Full Disclosure mailing list archives
Re: Most common keystroke loggers?
From: <mz4ph0d () gmail com>
Date: Fri, 2 Dec 2005 12:39:56 +1100
Nick Fitzgerald wrote: You are deeply confused if you think "is totally trivial and hasn't been attacked _yet_" is in any meaningful way "more secure" than "is equally trivial and has already been broken". And if that was what I was talking about, fair enough, but seeing as I'm not ... all I was suggesting was something to help with the situation where what was being employed was a compromise that had a) a keystroke logger, and b) click hotspot screenshot mechanism. It obviously (and though you did seem to have read the entire post, thanks for that, you missed that I was at least implying exactly this) doesn't help at all if you are dealing with a more complex problem than that. I probably didn't make that clear as I pretty much thought that was a given. Some said "an onscreen random keypad" and others replied "10 x 10px hotspot screenshots", so that's the exact problem I looked at one possible way of addressing that particular and limited problem. At no time did I suggest that it helped with other problems that may be present, or made the solution somehow now magically secure. I also don't see how having a button change to be blank after mousing over it effects people with fine motor skills. The whole keyboard yes, a single button, no. Seriously visually impaired people will have problems with *any* kind of online keypad that is trying to obfuscate what the buttons do apart from what they look like (because you would be removing the tags used by the browser for accessibility purposes anyway). There is NO solution that will fully protect any login system against a compromised machine if that machine is being monitored and the compromise in place is being dynamically updated to suit the needs of the attacker. That is also a given. It may on the other hand help if you are dealing with a machine that has a piece of malware on it that installed a keystroke logger that is capable of hotspot screenshots and is not dynamically updating. It also may make the output from the machine uninteresting enough to the attacker to not bother trying to further compromise the machine in question to install things to do the more complex forms of attack that you are talking about. (Note, I didn't feel the need to once insult you or "strong arm" you into being quiet. You are obviously an extremely intelligent and knowledgeable guy, with a lot of experience in this area, why the need for the attitude?) Z. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Most common keystroke loggers?, (continued)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 02)
- Re: Most common keystroke loggers? Blue Boar (Dec 01)
- Re: Most common keystroke loggers? Dave Korn (Dec 01)
- Re: Re: Most common keystroke loggers? Thierry Zoller (Dec 01)
- Re: Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- RE: Re: Most common keystroke loggers? Aditya Deshmukh (Dec 01)
- RE: Most common keystroke loggers? Debasis Mohanty (Dec 01)
- Re: Most common keystroke loggers? Kyle Lutze (Dec 01)
- Re: Most common keystroke loggers? Blue Boar (Dec 01)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- Re: Most common keystroke loggers? mz4ph0d (Dec 01)
- Re: Most common keystroke loggers? mz4ph0d (Dec 01)
- Re: Most common keystroke loggers? Dave Korn (Dec 01)
- RE: [inbox] Re: Most common keystroke loggers? Exibar (Dec 01)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- Re: Most common keystroke loggers? Michael Holstein (Dec 01)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- Re: Most common keystroke loggers? Gustavo (Dec 01)