Keystroke logging (often called keylogging) is a diagnostic used in software development that captures the user’s keystrokes. It can be useful to determine sources of error in computer systems. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the internet and can be used by anyone for the same purposes.

Keystroke logging can be achieved by both hardware and software means. Commercially available systems include devices which are attached to the keyboard cable (and thus are instantly installable, but visible if the user makes a thorough inspection) and also devices which can be installed in keyboards (and are thus invisible, but require some basic knowledge of soldering to install). Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus or worm. It is also said that using an onscreen keyboard is a way to combat these, as it only requires clicks of the mouse. That is, however, false information, because a keyboard event message must be sent to the external target program to type text. Every software keylogger can log the text typed with an onscreen keyboard.

What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A Trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.

Young and Yung devised several methods for solving this problem and presented them in their 1997 IEEE Security & Privacy paper [YY97] (their paper from ’96 touches on it as well). They presented a deniable password snatching attack in which the keystroke logging Trojan is installed using a virus (or worm). An attacker that is caught with the virus or worm can claim to be a victim. The cryptotrojan asymmetrically encrypts the pilfered login/password pairs using the public key of the Trojan author and covertly broadcasts the resulting ciphertext. They mentioned that the ciphertext can be steganographically encoded and posted to a public bulletin board (e.g., Usenet). They also mentioned having the cryptotrojan unconditionally write the asymmetric ciphertexts to the last few unused sectors of every writable disk that is inserted into the machine. The sectors remain marked as “unused”. Nowadays this can done using a USB token. So, the Trojan author may be one of dozens or even thousands of people that are given the stolen information. Only the Trojan author can decrypt the ciphertext because only the author knows the needed private decryption key. This attack is from the field known as Cryptovirology.

The FBI used a keystroke logger to obtain the PGP pass phrase of Nicodemo Scarfo, Jr.. He plead guilty to running an illegal gambling operation in 2002. (“Mobster’s son pleads guilty of gambling; computer spying helped seal case” Asssociated Press, 1 Mar 2002) The FBI has also reportedly developed a trojan-horse-delivered keylogger program known as Magic Lantern.

References

[YY97] A. Young, M. Yung, “Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage,” IEEE Symposium on Security & Privacy, pages 224-235, May 4-7, 1997.

Links

• Keylogging Hardware and software keylogging methods.
• BBC article about Keycatcher, a hardware keylogger

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

E-mail has become the subject of much abuse, in the form of both spamming and E-mail worm programs. Both of these flood the in-boxes of E-mail users with junk E-mails, wasting their time and money, and often carrying offensive, fraudulent, or damaging content. This links help in the efforts to stop E-mail abuse and ensure that E-mail continues to be usable in the face of these threats.

Links

• BlackList checker Check if the domain is blacklisted by Open Relay DataBase (ORDB) or Distributed Sender Blackhole List (DSBL).
• Fight Spam on the Internet!
• Coalition Against Unsolicited Commercial Email
• Spamfo.co.uk Covers the latest news on junk email, scams, fraud, legal aspects and reviews of software and services out there to help you reduce the ‘spam’.
• California lawyer who sues spammers
• Address Munging FAQ: Spam-Blocking Your Email Address
• Challenge/Response at the SMTP Level: It may be possible to implement a challenge/response SPAM protection system using custom SMTP Delivery Status Notifications (DSNs) that include an HTML confirmation hyperlink.
• Countering Spam by Using Ham Passwords (Email Passwords)
• “Countering Spam with Ham-Authenticated Email and the Guarded Email Protocol” describes a challenge/response system
• [8] A GPL’ed minimal CAPTCHA C/R system.
• Spam-proofing the mail system; Linux Weekly News; December 17, 2003.
• hide email addresses on web sites with JavaScript or letter encoding
• Alternative way to hide email addresses on web sites with inline CSS
• Hiding Email Addresses A comprehensive list of methods on how to hide email addresses in source code from spam bots.

Link campaigns are a form of online marketing and is also a method for search engine optimization. A business seeking to increase the number of visitors to its web site can ask its strategic partners, professional organizations, chambers of commerce, suppliers, and customers to add links from their web sites. Typically a link campaign involves mutual links back and forth between related sites.

Increasing the number of links to a site has two beneficial effects:

• Search engines such as Google judge the importance of a site by the number of other sites that link to it.
• The additional links result in visitors moving from the linking site to the target site.

When conducting a link campaign, the essentials steps are to identify potential link partners, request the links, and specify the link text. The value of a link depends on the traffic and reputation of the linking site, and the relevancy of its content to the target site’s content. Off topic links are generally not useful because they tend to upset visitors, and search engines may view them as link spam.

Link farms are web sites set up solely for the purpose of exchanging links. These sites are viewed dimly by search engines, and Google specifically advises webmasters not to participate in link farms:

“Linking schemes will often do a site more harm than good.”

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

An advertising agency or ad agency is a service business dedicated to creating, planning and handling advertising (and sometimes other forms of promotion) for their clients. An ad agency is independent from the client and provides an outside point of view to the effort of selling the client’s products or services. An agency can also handle overall marketing and branding strategies and sales promotions for its clients.

Typical ad agency clients include businesses and corporations, non-profit organizations and government agencies. Agencies may be hired to produce single ads or, more commonly, ongoing series of related ads, called an advertising campaign.

Ad agencies come in all sizes, from small one- or two-person shops to large multi-national, multi-agency conglomerates such as Omnicom Group or WPP Group.

Some agencies specialize in particular types of advertising, such as print ads or television commercials. Other agencies, especially larger ones, produce work for many types of media (creating integrated marketing communications, or through-the-line (TTL) advertising). The “line”, in this case, is the traditional marker between media that pay a (traditionally 15%) commission to the agency (mainly broadcast media) and the media that do not.

Lately, Search Engine Marketing (SEM) and Search Engine Optimization (SEO) firms have been classified by some as ‘agencies’ due to the fact that they are creating media and implementing media purchases of text based (or image based in some instances of search marketing) ads. This relatively young industry has been slow to adopt the term ‘agency’ however with the creation of ads (either text or image) and media purchases they do qualify technically as an ‘advertising agency’ as well as recent studies suggest that both SEO and SEM are set to outpace magazine spending in the next 3-5 years.

Not all advertising is created by agencies. Companies that create and plan their own advertising are said to do their work in house.

Links

• American Association of Advertising Agencies
• World Federation of Advertisers
• Adforum you can view advertising print work and spots
• Research Company Evaluating the Media Agency Industry

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

Click fraud occurs in pay per click online advertising when a person, automated script or computer program imitates a legitimate user of a web browser clicking on an ad, for the purpose of generating an improper charge per click. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud whether they like it or not.

Use of a computer to commit this type of fraud is a felony in many jurisdictions, for example as covered by Penal code 502 in California and the Computer Misuse Act 1990 in the United Kingdom. There have been arrests relating to click fraud with regard to malicious clicking in order to deplete a competitor’s advertising budget.

In 2004, a California man created a software program that he claimed could let spammers defraud Google out of millions of dollars in fraudulent clicks. Authorities said he was arrested while trying to blackmail Google for $150,000 to hand over the program.

Links

• “Web start-ups vie to detect ‘click fraud’.” Wall Street Journal Online. Retrieved June 10, 2005.
• “Vendors release click-fraud detection tools.” eWeek. Retrieved March 4, 2005.
• “Click fraud roils search advertisers.” C|Net News.com. Retrieved March 4, 2005.
• “Mice Attack: Internet scammers steal money with ‘click fraud’.” Newsweek. Retrieved January 18, 2005.
• “Google CFO: Fraud a Big Threat.” CNN Money. Retrieved December 2, 2004.
• “Click fraud threatens web.” Wired News. Retrieved October 13, 2004.
• “How Click Fraud Could Swallow the Internet.” Wired Magazine, issue 14.01 (January 2006). Retrieved December 29, 2005.
• “Click fraud fears growing for online advertisers.” Times Online. Retrieved February 2006

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

Search engine optimization aims to index and improve rankings for the webpages which are most relevant to the keywords searched for according to the algorithm of each search engine. The relevant pages are returned in search engine result pages (SERPS). Basically this is done by writing a naural copy of each page containing the keywords that genuinely represent the goods and the services described within the corresponding webpages. Keywords are also used in the Title Pages, Meta Tags, Headings within a density of about 6% i.e., about 6 keywords spread over a page containing 100 words.

In order to further fine tune the pages and keep them user and search engine friendly, the architecture of the website, including its internal link structure, navigation etc., are also suitably modified for human beings and search spiders to nevigate through whole wbsite pages. Search spiders then can scan all necessary data about the whole site and store in engines’ data base. A good navigation systems imparts excellent experience to the users and they tend to visit the site again and again. This a sign of good achievement.

Numbers of inbound links to the site and the ‘quality’ of the links determine the Reputation of the website within the industry it belong to. This Reputation is one of the most important criteria for search engines to consider higher levels of rank to the deserving webpages. Algorithms are evolutionary and strives to develop every day in an attempt to provide most relevant & useful pages to the users and strike out the websites that trick them and attain higher positions for a while.

These processes are known as Organic or Algorithmic Search Engine Optimization (SEO) of websites. Eventually it is essential for each and every website to get optimized organically, though temprarity they can make use of Pay-per-Click (PPC) to market their website without having to wait for the results of Organic SEO. However, users still prefer Organic Result Pages than Pages for which Advertising charges are paid to search engines. So far for inclusion in Organic Result Pages no fees are prescribed except the high usefulness of the information to the users.

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

Using a virtual machine (such as a pre-built Browser Appliance for VMWare Player) can inhibit infection by spyware, malware, and viruses. Virtual machines provide seperate environments, so if spyware enters the virtual environment, the host computer remains unaffected. One can also use snapshots to remove one’s private information, transporting the snapshot of the VM.

This environment resembles a sandbox. It has drawbacks in that it uses more memory (compared to a standalone browser) and it uses a lot of disk space.

Security practices

To deter spyware, computer users have found a number of techniques useful in addition to installing anti-spyware software.

Many system operators install a web browser other than Microsoft’s Internet Explorer (IE), such as Opera or Mozilla Firefox – though such web browsers have also suffered from some security vulnerabilities. Not a single browser ranks as safe, because in the case of spyware the security comes with the person who uses the browser.

Some Internet Service Providers — particularly colleges and universities — have taken a different approach to blocking spyware: they use their network firewalls and web proxies to block access to Web sites known to install spyware. On March 31, 2005, Cornell University’s Information Technology department released a report detailing the behavior of one particular piece of proxy-based spyware, Marketscore, and the steps the university took to intercept it. ^[1] Many other educational institutions have taken similar steps against Marketscore and other spyware. Spyware programs which redirect network traffic cause greater technical-support problems than programs which merely display ads or monitor users’ behavior, and so may attract institutional attention more readily.

Spyware may get installed via certain shareware programs offered for download. Downloading programs only from reputable sources can provide some protection from this source of attack. One site, CleanSoftware.org, founded as an alternative to other popular Windows software sites, offers only software verified not to contain “nasties” such as spyware. Recently, C|Net revamped its download directory: it has stated that it will only keep files that pass inspection by Ad-Aware and Spyware Doctor.

References

1. ↑ Schuster, Steve. “Blocking Marketscore: Why Cornell Did It“. Cornell University, Office of Information Technologies. March 31, 2005.

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

“SPAM” a 19th Century Problem

In the late 19th Century Western Union allowed telegraphic messages on its network to be sent to multiple destinations. Up until the Great Depression wealthy North American residents would be deluged with nebulous investment offers. This problem never fully emerged in Europe to the degree that it did in the Americas, because telegraphy was regulated by national post offices in the European region.

History of Internet “SPAM” (1978-Present)

Although spamming has existed on the Internet since as early as 1978, the first major spamming incidents didn’t take place until the early 1990s.

Spamming began becoming a major problem at the same time that the Internet began its exponential mainstream expansion in 1993 (also known as Eternal September). More recently, Tim Roarty, using the tag tjroar, spammed across so many internet forums with such a high rate of posting that he is credited with a slow down in overall internet speed. Most major forums have disabled the ability to register as tjroar on their forum due to this problem. It is suspected taht tjroar was a collection of irc trojans and they trolled the internet to sign up for forums – fortunately the creator is unable to modify them and they only try to sign up as the user name “tjroar”.

Origin of the term “SPAM”

The term spam is widely believed to have derived from the SPAM sketch of the BBC television comedy series “Monty Python’s Flying Circus”.

The sketch features a small restaurant in which every item on the menu includes SPAM canned meat, and a chorus of Vikings drowning out all conversation with a song consisting almost entirely of the word “SPAM.”

References

• History
  • Reaction to the DEC Spam of 1978 Overview and text of the first known internet email spam.

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

Keyword stuffing is considered to be an unethical Search engine optimization (SEO) technique. Keyword stuffing occurs when a web page is loaded with keywords in the meta tags or in content. The repetition of words in meta tags, may explain why many search engines no longer use these tags.

Keyword stuffing is used is to obtain maximum search engine ranking and visibility for particular phrases. A word that is repeated too often may raise a red flag to search engines.

Hiding text out of view of the visitor is done in many different ways. Text colored to blend with the background, CSS “Z” positioning to place text “behind” an image – and therefore out of view of the visitor – and CSS absolute positioning to have the text positioned several feet away from the page center, are all common techniques. As of 2005, some of these invisible text techniques can be detected by major search engines.

“Noscript” tags are another way to place hidden content within a page. While they are a valid optimization method for displaying an alternative representation of scripted content, they may be abused, since search engines may index content that is invisible to most visitors.

Inserted text sometimes includes words that are frequently searched (such as “sex”) even if those terms bear little connection to the content of a page, in order to attract traffic to advert-driven pages.

Links

• Google Guidelines
• Yahoo! Guidelines

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.