lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200403221819.i2MIJtFp001326@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Re: pgp passphrase 

On Sat, 20 Mar 2004 15:33:30 PST, Jim Richardson <warlock@...imo.com>  said:

> >No need, the worm would steal the passphrase while it was running on
> >your host.

> I would be interested to see how it would accomplish that.

Google on some combination of "FBI", "Magic Lantern", and "Scarfo".

Most of the detailed stuff on the Scarfo case is available here:

http://www.epic.org/crypto/scarfo.html

Particularly interesting was one PDF of how the FBI crafted the Scarfi
keystroke logger to make sure it only grabbed signatures and not keystrokes
they weren't authorized to grab:

http://www.epic.org/crypto/scarfo/murch_aff.pdf

Of course, the FBI was trying very hard to Do The Right Thing in this case.
Malware won't be as nice about it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040322/87f29c0a/attachment.bin

Powered by blists - more mailing lists