Guest Posted February 25, 2002 Report Share Posted February 25, 2002 quote: Originally posted by boogaloo: Some poor internet cafe worker sap might be able to double or at least increase his income selling passwords to porn sites and whatever else he may get. This made me think. My ex-girlfriend knew many passwords to adult sites and also some yahoo and hotmail passwords. When asking where she got these her answer would always be; "from a friend." I presume the email logins she had were from past customers, otherwise, why the hell would she want them? Some of you may not know this but it's possible to read yahoo and hotmail emails without marking them as read. Some POP3 online email readers do this. If someone is reading your mail you've no idea; to you, the mails look unread. Link to comment Share on other sites More sharing options...
Guest Posted February 25, 2002 Report Share Posted February 25, 2002 Determining by hand that a keystroke logger is present is probably going to be too time consuming. Besides task manager programs, you will need to look in the services running and drivers loaded with knowledge of which ones should be there and which sould not. I like the advice of the guy who said to enter portions of passwords, mousing to different locations and entering other stuff between. Combine this with changing passwords after using suspect machines and you've raised the bar a lot for keyboard loggers to tamper. But then you've got to also be aware there is "browse together" software that allows what you are seeing on the web to be seen from another machine anywhere on the web. "groove" is one such program. This is nice when you want to browse sites someone you know far away, but now I can see how this could be abused in an internet cafe. I never really thought much about the security holes in internet cafes, but now I think I will be a lot more careful about what I access whenever I go. Link to comment Share on other sites More sharing options...
adikgede Posted February 27, 2002 Report Share Posted February 27, 2002 Since no one has actually mentioned any software to detect key loggers, I'll mention HookProtect. I don't know how well it works but it will fit on a floppy, and you don't have to reboot after installing it. Keep in mind that it takes a long time to do its work and you will be paying for this. Don't forget that even if the casual cafe surfer could detect any malicious software on thier terminal they would have alot of work to do to insure that there was not a packet sniffer somewhere between them and the gateway. Of course if your terminal dials out directly the matter of trust is between you and the isp. There is no way to be sure that a pc in an internet cafe is clean. As they say boot access is root acess, and if you can't control that there is not alot to base trust upon. Luckily 90% of the world is using MSWindows of some sort so you can reduce your chances of being a target by using a Mac or Unix. The best insurance is to connect directly to a service provider from your own equipment. Join an isp that has global roaming like ATT, AOL, IBM, PacificNet, and many others. GPRS roaming agreements will be up by the end of the year, go to GSM World for links to providers around the world. Link to comment Share on other sites More sharing options...
bibblies Posted March 8, 2002 Report Share Posted March 8, 2002 quote: Originally posted by Mikey: [qb]I think the original poster was a bit paranoid, but couldn't he vary it by using the mouse to alternate and change position on the userid and password boxes?* That'd make things a lot harder, surely. *e.g enter the fourth letter of your userid, then mouse down to the password box and enter the second and third letters of that. Mouse back to the id box and enter a few letters.. Good idea, although it would be very tedious in practice. And it only makes sense for non obvious passwords, like a number, otherwise the jumbled-up password would be just a simple anagram. By the way, a decent programmer can also grab mouse movement, and the character position of text entered into textboxes.[/QB] I was thinking if you were to open a generic web page, such as yahoo's home page and copy letters from there, rather than using keystrokes, would that make a difference? Link to comment Share on other sites More sharing options...
Guest Posted March 9, 2002 Report Share Posted March 9, 2002 http://www.anti-keyloggers.com/ Or you could just use the character map to type with mouse movement... But if you really wanted to get peoples details you would set your cafe so everyone logs into a terminal server session and use CCTV, and just shadow everyone?s movement... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.