Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:50
Bill Frantz (frantz@netcom.com)
Mon, 29 Mar 1999 08:33:21 -0700
At 7:30 AM -0700 3/29/99, Mike Rosing wrote:
>On Sun, 28 Mar 1999, Bill Frantz wrote:
>
>> I was wondering how easy it would be to have code which accepts a password
>> or passphrase grab the keyboard interrupts and place itself between the
>> hardware and any possible keyboard sniffer. Passing a "duress" password on
>> to the sniffer could help identify compromised machines.
>
>If the sniffer is an RF transmitter it won't work at all. If the sniffer
>is just software, it should be straight forward to detect. I would think
>that once an attacker learns that there is more software to deal with,
>they will find a way around it.
>
>If the sniffer is a CCD camera mounted in a hole in the ceiling, you have
>real problems :-)
My current threat model does not include people with physical access to the
hardware or its immediate environment. I am mostly worried about Trojan
horse programs like Netbus and Back Orifice.
If we can build systems that require physical access, we greatly increase
the risk of mounting an attack. Photos of the MIB coming in and planting
bugs taken by my CCD camera would be quite popular in some circles.
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
frantz@netcom.com | the century would end. | Los Gatos, CA 95032, USA
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:50