Re: What can one do against Keylogger Attacks?

From: Jan Panteltje (pNaonStpealmtje_at_yahoo.com)
Date: 06/22/05


Date: Wed, 22 Jun 2005 20:35:21 GMT

On a sunny day (22 Jun 2005 18:56:35 GMT) it happened "nemo_outis"
<abc@xyz.com> wrote in <Xns967D83B17F35Fabcxyzcom@127.0.0.1>:

>amgine <amgine@hushmail.com> wrote in news:tNqdnYfvSb-LECTfRVn-
>sw@comcast.com:
>
>> paul@atom.sbrk.co.uk wrote in news:VPBte.47572$75.2565151@news4.tin.it:
>>
>>> In article <200506201303.j5KD3cMF003123@marco.aarg.net>, Yoy G0 wrote:
>>>> If I need 100% protection against possible keylogger virus attack, so
>>>> that noe one would be able to steal user's password / passphrase,
>>>> what can I do?
>>>
>>> Use a one time password, so that its loss is of no future concern. If
>>> you wish to avoid logging of other key strokes, connect to something
>>> that provides an on-screen keyboard, perhaps a java applet that
>>> displays the keyboard as well as creating an encrypted session using
>>> ssl/ssh or whatever.
>>
>> <snip>
>>
>> This should work for keyloggers that "don't" take screenshots or record
>> the contents of the clipboard (Windows).
>>
>> amgine
>
>
>And that constitutes the **entire class of hardware keyloggers** (the
>trickiest class to detect) to which such data is completely inaccessible.
Maybe some idea, but the keyboard *usually* is in front of the monitor.
One could use a photo diode, and modulate UHF, a van in front of your house
picks it up.
All it would require is that tiny tiny little hole in the keyboard
the photocell peaks through.
Bit far fetched, but technically possible, processing can be done elsewhere.
One channel for keystrokes too.
This idea is copyright Jan Panteltje 2005, when you use it you own me a million.
OSaMA