Defending against keyloggers

[Magnus Vogel]

Most of this thread seems to deal with prevention. Can anyone recommend a good software to detect an already inplanted 'Keylogger'.

[Doc]

Hi, Magnus-

Although I have not used it myself, I have heard that WinPatrol Plus (not the free version) is good, at showing everything that is running. The key then, of course, would be to be able to recognize the harmless/necessary entities, and weed out the others.

Not always an easy task, because often, malware files are named similarly to real files.

[deepsand]

Spybot Search & Destroy presently detects 157 known keyloggers.

[kgun]

But most people don't conceal their passwords in noise, so keyloggers don't compensate for it."

Security by obscurity is not security. My own advice:

Try to advoid logging into your bank account from a random or unknown computer.

But burying your password once in noise is better than typing the password directly into the field.

Although I have not used it myself, I have heard that WinPatrol Plus (not the free version) is good, at showing everything that is running.

Look at the debugging menu

DigitalStart.net: The starting point for English speaking surfers and webmasters

on the toolbar. The main menu contains Fiddler Web Debugger - A free web debugging tool

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet.

[deepsand]

Security by obscurity is not security..

Concur; however, the technique presented is security by obfuscation.

[kgun]

Concur; however, the technique presented is security by obfuscation.

Language problems. New word to me. Can you explain the meaning of the two words in greater detail?

[deepsand]

Obscure, an adjective, from the Latin obscurus, means "dark" or "dim," as in "shrouded by darkness," or "not seen clearly."

Obfuscate, from the Latin obfuscare, means, as a transitive verb, "to darken;" as an intransitive verb, "to be evasive or confusing."

Within the present context, the data to be protected are in plain sight, i.e. are clearly & easily visible, but are presented in a confusing manner, so as to evade detection.

While such may seem like a trivial distinction, obfuscation is the basic principle underlying ciphers and stenographic codes. Indeed, the method under discussion here is itself one of stenographic coding.

[Doc]

As a more graphic example, this might be considered obscured: Obscure

While this might be a good example of obfuscation: xOgBlFtUrSmCeAbThE

[kgun]

Exellent explanations.

It reminds me what my teacher in statisitics professor LSE Statistics - Ragnar Norberg told us in a course in Bayesian Statistics.

If you confront a person that identifies your methods, randomize your input.

So the password should be buried in random noise. If you write down the string and use the same string a second time, it should be fairly safe.

I think this was the book we used at the course: Amazon.com: Statistical Decision Theory and Bayesian Analysis (Springer Series in Statistics) (9780387960982): James O. Berger: Books

Relevant for understanding search engines.

[deepsand]

So the password should be buried in random noise. If you write down the string and use the same string a second time, it should be fairly safe.

A good and important suggestion.

If, in the presence of the same observer, one repeats a string containing the same information, mixed with different noise, the observer can, given a sufficient number of repetitions, detect the information by way of differentiation.