Re: [Full-disclosure] Most common keystroke loggers?
- From: Blue Boar <BlueBoar@xxxxxxxxxxx>
- Date: Thu, 01 Dec 2005 16:48:30 -0800
Kyle Lutze wrote:
say somebody's password is foobar, on screen there would be a page that shows the new alignment of characters,such as saying a=c, d=3, b=z, etc. so instead of typing foobar the password they would type in for that session would be hnnzck.
The next time the screen came up, it would be a=n, b=l, etc. and the password they would enter would be something else. Then, if the computer had a keylogger, not too much anybody could do with that info.
If the only threat in the world were keyloggers, there are many schemes you could use. My main point is that if your computer is fully compromised and the attacker can adapt, there's no scheme you can up by adding just software to the existing client computers that will help.
Second, the scheme you just proposed is a monoalphabetic substitution cipher. The are considered somewhat weak, i.e. they print them in the newspaper to be solved with a pencil during your communte.
BB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] Most common keystroke loggers?
- From: Shannon Johnston
- Re: [Full-disclosure] Most common keystroke loggers?
- From: Blue Boar
- Re: [Full-disclosure] Most common keystroke loggers?
- From: Kyle Lutze
- [Full-disclosure] Most common keystroke loggers?
- Prev by Date: Re: [Full-disclosure] Most common keystroke loggers?
- Next by Date: Re: [Full-disclosure] Most common keystroke loggers?
- Previous by thread: Re: [Full-disclosure] Most common keystroke loggers?
- Next by thread: Re: [Full-disclosure] Most common keystroke loggers?
- Index(es):
Relevant Pages
|
