Keylogging software - serious threat?

Discussion in 'privacy technology' started by Norrismj, Feb 14, 2008.

Thread Status:
Not open for further replies.
  1. Norrismj

    Norrismj Registered Member

    Joined:
    Feb 6, 2008
    Posts:
    16
    Hi

    I have just had a looked at some of the messages placed over the last few months and I note that there is mention of anti-keylogging software. Just how significant a threat to the average user is the use of keylogging software. Is this something that I should worry about or is the threat more imagined than real?

    Mike
     
  2. Jomsviking

    Jomsviking Registered Member

    Joined:
    Apr 16, 2007
    Posts:
    55
    Hello Norrismj.

    Keyloggers are a real threat, and growing, due to the increasing number of people performing financial operations online and other activities involving sensitive data.

    Hardware keyloggers are not detected by many (most) anti-spyware or anti-virus solutions. They are used, for example, in private investigations. In many cases a hardware keylogger is detectable via visual inspection, but it may not be that easy.

    Software keyloggers are in principle detected by good anti-spyware and anti-virus applications, although no product detects everything.
    If you have an updated anti-virus solution which also has spyware detection, and if you take care with what you download/execute, you should be ok.
    If your anti-virus product does not do specific spyware detection (which most good anti-viruses already do), you are advised to get an anti-spyware application. In fact, you can get one anti-spyware on-demand scanner even if you have a spyware-detecting antivirus, to provide a second opinion.

    According to your level of experience and particular situation, you may also be interested in a sandbox. DefenseWall, for example, warns about certain keylogging activities.
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Some AV/AS don't offer detection on comercial keyloggers.
    But if access to you're computer is limited only to you, you have safe computer habits and started with a clean system, it's unlikely that a keylogger affects you.

    Personally I don't worry at all about keylogger on my laptop, but I use some protection software when I'm on other computers (friends, work, airports, etc).
     
  4. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    More certain, DefenseWall blocks those types of keyloggers that are possible to block without huge compatibility issues and warns about those of the keylogging activities that may be used by a legitimate software.
     
  5. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    As to how serious keyloggers should be taken, personally I would much rather my hard disk be totally wiped out by a virus than have my bank account wiped out by someone who stole my pass codes via a keylogger.
     
  6. chuckfrasher

    chuckfrasher Registered Member

    Joined:
    Feb 15, 2008
    Posts:
    15
    I was just reading about Defensewall. It sounds like a pretty good way to prevent keyloggers. I also just started using Returnil. I guess a keylogger would disappear when you restart, but until then I guess a keylogger could track your info and send it out.
     
  7. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,328
    Location:
    Here, There and Everywhere
    - Start with a pristine "clean" image of system drive of OS and programs only.
    - Image the system drive.
    - Run with Faronics anti-executable.
    - Restore the clean image whenever you want. Mine restores in 2 1/2 minutes flat.


    = No keyloggers without all the extra weighty security programs.
     
  8. tlu

    tlu Guest

    Or follow the advice given here to prevent them in the first place. You can tighten security even more by adding a Software Restriction Policy as described on http://www.mechbgon.com/srp/ if you're using XP Pro.
     
  9. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    mine wil protect you.:D
     
  10. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    my experience would suggest that for many the threat is more imagined than real.

    If, however you want to use Internet Banking, pay credit card bills etc then I would suggest that you consider using a Returnil, DeepFreeze type program.
    Reboot just before going to your bank and any keylogger that might have been there should now be gone
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I would rank it up there with any type of malware, maybe worse.
     
  12. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    this is what Kris with AD had to say about them.


     
    Last edited by a moderator: Feb 19, 2008
  13. chuckfrasher

    chuckfrasher Registered Member

    Joined:
    Feb 15, 2008
    Posts:
    15
    Gerard, thank you so much for this. I will definitely read up on this and try it out. I hope it is not too difficult because my knowledge is very limited. I am also wondering if using these products will protect an external hard drive and USB sticko_O?
     
  14. Judge Dee

    Judge Dee Guest

    A friend sent me an article where the gentleman claimed that he discovered his new laptop had a hardware keylogger built into it. He then made the inference, if I remember, that all new laptops were produced with keyloggers.
    Can anyone confirm or deny this claim?
    Don't ask me to dismantle my laptop, I'm hardware illiterate.:rolleyes:
     
  15. chuckfrasher

    chuckfrasher Registered Member

    Joined:
    Feb 15, 2008
    Posts:
    15
    I have never heard of it. I will look it up.
     
  16. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
  17. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
  18. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    @lonewolf:

    I believe benny bronx was thinking of the laptop described earlier
     
  19. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782

    I believe you are right.
    That's what I get for staying up so late.
    In that case, i'm really do not know.


    EDIT:

    I did find this googleing around

    lkl.png

    So I guess they do make them small enough for laptops.
     
    Last edited: Feb 23, 2008
  20. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Good morning:

    No, I meant generally speaking, where would a hardware keylogger most likely be. The picture was just for ...... I don't know, it was late.
     
  21. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    As far as the two examples shown, I, and most members, are way too anal about their computers not to quickly notice one of these.
     
  22. Judge Dee

    Judge Dee Guest

    I guess that answers my question. I didn't know if they would be obvious or not.
    Thanks!
     
  23. chuckfrasher

    chuckfrasher Registered Member

    Joined:
    Feb 15, 2008
    Posts:
    15
    So I guess even with a sandbox or virtual program that empties everything, a keylogger can still get your passwords and stuff during that session and send it out.....even though it will not be able to remain on the system. So how can your product prevent this?
     
  24. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Flush the sandbox before doing anything sensitive (entering bank credentials, etc) and start a new, fresh sandbox session.
    A little bit of discipline :)
     
  25. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    That would work only if you installed sandboxie (or returnil or deep freeze) on a fresh install and always used it when surfing, correct?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.