On Sun, Jul 02, 2006 at 02:56:03PM -0400, Nick Guenther wrote:
> On 7/2/06, Chris Kuethe <[EMAIL PROTECTED]> wrote:
> >Bear in mind that if you're serious about keeping plaintext away from
> >people who you don't want to see it, this could get quite tricky.
> >
> >
> >And that's not even taking into account that the thief might just put
> >trojan horses all over your laptop before letting you have it back.
> >Think of how often you hear of windows machines being turned into
> >spambots with keyloggers. Just because it seems to be mostly windows
> >machines doesn't mean it can't happen. *NIX makes it easy for even a
> >moderately competent programmer to write a trivial keylogger.
>
> This is a good thread!
>
> I have some questions though:
> How can you make a keylogger on UNIX? I thought that UNIX segmented
> it's memory spaces, unlike Windows which has the problem of a "global
> key trampoline" (I'm sorry, I read this somewhere once and do not
> remember exactly what it was called). I suppose if you replaced the
> kernel than you could do this but I don't think that's what was meant.
UNIX offers some very nice things, including ptys, ttys, and pipes. ptys
were made for the explicit purpose of allowing programs to send and
receive stuff to a tty-like interface, but with a program on the other
end (instead of a terminal).
You are right that reading keystrokes out of kernel memory is not
trivial, and impossible without superuser priviliges, but if you already
are the user whose keystrokes you want to snoop, it's not very
difficult.
> How do you choose between svnd and vnd devices? I'm guessing the type
> of the device is determined by whether you do `vnconfig svnd...` or
> `vnconfig vnd` but the manpage doesn't explicitly say this.
That's correct, you will want to name a complete device, though - so
vnconfig svnd0 (...).
Joachim
