Re: Security-Compromised NT System [what can they see?]

From: Jeff Cochran (no email)
Date: 02/20/02 

From: (Jeff Cochran)
Date: Wed, 20 Feb 2002 14:57:42 GMT

>I work on a company provided Windows NT4.0 computer that I didn't
>install the OS and the Administrator password [was] known by more than
>one person, although the computer is primarily to be used by me only
>as a development machine. It just so happens that I sometimes do
>fairly personal thing on this computer, e.g. read my web based email,
>etc. Since the computer is compromised. Can they also see what I am
>reading in my emails? (assuming these people don't have access to the
>company routers/firewalls which would have been easy to see all the
>webpage that I watched). They only have access to my computer, and I
>assume they have planted Trojan horses and stuffs.
>
>Am I safe to secure my files using PGP conventional encryption, ie. no
>keys lying around anywhere on the computer. However when I encrypt
>the important files I have to type in the password using the keyboard.
> Can they install a program to watch what I typed when I keyed in my
>password [passphrase] when I conventionally encrypt a sensitive file
>using PGP??
>
>How do I implement counter-measures, any softwares that will let me
>know if my keypress are being logged? Unfortunately I am not allowed
>to reinstall Windows NT on this system, I once brought in softwares to
>reinstall but the enemy had the management ordered me to stop. Until
>I find a new job (I am working on this), I need some kind of
>counter-measures. Any advice? THanks in advance.

My advice is to leave this company. Look at your message:

"I assume they have planted Trojan horses and stuffs."
"...but the enemy had the management ordered (sic) me to stop."

You're far too paranoid, and my suspicion is that the "enemy" may
actually be the good guys in this case. Stop doing "fairly personal
thing" and maybe you won't need to worry. Bail now for your own
sanity and the protection of the company.

Jeff

Quantcast