjGx
Z2FsjbgSsaXirw2sCj9Nd1c=
=PjH9
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: