Keystroke logging (often called keylogging) is a diagnostic used in software development that captures the user’s keystrokes. It can be useful to determine sources of error in computer systems. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the internet and can be used by anyone for the same purposes.

Keystroke logging can be achieved by both hardware and software means. Commercially available systems include devices which are attached to the keyboard cable (and thus are instantly installable, but visible if the user makes a thorough inspection) and also devices which can be installed in keyboards (and are thus invisible, but require some basic knowledge of soldering to install). Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus or worm. It is also said that using an onscreen keyboard is a way to combat these, as it only requires clicks of the mouse. That is, however, false information, because a keyboard event message must be sent to the external target program to type text. Every software keylogger can log the text typed with an onscreen keyboard.

What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A Trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.

Young and Yung devised several methods for solving this problem and presented them in their 1997 IEEE Security & Privacy paper [YY97] (their paper from ‘96 touches on it as well). They presented a deniable password snatching attack in which the keystroke logging Trojan is installed using a virus (or worm). An attacker that is caught with the virus or worm can claim to be a victim. The cryptotrojan asymmetrically encrypts the pilfered login/password pairs using the public key of the Trojan author and covertly broadcasts the resulting ciphertext. They mentioned that the ciphertext can be steganographically encoded and posted to a public bulletin board (e.g., Usenet). They also mentioned having the cryptotrojan unconditionally write the asymmetric ciphertexts to the last few unused sectors of every writable disk that is inserted into the machine. The sectors remain marked as “unused”. Nowadays this can done using a USB token. So, the Trojan author may be one of dozens or even thousands of people that are given the stolen information. Only the Trojan author can decrypt the ciphertext because only the author knows the needed private decryption key. This attack is from the field known as Cryptovirology.

The FBI used a keystroke logger to obtain the PGP pass phrase of Nicodemo Scarfo, Jr.. He plead guilty to running an illegal gambling operation in 2002. (“Mobster’s son pleads guilty of gambling; computer spying helped seal case” Asssociated Press, 1 Mar 2002) The FBI has also reportedly developed a trojan-horse-delivered keylogger program known as Magic Lantern.

References

[YY97] A. Young, M. Yung, “Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage,” IEEE Symposium on Security & Privacy, pages 224-235, May 4-7, 1997.

Links

• Keylogging Hardware and software keylogging methods.
• BBC article about Keycatcher, a hardware keylogger

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

E-mail has become the subject of much abuse, in the form of both spamming and E-mail worm programs. Both of these flood the in-boxes of E-mail users with junk E-mails, wasting their time and money, and often carrying offensive, fraudulent, or damaging content. This links help in the efforts to stop E-mail abuse and ensure that E-mail continues to be usable in the face of these threats.

Links

• BlackList checker Check if the domain is blacklisted by Open Relay DataBase (ORDB) or Distributed Sender Blackhole List (DSBL).
• Fight Spam on the Internet!
• Coalition Against Unsolicited Commercial Email
• Spamfo.co.uk Covers the latest news on junk email, scams, fraud, legal aspects and reviews of software and services out there to help you reduce the ’spam’.
• California lawyer who sues spammers
• Address Munging FAQ: Spam-Blocking Your Email Address
• Challenge/Response at the SMTP Level: It may be possible to implement a challenge/response SPAM protection system using custom SMTP Delivery Status Notifications (DSNs) that include an HTML confirmation hyperlink.
• Countering Spam by Using Ham Passwords (Email Passwords)
• “Countering Spam with Ham-Authenticated Email and the Guarded Email Protocol” describes a challenge/response system
• [8] A GPL’ed minimal CAPTCHA C/R system.
• Spam-proofing the mail system; Linux Weekly News; December 17, 2003.
• hide email addresses on web sites with JavaScript or letter encoding
• Alternative way to hide email addresses on web sites with inline CSS
• Hiding Email Addresses A comprehensive list of methods on how to hide email addresses in source code from spam bots.

AP – Apple Inc. and Eminem’s music publisher have failed to settle a dispute over 93 songs on iTunes, clearing the way for a trial in the rapper’s hometown of Detroit.

AP – Yahoo Inc. believes a lot of its good work has been overlooked by investors and the media so it’s spending more than $100 million to get the word out to consumers directly.

AP – Facebook is shutting down its much-maligned Beacon marketing program, launched nearly two years ago amid fanfare only to generate a storm of privacy complaints over the tracking of user activities at partner Web sites.

AP – With their advertising revenue drying up, newspaper publishers spent much of the spring and summer debating whether to cut off free online access to some of the material they run in their shrinking print editions.

AP – The head of the FCC plans to propose new rules that would prohibit Internet service providers from interfering with the free flow of information and certain applications over their networks, an official at the agency said Saturday.

Link campaigns are a form of online marketing and is also a method for search engine optimization. A business seeking to increase the number of visitors to its web site can ask its strategic partners, professional organizations, chambers of commerce, suppliers, and customers to add links from their web sites. Typically a link campaign involves mutual links back and forth between related sites.

Increasing the number of links to a site has two beneficial effects:

• Search engines such as Google judge the importance of a site by the number of other sites that link to it.
• The additional links result in visitors moving from the linking site to the target site.

When conducting a link campaign, the essentials steps are to identify potential link partners, request the links, and specify the link text. The value of a link depends on the traffic and reputation of the linking site, and the relevancy of its content to the target site’s content. Off topic links are generally not useful because they tend to upset visitors, and search engines may view them as link spam.

Link farms are web sites set up solely for the purpose of exchanging links. These sites are viewed dimly by search engines, and Google specifically advises webmasters not to participate in link farms:

“Linking schemes will often do a site more harm than good.”

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

Reuters – The U.S. Justice Department urged a New York court on Friday to reject Google’s controversial deal with authors and publishers that would allow the search engine giant to create a massive online digital library.

AP – Google Inc. is counting on the crown jewel of its online advertising empire to burnish a diamond in the rough.