Thread: Gregg's Nearly Interminable Adventures in Linux Land
View Single Post
Old 11-07-2017, 12:51 PM   #770
Gregg Bell
Gregg Bell
Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.Gregg Bell ought to be getting tired of karma fortunes by now.
 
Gregg Bell's Avatar
 
Posts: 2,266
Karma: 3917598
Join Date: Jan 2013
Location: Itasca, Illinois
Device: Kindle Touch 7, Sony PRS300, Fire HD8 Tablet
Quote:
Originally Posted by kacir View Post
Yes. That sniffing can be hardware or software.
Software keyboard logger is a small program (virus) on your PC that reads keyboard input and sends it somewhere. So everything you type is sent to a hacker and he can use this to look for passwords. The thing is, there is magnitude higher probability that you might have such a keyboard logger in a Windows installation than Linux installation. Linux has its share of problems with vulnerabilities, most of them are applicable to servers, not desktop computers, such as yours. Even then, keyboard loggers are relatively rare even on Windows.
I would be afraid of a hardware keylogger if I was a teacher using a computer in a lab accesible by students or a high profile criminal / hacker / silk-road operator that is of interest to NSA, FBI, CIA, MOSAD, ... . In the first case it would be a device plugged into a computer between a keyboard and an USB slot, or perhaps installed inside a modified keyboard, in the later case it would be a small bug under the table sensing signals along the cable, or perhaps reading Bluetooth traffic and transmitting data to a nearby unmarked surveillance van.
Yes, safer. But this eliminates only one [of many] vectors of attack. If you are really concerned about entering passwords, just switch to one of many on-screen keyboards for entering passwords. This is what some highly secure systems, or *very* paranoid users do. Secure on-screen keyboards for entering passwords also swap position of keys, so that you can't log mouse movements, and use only Red Green and Blue color to display keys and key labels (so it would be more difficult to sniff signals from a VGA cable leading to your monitor. But I wouldn't worry about such details, unless I were responsible for communications safety for an USA embassy in Moscow ;-)
Thanks a lot, kacir, for the explanation. I'm really just a small fry so I'm sure I don't need NSA level protection. Your explanation gave me a sense of what's reasonable. (I need to accept the fact that there's always going to be some level of risk.)
Gregg Bell is offline   Reply With Quote