Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #21203

Re: creating a secret-carrying box

From Roedy Green <see_website@mindprod.com.invalid>
Newsgroups comp.lang.java.programmer
Subject Re: creating a secret-carrying box
Date 2013-01-08 00:44 -0800
Organization Canadian Mind Products
Message-ID <1fmne8tif6314ka6nivc29gpmle47vbb0o@4ax.com> (permalink)
References <6oume8lgqc1mg3qh0sellmhiss4n73qmti@4ax.com> <kcg6c4$hh6$1@news.mixmin.net>

Show all headers | View raw

On Mon, 7 Jan 2013 23:12:47 -0500, Twirlip of the Mists
<twirlip@killfile.me.now.invalid> wrote, quoted or indirectly quoted
someone who said :

>can also do things like keylogging
>while you type in the password.
 
The Kanguru people came up with a clever dodge.  You can key the
password with your mouse. But the virtual keyboard mutates, so even if
a snoop logs mouse click positions it gives him nothing. He would have
to trap screen contents as well.  When you start thinking about a
properly fiendish opponent, it all becomes hopeless.

The most common snoop is a keyboard logger hidden inside the keyboard
where no software security check can find it.

It gets rather amusing. What I have inside my flash drive are files
full of true random numbers, for one-time pad encryption. So it is
sort of nuts to protect them with a lower quality encryption.

Every type of attack you can fend off makes it more costly for some
third party to snoop. 

If you getting serious, you might install Linux from purchased CD and
never attach the machine that does any encrypting/decrypting to the
Internet or to a LAN. It would be like the machines the certificate
companies use to guard their master private certificate keys.
-- 
Roedy Green Canadian Mind Products http://mindprod.com
Students who hire or con others to do their homework are as foolish 
as couch potatoes who hire others to go to the gym for them.

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Find similar | Unroll thread

Thread

creating a secret-carrying box Roedy Green <see_website@mindprod.com.invalid> - 2013-01-07 18:00 -0800
  Re: creating a secret-carrying box Arne Vajhøj <arne@vajhoej.dk> - 2013-01-07 21:27 -0500
  Re: creating a secret-carrying box Twirlip of the Mists <twirlip@killfile.me.now.invalid> - 2013-01-07 23:12 -0500
    Re: creating a secret-carrying box Roedy Green <see_website@mindprod.com.invalid> - 2013-01-08 00:44 -0800

csiph-web