Keyboard / keystroke logging

[jbrown]

As the hackers get ever more sophisticated - I was wondering....

...how can you find out if there is keystroke logging software hidden on your computer - is there any software that detects it. I have LittleSnitch - would this see it? It seems to faithfully tell me if any software is trying to reach the outside - but some have obscure names that I don't recognize ( like 'host' to name one )

Any thoughts?

cheers

 

[cb911]

do you have a reason to think that someone would put a keystroke logger on your Mac? have you recently angered a 1337 |-|4(|<3|2,|-? if so, kiss your Mac good-bye, teh pwnz j00 d00d!! j/k.

but the best way to know if you've got a keylogger on your Mac is to know all the keyloggers out there.

and if a 'hacker' was targeting your, the least of your worries would be a keystroke logger. but changing your log-in password regularly is a good idea.

 

[jbrown]

do you have a reason to think that someone would put a keystroke logger on your Mac? have you recently angered a 1337 |-|4(|<3|2,|-? if so, kiss your Mac good-bye, teh pwnz j00 d00d!! j/k.

but the best way to know if you've got a keylogger on your Mac is to know all the keyloggers out there.

and if a 'hacker' was targeting your, the least of your worries would be a keystroke logger. but changing your log-in password regularly is a good idea.

No reason, just read an article about hidden logging spyware, and wondering how to dectect if you've been infected - newish to puters, so the first bit of your post is chinese to me

 

[tomf87]

<snip>
and if a 'hacker' was targeting your, the least of your worries would be a keystroke logger. but changing your log-in password regularly is a good idea.

Well, if they are logging the keystrokes, then changing the password would do no good as they'd have your new password.

And, actually, keystroke loggers are an excellent way to increase your access, so it should be one of your worries.

 

[montom]

Laptop manufacturers installing keystroke loggers?

Looks like keystroke loggers already come hardwired into newer laptops:

http://infowars.com/articles/bb/gov_caught_installing_keystroke_loggers.htm

From the article:

I was opening up my almost brand new laptop, to replace a broken PCMCIA slot riser on the motherboard. As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard.

I figured "No Big Deal", and continued with the dissasembly. But when I got the metal panels off, I saw a small white heatshink-wrapped package. Being ever-curious, I sliced the heatshrink open. I found a little circuit board inside.

Being an EE by trade, this piqued my curiosity considerably. On one side of the board, one Atmel AT45D041A four megabit Flash memory chip.

On the other side, one Microchip Technology PIC16F876 Programmable Interrupt Controller, along with a little Fairchild Semiconductor CD4066BCM quad bilateral switch.

Looking further, I saw that the other end of the cable was connected to the integrated ethernet board.

What could this mean? I called the manufacturer's tech support about it, and they said, and I quote, "The intregrated service tag identifier is there for assisting customers in the event of lost or misplaced personal information." He then hung up.

A little more research, and I found that that board spliced in between the keyboard and the ethernet chip is little more than a http://www.keyghost.com/ hardware keylogger.

From the keyghost.com website:

"But I use a software 'key logger' program..."

As a user's technical knowledge increases and weaknesses in software become well known, software keylogger (key loggers and keystroke loggers) become less effective. If the user is capable of disabling or bypassing the security system (or manipulating the logs), then there is no record of the break-in or what has been done. Investigations of the computer break-in become very difficult, if not impossible. In addition, there is the added risk of the log file being stolen and its sensitive contents read.

I haven't opened up my powerbook yet to take a look, but I wouldn't put it past Apple to do something like this. You can't slip a nano between them and the feds.

 

[Applespider]

No reason, just read an article about hidden logging spyware, and wondering how to dectect if you've been infected - newish to puters, so the first bit of your post is chinese to me

Most of the articles talking about hidden logging software are Windows-specific since they're a lot easier to infect than your Mac.

There are keystroke loggers for the Mac, but IIRC, they're dependent on someone having physical access to your Mac (or knowing your admin password) so I wouldn't worry too much.

 

[chattes111@gmai]

Hi,

There are keystroke loggers for the Mac, but IIRC, they're dependent on someone having physical access to your Mac (or knowing your admin password) so I wouldn't worry too much.[/QUOTE]

I now have good locks on my apartment door, but have to send my laptop to Apple for service. Having constantly found keystroke loggers, both hardware and software, on my windows and mac computers when my former's hired criminals were getting into my homes, plus having had the OSs constantly tampered with, I'm worried about how to remove a keystroke logger which would probably be put in when the mac is returned to me. Other things that are shipped by DHL have been tampered with before, so I have no reason to think I'll necessarily luck out and get an honest delivery person when the laptop is sent back. I'm not worried about the OS in this case as I intend to reinstalll, but would like to know if there's any way I could remove any hardware keystroke logger that is put in the laptop before I get it back.

Would anyone be able to give me instructions?

TYIA!

Cat