lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1133544916.49544.32.camel@localhost>
Date: Fri Dec  2 17:35:31 2005
From: frank at knobbe.us (Frank Knobbe)
Subject: Most common keystroke loggers?

On Fri, 2005-12-02 at 10:18 +1100, mz4ph0d@...il.com wrote:
> That would at least stop two of those problems, those being
> basic keylogging, and screenshots of the hotspot on click.

Why wait for a click? The attacker can just record all screen activity
in an AVI file and upload that. No need to wait for clicks.

Other options would be audible passwords, but the attacker could also
records all sound.

There might be optical effects tricks that could be employed that play
on things like the latency of a retina or whatnot. Flash a series of
random numbers on the screen while giving one number a bit longer time.
The pattern might appear to the human eye like that number, while it
*may* defeat screen recordings. (frequency of display changes and
attacker recording screen data would be the same for the attacker to
interpret the visual effect exactly like the user).

At the end of the day, one-time-passwords for login *and* transactions
are probably the only real solution to prevent replay and mitm attacks
(the latter using OTP hashed transactions).

Cheers,
Frank


-- 
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051202/77bc4bbb/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ