I'm concerned that someone might install (or might already have
installed!) keystroke logging software or hardware on my powerbook.

I think it is probably not physically possible to install a hardware
device inside a Powerbook but would welcome comment.

A software installation might be much easier. How might I set about
discovering such an installation and disabling it?

In article <110520071931124087%Sam@man.com>, Sam the Man <Sam@man.com>
wrote:

> I'm concerned that someone might install (or might already have
> installed!) keystroke logging software or hardware on my powerbook.
>
> I think it is probably not physically possible to install a hardware
> device inside a Powerbook but would welcome comment.
>
> A software installation might be much easier. How might I set about
> discovering such an installation and disabling it?

I guess you could look for running processes in Activity Monitor that
aren't present on a clean system. You could also look for unusual
network activity or attempts to get through your firewall, because
unless the perpetrators have physical access to your system they would
presumably need some means of getting at the results remotely.

--
Odysseus

In article <110520071931124087%Sam@man.com>, Sam the Man <Sam@man.com>
wrote:

> I'm concerned that someone might install (or might already have
> installed!) keystroke logging software or hardware on my powerbook.
>
> I think it is probably not physically possible to install a hardware
> device inside a Powerbook but would welcome comment.
>
> A software installation might be much easier. How might I set about
> discovering such an installation and disabling it?

If this really concerns you, back up your data, then reformat the boot
drive, reinstall the OS from the original disc and all your apps from
their original media, then apply updates to the software and OS, and
password protect your Mac and try not to allow anyone else to touch it.

In article <srhi-16254F.01244212052007@newsgroups.comcast.net>, Shawn
Hirn <srhi@comcast.net> wrote:

> In article <110520071931124087%Sam@man.com>, Sam the Man <Sam@man.com>
> wrote:
>
> > I'm concerned that someone might install (or might already have
> > installed!) keystroke logging software or hardware on my powerbook.
> >
> > I think it is probably not physically possible to install a hardware
> > device inside a Powerbook but would welcome comment.
> >
> > A software installation might be much easier. How might I set about
> > discovering such an installation and disabling it?
>
> If this really concerns you, back up your data, then reformat the boot
> drive, reinstall the OS from the original disc and all your apps from
> their original media, then apply updates to the software and OS, and
> password protect your Mac and try not to allow anyone else to touch it.

Thanks to you and Odysseus.

On Sat, 12 May 2007 03:22:50 -0500, Sam the Man wrote
(in article <120520071222505770%Sam@man.com>):

> In article <srhi-16254F.01244212052007@newsgroups.comcast.net>, Shawn
> Hirn <srhi@comcast.net> wrote:
>
>> In article <110520071931124087%Sam@man.com>, Sam the Man <Sam@man.com>
>> wrote:
>>
>>> I'm concerned that someone might install (or might already have
>>> installed!) keystroke logging software or hardware on my powerbook.
>>>
>>> I think it is probably not physically possible to install a hardware
>>> device inside a Powerbook but would welcome comment.
>>>
>>> A software installation might be much easier. How might I set about
>>> discovering such an installation and disabling it?
>>
>> If this really concerns you, back up your data, then reformat the boot
>> drive, reinstall the OS from the original disc and all your apps from
>> their original media, then apply updates to the software and OS, and
>> password protect your Mac and try not to allow anyone else to touch it.
>
> Thanks to you and Odysseus.

I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets you
block certain data from being sent out. Virus barrier also checks for
windows virus's. Useful if you forward emails from Windows users. I have
found a couple of virus's in friends e-mails that way.

Although it is interesting that they don't mention Keyloggers in any way.

Hud

http://www.intego.com/netbarrier/
http://www.intego.com/virusbarrier/

In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
<guessagain@noway.com> wrote:


>
> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets you
> block certain data from being sent out. Virus barrier also checks for
> windows virus's. Useful if you forward emails from Windows users. I have
> found a couple of virus's in friends e-mails that way.
>
> Although it is interesting that they don't mention Keyloggers in any way.
>
> Hud


Thanks, Hud. My concern, however, was in a different category.

Sam the Man wrote:
> In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
> <guessagain@noway.com> wrote:
>
>
>> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets you
>> block certain data from being sent out. Virus barrier also checks for
>> windows virus's. Useful if you forward emails from Windows users. I have
>> found a couple of virus's in friends e-mails that way.
>>
>> Although it is interesting that they don't mention Keyloggers in any way.
>>
>> Hud
>
>
> Thanks, Hud. My concern, however, was in a different category.
You leave me a bit confused. The initial request was :

> I'm concerned that someone might install (or might already have
> installed!) keystroke logging software or hardware on my powerbook.
>

and this above answer addresses your concerns precisely.

Now, you change the topic!

I learned something, so it is all good, for me. Others might lack.

You, however, didn't mention any specific "different category", and that
mention would open up new channels of discovery for some of us who don't
know what you might be suggesting in the term "category".

Could you please be specific about the category you have in mind that is
'different'?

Anyway, if I were desiring to find out your keystrokes, wouldn't I sniff
your content as it streamed wifi? Then, I could capture all output from
your Mac. So, after all the other work, you then need to fully encrypt
all content before it goes wifi, plus encrypt that broadcast WEP, I
would think. Of course, the double encryption would be because wifi WEP
is so weak, unless the key is changed every hour.

> WEP is vulnerable because of relatively short IVs and keys that remain static.
> The issues with WEP don't really have much to do with the RC4 encryption algorithm.
> With only 24 bits, WEP eventually uses the same IV for different data packets.
> For a large busy network, this reoccurrence of IVs can happen within an hour or so.
> This results in the transmission of frames having keystreams that are too similar.
> If a hacker collects enough frames based on the same IV, the individual can determine
> the shared values among them, i.e., the keystream or the shared secret key. This of
> course leads to the hacker decrypting any of the 802.11 frames.
> http://www.wi-fiplanet.com/tutorials...le.php/1368661

But, what do I know, I was only a certified Cryptographic maintenance
technician for 20+ YEARS for Uncle Sam.

Running 3 Mac systems, and three PC 'Nix systems, one of each on a wifi
net. So, this is of more than passing interest, to me.

On Wed, 5 Sep 2007 05:40:47 -0500, Guy wrote
(in article <46de87c5$0$16521$4c368faf@roadrunner.com>):

> Sam the Man wrote:
>> In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
>> <guessagain@noway.com> wrote:
>>
>>
>>> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets
>>> you
>>> block certain data from being sent out. Virus barrier also checks for
>>> windows virus's. Useful if you forward emails from Windows users. I have
>>> found a couple of virus's in friends e-mails that way.
>>>
>>> Although it is interesting that they don't mention Keyloggers in any way.
>>>
>>> Hud
>>
>>
>> Thanks, Hud. My concern, however, was in a different category.
> You leave me a bit confused. The initial request was :
>
>> I'm concerned that someone might install (or might already have
>> installed!) keystroke logging software or hardware on my powerbook.
>>
>
> and this above answer addresses your concerns precisely.
>
> Now, you change the topic!
>
> I learned something, so it is all good, for me. Others might lack.
>
> You, however, didn't mention any specific "different category", and that
> mention would open up new channels of discovery for some of us who don't
> know what you might be suggesting in the term "category".
>
> Could you please be specific about the category you have in mind that is
> 'different'?
>
> Anyway, if I were desiring to find out your keystrokes, wouldn't I sniff
> your content as it streamed wifi? Then, I could capture all output from
> your Mac. So, after all the other work, you then need to fully encrypt
> all content before it goes wifi, plus encrypt that broadcast WEP, I
> would think. Of course, the double encryption would be because wifi WEP
> is so weak, unless the key is changed every hour.
>
>> WEP is vulnerable because of relatively short IVs and keys that remain
>> static.
>> The issues with WEP don't really have much to do with the RC4 encryption
>> algorithm.
>> With only 24 bits, WEP eventually uses the same IV for different data
>> packets.
>> For a large busy network, this reoccurrence of IVs can happen within an
>> hour or so.
>> This results in the transmission of frames having keystreams that are too
>> similar.
>> If a hacker collects enough frames based on the same IV, the individual can
>> determine
>> the shared values among them, i.e., the keystream or the shared secret key.
>> This of
>> course leads to the hacker decrypting any of the 802.11 frames.
>> http://www.wi-fiplanet.com/tutorials...le.php/1368661
>
> But, what do I know, I was only a certified Cryptographic maintenance
> technician for 20+ YEARS for Uncle Sam.
>
> Running 3 Mac systems, and three PC 'Nix systems, one of each on a wifi
> net. So, this is of more than passing interest, to me.

Just a link for a related issue.

http://www.theregister.co.uk/2007/09...web_vulnerabit
y/

And people wonder why I don't do online banking.
Hud

On Wed, 5 Sep 2007 05:40:47 -0500, Guy wrote
(in article <46de87c5$0$16521$4c368faf@roadrunner.com>):

> Sam the Man wrote:
>> In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
>> <guessagain@noway.com> wrote:
>>
>>
>>> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets
>>> you
>>> block certain data from being sent out. Virus barrier also checks for
>>> windows virus's. Useful if you forward emails from Windows users. I have
>>> found a couple of virus's in friends e-mails that way.
>>>
>>> Although it is interesting that they don't mention Keyloggers in any way.
>>>
>>> Hud
>>
>>
>> Thanks, Hud. My concern, however, was in a different category.
> You leave me a bit confused. The initial request was :
>
>> I'm concerned that someone might install (or might already have
>> installed!) keystroke logging software or hardware on my powerbook.
>>
>
> and this above answer addresses your concerns precisely.
>
> Now, you change the topic!
>
> I learned something, so it is all good, for me. Others might lack.
>
> You, however, didn't mention any specific "different category", and that
> mention would open up new channels of discovery for some of us who don't
> know what you might be suggesting in the term "category".
>
> Could you please be specific about the category you have in mind that is
> 'different'?
>
> Anyway, if I were desiring to find out your keystrokes, wouldn't I sniff
> your content as it streamed wifi? Then, I could capture all output from
> your Mac. So, after all the other work, you then need to fully encrypt
> all content before it goes wifi, plus encrypt that broadcast WEP, I
> would think. Of course, the double encryption would be because wifi WEP
> is so weak, unless the key is changed every hour.
>
>> WEP is vulnerable because of relatively short IVs and keys that remain
>> static.
>> The issues with WEP don't really have much to do with the RC4 encryption
>> algorithm.
>> With only 24 bits, WEP eventually uses the same IV for different data
>> packets.
>> For a large busy network, this reoccurrence of IVs can happen within an
>> hour or so.
>> This results in the transmission of frames having keystreams that are too
>> similar.
>> If a hacker collects enough frames based on the same IV, the individual can
>> determine
>> the shared values among them, i.e., the keystream or the shared secret key.
>> This of
>> course leads to the hacker decrypting any of the 802.11 frames.
>> http://www.wi-fiplanet.com/tutorials...le.php/1368661
>
> But, what do I know, I was only a certified Cryptographic maintenance
> technician for 20+ YEARS for Uncle Sam.
>
> Running 3 Mac systems, and three PC 'Nix systems, one of each on a wifi
> net. So, this is of more than passing interest, to me.

Just a link for a related issue.

http://www.theregister.co.uk/2007/09...web_vulnerabit
y/

And people wonder why I don't do online banking.
Hud

On Wed, 5 Sep 2007 05:40:47 -0500, Guy wrote
(in article <46de87c5$0$16521$4c368faf@roadrunner.com>):

> Sam the Man wrote:
>> In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
>> <guessagain@noway.com> wrote:
>>
>>
>>> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets
>>> you
>>> block certain data from being sent out. Virus barrier also checks for
>>> windows virus's. Useful if you forward emails from Windows users. I have
>>> found a couple of virus's in friends e-mails that way.
>>>
>>> Although it is interesting that they don't mention Keyloggers in any way.
>>>
>>> Hud
>>
>>
>> Thanks, Hud. My concern, however, was in a different category.
> You leave me a bit confused. The initial request was :
>
>> I'm concerned that someone might install (or might already have
>> installed!) keystroke logging software or hardware on my powerbook.
>>
>
> and this above answer addresses your concerns precisely.
>
> Now, you change the topic!
>
> I learned something, so it is all good, for me. Others might lack.
>
> You, however, didn't mention any specific "different category", and that
> mention would open up new channels of discovery for some of us who don't
> know what you might be suggesting in the term "category".
>
> Could you please be specific about the category you have in mind that is
> 'different'?
>
> Anyway, if I were desiring to find out your keystrokes, wouldn't I sniff
> your content as it streamed wifi? Then, I could capture all output from
> your Mac. So, after all the other work, you then need to fully encrypt
> all content before it goes wifi, plus encrypt that broadcast WEP, I
> would think. Of course, the double encryption would be because wifi WEP
> is so weak, unless the key is changed every hour.
>
>> WEP is vulnerable because of relatively short IVs and keys that remain
>> static.
>> The issues with WEP don't really have much to do with the RC4 encryption
>> algorithm.
>> With only 24 bits, WEP eventually uses the same IV for different data
>> packets.
>> For a large busy network, this reoccurrence of IVs can happen within an
>> hour or so.
>> This results in the transmission of frames having keystreams that are too
>> similar.
>> If a hacker collects enough frames based on the same IV, the individual can
>> determine
>> the shared values among them, i.e., the keystream or the shared secret key.
>> This of
>> course leads to the hacker decrypting any of the 802.11 frames.
>> http://www.wi-fiplanet.com/tutorials...le.php/1368661
>
> But, what do I know, I was only a certified Cryptographic maintenance
> technician for 20+ YEARS for Uncle Sam.
>
> Running 3 Mac systems, and three PC 'Nix systems, one of each on a wifi
> net. So, this is of more than passing interest, to me.

Just a link for a related issue.

http://www.theregister.co.uk/2007/09...web_vulnerabit
y/

And people wonder why I don't do online banking.
Hud

On Wed, 5 Sep 2007 05:40:47 -0500, Guy wrote
(in article <46de87c5$0$16521$4c368faf@roadrunner.com>):

> Sam the Man wrote:
>> In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
>> <guessagain@noway.com> wrote:
>>
>>
>>> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets
>>> you
>>> block certain data from being sent out. Virus barrier also checks for
>>> windows virus's. Useful if you forward emails from Windows users. I have
>>> found a couple of virus's in friends e-mails that way.
>>>
>>> Although it is interesting that they don't mention Keyloggers in any way.
>>>
>>> Hud
>>
>>
>> Thanks, Hud. My concern, however, was in a different category.
> You leave me a bit confused. The initial request was :
>
>> I'm concerned that someone might install (or might already have
>> installed!) keystroke logging software or hardware on my powerbook.
>>
>
> and this above answer addresses your concerns precisely.
>
> Now, you change the topic!
>
> I learned something, so it is all good, for me. Others might lack.
>
> You, however, didn't mention any specific "different category", and that
> mention would open up new channels of discovery for some of us who don't
> know what you might be suggesting in the term "category".
>
> Could you please be specific about the category you have in mind that is
> 'different'?
>
> Anyway, if I were desiring to find out your keystrokes, wouldn't I sniff
> your content as it streamed wifi? Then, I could capture all output from
> your Mac. So, after all the other work, you then need to fully encrypt
> all content before it goes wifi, plus encrypt that broadcast WEP, I
> would think. Of course, the double encryption would be because wifi WEP
> is so weak, unless the key is changed every hour.
>
>> WEP is vulnerable because of relatively short IVs and keys that remain
>> static.
>> The issues with WEP don't really have much to do with the RC4 encryption
>> algorithm.
>> With only 24 bits, WEP eventually uses the same IV for different data
>> packets.
>> For a large busy network, this reoccurrence of IVs can happen within an
>> hour or so.
>> This results in the transmission of frames having keystreams that are too
>> similar.
>> If a hacker collects enough frames based on the same IV, the individual can
>> determine
>> the shared values among them, i.e., the keystream or the shared secret key.
>> This of
>> course leads to the hacker decrypting any of the 802.11 frames.
>> http://www.wi-fiplanet.com/tutorials...le.php/1368661
>
> But, what do I know, I was only a certified Cryptographic maintenance
> technician for 20+ YEARS for Uncle Sam.
>
> Running 3 Mac systems, and three PC 'Nix systems, one of each on a wifi
> net. So, this is of more than passing interest, to me.

Just a link for a related issue.

http://www.theregister.co.uk/2007/09...web_vulnerabit
y/

And people wonder why I don't do online banking.
Hud

On Wed, 5 Sep 2007 05:40:47 -0500, Guy wrote
(in article <46de87c5$0$16521$4c368faf@roadrunner.com>):

> Sam the Man wrote:
>> In article <aqydnT7OeLHx5c_bnZ2dnUVZ_jadnZ2d@texas.net>, the shadow
>> <guessagain@noway.com> wrote:
>>
>>
>>> I would suggest picking up Netbarrier and Virusbarrier. Netbarrier lets
>>> you
>>> block certain data from being sent out. Virus barrier also checks for
>>> windows virus's. Useful if you forward emails from Windows users. I have
>>> found a couple of virus's in friends e-mails that way.
>>>
>>> Although it is interesting that they don't mention Keyloggers in any way.
>>>
>>> Hud
>>
>>
>> Thanks, Hud. My concern, however, was in a different category.
> You leave me a bit confused. The initial request was :
>
>> I'm concerned that someone might install (or might already have
>> installed!) keystroke logging software or hardware on my powerbook.
>>
>
> and this above answer addresses your concerns precisely.
>
> Now, you change the topic!
>
> I learned something, so it is all good, for me. Others might lack.
>
> You, however, didn't mention any specific "different category", and that
> mention would open up new channels of discovery for some of us who don't
> know what you might be suggesting in the term "category".
>
> Could you please be specific about the category you have in mind that is
> 'different'?
>
> Anyway, if I were desiring to find out your keystrokes, wouldn't I sniff
> your content as it streamed wifi? Then, I could capture all output from
> your Mac. So, after all the other work, you then need to fully encrypt
> all content before it goes wifi, plus encrypt that broadcast WEP, I
> would think. Of course, the double encryption would be because wifi WEP
> is so weak, unless the key is changed every hour.
>
>> WEP is vulnerable because of relatively short IVs and keys that remain
>> static.
>> The issues with WEP don't really have much to do with the RC4 encryption
>> algorithm.
>> With only 24 bits, WEP eventually uses the same IV for different data
>> packets.
>> For a large busy network, this reoccurrence of IVs can happen within an
>> hour or so.
>> This results in the transmission of frames having keystreams that are too
>> similar.
>> If a hacker collects enough frames based on the same IV, the individual can
>> determine
>> the shared values among them, i.e., the keystream or the shared secret key.
>> This of
>> course leads to the hacker decrypting any of the 802.11 frames.
>> http://www.wi-fiplanet.com/tutorials...le.php/1368661
>
> But, what do I know, I was only a certified Cryptographic maintenance
> technician for 20+ YEARS for Uncle Sam.
>
> Running 3 Mac systems, and three PC 'Nix systems, one of each on a wifi
> net. So, this is of more than passing interest, to me.

Just a link for a related issue.

http://www.theregister.co.uk/2007/09...web_vulnerabit
y/

And people wonder why I don't do online banking.
Hud