lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000401c5f79e$0e90ef00$c864a8c0@dopehead>
Date: Sat Dec  3 00:11:05 2005
From: jan at boyakasha.dk (Jan Nielsen)
Subject: Most common keystroke loggers?



-----Original Message-----
From: boyakash@...goodydomains.com [mailto:boyakash@...goodydomains.com]
On Behalf Of Nick FitzGerald
Sent: 3. december 2005 00:22
To: full-disclosure@...ts.grok.org.uk
Subject: RE: [Full-disclosure] Most common keystroke loggers?

Jan Nielsen to me to Jan:

> >Obviously, then, your book does not include the phrase "Halting 
> >Problem"...
> 
> Sorry, I don't follow you there, you mean that the scan would halt the
> system ? fair enough, I don't think any method of scanning a target is
> fool-proof, no matter how its done.

>Ahh, no...

>   http://en.wikipedia.org/wiki/Halting_problem


Good to know, i did not know that this dilemma had a name :-)


>It would be _nice_ to do that, but it is an equally fraught problem.  
>After all, even if you could entirely reliably programmatically 
>determine that the users's system was compromised, you cannot trust any

>response from the system, or that any message you try to send to them 
>to alert them to this will not be intercepted by some warez put on the 
>system as a result of the compromise...

Good point, I guess I am glad I am not trying to design this system.

> ... a
> textmessage/SMS might be wiser.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ