TDS anti-logger feature

(Hmm...I could have sworn I'd already asked this!)

Could someone please describe TDS's anti-keylogger feature?  I'm interested in knowing how it fares compared to "dedicated" anti-KL programs.

Tx

 

Hi Checkout,
As TDS owner, you can see they are in the detection list!
So they are detected and measuers can be taken.

 

Is the TDS manual online or only downloaded with the product?  I have all these good intentions to RTFM but only when my brain and body are synchronised in being awake, which doesn't happen as often as I'd like.  (In other words, I'm in the office but my laptop is at home, where I can't access the docs.)   :-/

 

Did you look in the TDS Console | Help | Primary List and you do a search for keylog you find bunches of them, which are detected.
TDS uses several techniques for it, checking traces, binded executables, dll libraries.
The Helpfile comes with the product.
If the laptop is not online, it will be rather difficult to access the files yes, in other cases you could maybe depending on your protection with a remote function.

 

By the time I get home I'm usually too (pick your favourite crude euphemism for tired) to remember good advice like this.  I'll try again tonight...

Thanks.

 

So you'd like either a remote access to your laptop at home via internet either take it with you to look in daytime.

 

Jooske, in all the years we've known and loved each other, have I ever made you take on more daytime work?    

 

Thanks Jooske, had never looked at the primary list !
Searching for keyloggers sure shows lots of them listed !

 

I look in the forum trying to help with questions, day and night!
For the TDS and WG part the DCS support emails, Helpfile, private members only Forum are a wealth of info to dig in and this forum is growing again as well for that goal.
If i could, i would gladly look into matters in distance, why not?

If you're not available in daytime, because of the job, and not in evening/night after work, because of being too tired, there must be some moment to look into these matters, and you'll agree, to open the TDS Console, | Help | Primaries | type keylog in the find window and press find and find next....... that must be possible......
If that is too much, i'd certainly not go deep into system configuration matters and settings, as a little mistake is made so quick or overlooked.......

 

I counted over 90 keyloggers detected.

Not bad.  For an unexpected feature, anyway.  Not bad at all.  Can I (yawn) get some sleep now, Miss?  

 

That's quite an incredible number - I had no clue there were even that many keyloggers in EXISTENCE...

 

Thanks for the counting, i knew you'd be impressed
Hope a next time you'll look in the Helpfile for the detection methods of them, very interesting read.
Sleep well! and till next time!  

 

I'm very interested in reading about TDS's detection methods, especially since the number of KL pgms seems to be rising on an almost daily basis (SpyCop reckons there are currently 244 it can detect).

 

Now you know the Diamond guys are waking over our safety (many varieties might be detected by existing references, generally spoken) and your interested read, i'm sure you feel much more relaxed in daytime to have some energy left for your laptop at home!

 

I am working hard on adding a lot more spyware type programs, they are only added if they run invisible. Over the next few weeks we should see TDS detect a lot more of these as keyloggers

 

Good news.  Thanks.  Er...silly question...but may I presume DiamondCS will never bypass "authorised" keyloggers?

 

They're supposed to belong to the category trojans, don't they?

 

Wayne, it'd be good to have an answer to this question.

 

Hi, Checkout!

Point to ponder: I don't expect my AV program to detect all[/] Trojans. I don't expect my AT program to detect all virii.

In other words, while an individual program might provide additional coverage for things other than what they were primarily designed for, I look upon that as the dessert - not the main course, as it were.

The fact that TDS includes detection for over 90 KL'ing programs is quite impressive in itself (neither Tauscan or The Cleaner provide that many - I know, I own both of those programs).

So I guess I'm wondering here, what's the thrust of your question about expanded coverage from TDS for keyloggers? Are you trying to decide whether to buy a separate  program for keyloggers or not? And holding off until you discover whether or not TDS is going to expand their coverage?

Just a little confused here. Pete

 

See Gavin's remark above, covering lots more in the next couple of weeks. Great!

 

Yes.  Well, two reasons - firstly, TDS is a highly sophisticated product, so I'm hoping that the built KL detector will also contain a high level of sophistication, and perhaps be technically superior to competing products.  Secondly, I already have a number of products which overlap functionality (such as cookie control, ditching web bugs, etcetera) and I'd like to reduce the amount of duplication in case of conflict - and for performance reasons.

 

No kidding Checkout! My system tray has 9 icons related to security.

 

There is so much built in TDS, uses only limited by our imagination, of course you can use it as your private chatbox as well, even communicating with possible infections if they ever come on your system, but it's a security tool in the first place.
You've seen Gavin's remark about new references to be added, and what is written in the manual/helpfile already.
You might like to see the KLs as a general item --there are already threads about KLs in other parts of the forum-- and eventually like to start a new thread there, "other security" would be an appropriate place for that. We might like to discuss other software there too and links to the archives of this forum, just an interesting thought.

 

Already have amassed a rather large collection of "Monitoring" programs, these may all be added as a new class rather than being called just Keylog.<name>

TDS will soon detect as many of these as any other spyware/monitor software/whatever detection tool out there.. there may be a couple we can't obtain but the list will soon be huge

Speaking of "authorised" keyloggers - if you refer to Magic Lantern then if we obtained a copy by submission then we would add detection. Many of the above tools that are going to be detected CAN be installed by parents, however we should still detect them for completeness. Thus my comment about a new class name (such as Monitor.<name>). This is to be decided when detection is added.

Hope this helps somewhat

 

This is exactly what I hoped to hear.

Oh, you bet!  Many thanks.