2010/4/13 Milan Broz <mbroz@xxxxxxxxxx>: > On 04/13/2010 09:38 PM, Heinz Diehl wrote: >> On 13.04.2010, Arno Wagner wrote: >> >>> If he has a hardware Keylogger on his system, somebody >>> did physically manipulate his machine and all bets >>> are off anyways. >> >> Of course. >> >> So this boils down to the fact that a software keyboard is useless :-) >> If somebody had physical access to the machine, there will be no >> way to detect any backdoors, and if somebody had been able to install a >> software keylogger, this person has already gained root access to the machine >> and could simply have read the master key from memory or whatever, you >> name it. > > I just remember schoolbook example with "software keyboard" where > such keyboard was used to enter PIN using mouse. > > Instead of sending the key scan code back to hidden logger program, > it simply send rectangular areas on screen (screenshot) centered to > mouse clicks... > So attacker can easily read pin code from these few-bytes small pictures > of visual keyboard:-) 1) a hardware keylogger costs about $100,-, can be ordered on many places, and requires no technical expertise whatsoever. A hardware keylogger is 100X easier than software modifications, or a hardware-mouse-sniffer (I've never seen them) 2) we have protected ourselves from software modifications already (boot from USB). So a hardware keylogger is our biggest threat. 3) most virtual keyboards I have seen are randomly positioned on the screen, so you really need a well-positioned camera to capture the password (which, again, is much more complex than a hardware keylogger, requires a lot of technical expertise). Olivier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
