misspelledsearch.com:

keystroke logging

information page

If you cannot find the information you are searching for on this page, we suggest searching Google with the correct spelling "keystroke logging":

Keystroke logging (often called keylogging) is a diagnostic used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the internet and can be used by anyone for the same purposes.

Keystroke logging can be achieved by both hardware and software means. Commercially available systems include devices which are attached to the keyboard cable (and thus are instantly installable, but visible if the user makes a thorough inspection) and also devices which can be installed in keyboards (and are thus invisible, but require some basic knowledge of soldering to install). Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus or worm. It is also said that using an onscreen keyboard is a way to combat these, as it only requires clicks of the mouse. That is, however, false information, because a keyboard event message must be sent to the external target program to type text. Every software keylogger can log the text typed with an onscreen keyboard.

What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A Trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.

Young and Yung devised several methods for solving this problem and presented them in their 1997 IEEE Security & Privacy paper [YY97] (their paper from '96 touches on it as well). They presented a deniable password snatching attack in which the keystroke logging Trojan is installed using a virus (or worm). An attacker that is caught with the virus or worm can claim to be a victim. The cryptotrojan asymmetrically encrypts the pilfered login/password pairs using the public key of the Trojan author and covertly broadcasts the resulting ciphertext. They mentioned that the ciphertext can be steganographically encoded and posted to a public bulletin board (e.g., Usenet). They also mentioned having the cryptotrojan unconditionally write the asymmetric ciphertexts to the last few unused sectors of every writable disk that is inserted into the machine. The sectors remain marked as "unused". Nowadays this can done using a USB token. So, the Trojan author may be one of dozens or even thousands of people that are given the stolen information. Only the Trojan author can decrypt the ciphertext because only the author knows the needed private decryption key. This attack is from the field known as Cryptovirology.

The FBI is known to possess a trojan-horse-delivered keylogger program known as Magic Lantern. It has used a keystroke logger (perhaps this one) to obtain the PGP pass phrase of a suspect in Philadelphia. He was convicted.

References

[YY97] A. Young, M. Yung, "Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage," IEEE Symposium on Security & Privacy, pages 224-235, May 4-7, 1997.

External links

• Keylogging Hardware and software keylogging methods.
• BBC article about Keycatcher, a hardware keylogger

This keystroke logging index site has been developed to help wayward users find the information they are looking for, no matter how they are mistakenly spelled or mistyped. This site is designed to help users find keystroke logging information for the following query variants:

keystroke	keystroke loggig	keystroke loggeing	keystroke logeing
keystroke roggeing	keystroke rogeing	keystroke loggeint	keystroke logeint
keystroke roggeint	keystroke lgging	keystroke loggng	keystroke loging
keystroke loggint	keystroke logint	keystroke rogging	keystroke roging
keystroke roggint	keystroke rogint	keystroke loggeign	keystroke logeign
keystroke roggeign	keystroke rogeign	keystroke loggiegn	keystroke logiegn
keystroke loggin	keystroke roggiegn	keystroke login	keystroke rogiegn
keystroke roggin	keystroke rogin	keystroke ioging	keystroke iogimg
keystroke loglng	keystroke loggign	keystroke loggnig	keystroke logigng
keystroke lgoging	keystroke olgging	logging	kistlalke logging
kaizetroke logging	keystralke logging	keystloke logging	kaizetralke logging
kystroke logging	kaizetloke logging	kestroke logging	keystlalke logging
keytroke logging	kaizetlalke logging	keysroke logging	kistroke logging
keystoke logging	kistralke logging	keystrke logging	kistloke logging
keystroe logging	keystroek logging	keystrkoe logging	keystorke logging
keysrtoke logging	keytsroke logging	kesytroke logging	kyestroke logging
ekystroke logging	keystrok logging	eystroke logging

If you would like to add or correct the content of this site, or if you are interested in supporting the efforts of misspelledsearch.com by placing your product information on these keystroke logging pages, please contact mistype@gmail.com for details.