{"id":771,"date":"2012-03-21T08:51:17","date_gmt":"2012-03-21T13:51:17","guid":{"rendered":"http:\/\/hammerheadcombatsystems.org\/?p=771"},"modified":"2012-03-21T08:51:17","modified_gmt":"2012-03-21T13:51:17","slug":"at-loggerheads","status":"publish","type":"post","link":"https:\/\/thetacticalhermit.com\/index.php\/2012\/03\/21\/at-loggerheads\/","title":{"rendered":"&#8220;At Loggerheads&#8221;"},"content":{"rendered":"<p style=\"text-align:center;\"><strong>BY HCS Technical Staff<\/strong><\/p>\n<blockquote>\n<p style=\"text-align:center;\"><span style=\"color:#ff0000;\"><strong>Disclaimer: HCS and any affiliated persons are not responsible for anything that may result from the use or misuse of the information below. <\/strong><\/span><\/p>\n<p style=\"text-align:center;\"><span style=\"color:#ff0000;\"><strong>The unauthorized interception of anyone&#8217;s communications without their consent or the appropriate legal authority is a serious crime in most jurisdictions. This information is for academic study and lawful self-protective use only. <\/strong><\/span><\/p>\n<p style=\"text-align:center;\"><span style=\"color:#ff0000;\"><strong>Seriously, don&#8217;t snoop on people. It is just not cool. <\/strong><\/span><\/p>\n<\/blockquote>\n<p>Today we are going to continue our series of &#8220;Civilian ECM&#8221; articles by discussing the threat of key loggers.<\/p>\n<p><!--more--><\/p>\n<p><strong>&#8220;What is a key logger?&#8221;<\/strong><\/p>\n<p>Key loggers are devices or programs designed to record every keystroke that you make onto a computer keyboard to allow for continuous monitoring of computer usage.<\/p>\n<p>They are often known as keystroke recorders or just keyloggers.<\/p>\n<p><strong>&#8220;Why do people use them?&#8221;<\/strong><\/p>\n<p>Key loggers are deployed for a number of reasons. The primary goal of a key logger deployment is to capture sensitive information such as a computer user&#8217;s account name and password (usually their e-mail) as well as any activity they perform on a particular computer.<\/p>\n<p>The most common scenarios are:<\/p>\n<ul>\n<li>The &#8220;Jealous Lover&#8221; Scenario<\/li>\n<li>A Private Investigator in a divorce case<\/li>\n<li>Concerned and Watchful Parents<\/li>\n<li>Cybercrime<\/li>\n<li>Police Investigations<\/li>\n<li>Intelligence Operations<\/li>\n<\/ul>\n<p><strong>Software Key loggers and Countermeasures<\/strong><\/p>\n<p>These require the least technical sophistication to deploy (and keep active) effectively.<\/p>\n<p>Software key loggers offer the user a wide-variety of data to capture such as screen shots and programs accessed as well as the keystroke data. Be mindful that most anti-virus and anti-malware programs are often not configured to detect commercial key loggers so you will have to familiarize yourself with the names of the .exe files associated with such programs.<\/p>\n<p>You can also <a title=\"Using a LiveCD Operating System\" href=\"http:\/\/hammerheadcombatsystems.org\/2012\/02\/27\/using-a-live-cd-operating-system\/\">use a LiveCD operating system<\/a> if you believe key logging software has been installed on your computer.<\/p>\n<p>Unfortunately LiveCDs may not protect against the next threat&#8230;<\/p>\n<p><strong>Hardware Keyloggers<\/strong><\/p>\n<p>Some of these are almost Wile E. Coyote silly if you know what to look for.<\/p>\n<figure id=\"attachment_783\" aria-describedby=\"caption-attachment-783\" style=\"width: 150px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/hcsblogdotorg.files.wordpress.com\/2012\/03\/keylogger_ps21.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"size-thumbnail wp-image-783\" title=\"keylogger_ps2\" src=\"http:\/\/hcsblogdotorg.files.wordpress.com\/2012\/03\/keylogger_ps21.jpg?w=150\" alt=\"\" width=\"150\" height=\"131\" \/><\/a><figcaption id=\"caption-attachment-783\" class=\"wp-caption-text\">Obvious Key Logger on a PS\/2 keyboard cable.<\/figcaption><\/figure>\n<p>As a rule of thumb,\u00a0 the easier the hardware logger is to install, the easier it is to detect and disable.<\/p>\n<figure id=\"attachment_781\" aria-describedby=\"caption-attachment-781\" style=\"width: 150px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" loading=\"lazy\" class=\"size-thumbnail wp-image-781 \" title=\"wifi_hardware_keylogger_06\" src=\"http:\/\/hcsblogdotorg.files.wordpress.com\/2012\/03\/wifi_hardware_keylogger_06.jpg?w=150\" alt=\"\" width=\"150\" height=\"114\" \/><figcaption id=\"caption-attachment-781\" class=\"wp-caption-text\">Relatively Obvious WiFi Hardware Key Logger<\/figcaption><\/figure>\n<p>Keep in mind that the very obvious hardware key loggers pictured above that connect to the USB port or the nearing obsolescence PS\/2 cable(the purple and green headed cables) could just be a <a title=\"TV Tropes: Red Herring\" href=\"http:\/\/tvtropes.org\/pmwiki\/pmwiki.php\/Main\/RedHerring\" target=\"_blank\" rel=\"noopener\">&#8220;red herring&#8221;<\/a> meant to distract you from something more insidious like a key logger installed inside of a keyboard, laptop, or desktop machine as pictured below.<\/p>\n<figure id=\"attachment_787\" aria-describedby=\"caption-attachment-787\" style=\"width: 235px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" loading=\"lazy\" class=\"size-full wp-image-787\" title=\"module_hardware_keylogger_01\" src=\"http:\/\/hcsblogdotorg.files.wordpress.com\/2012\/03\/module_hardware_keylogger_011.jpg\" alt=\"\" width=\"235\" height=\"114\" \/><figcaption id=\"caption-attachment-787\" class=\"wp-caption-text\">A Very Dangerous and Difficult to Detect Key Logger<\/figcaption><\/figure>\n<p>The key logger pictured above is an example of a key logger installed inside of a keyboard or laptop keyboard controller.<\/p>\n<figure id=\"attachment_807\" aria-describedby=\"caption-attachment-807\" style=\"width: 150px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" loading=\"lazy\" class=\"size-thumbnail wp-image-807\" title=\"images\" src=\"http:\/\/hcsblogdotorg.files.wordpress.com\/2012\/03\/images.jpeg?w=150\" alt=\"\" width=\"150\" height=\"65\" \/><figcaption id=\"caption-attachment-807\" class=\"wp-caption-text\">KeyGrabber Installation Diagram<\/figcaption><\/figure>\n<p>Some of the more advanced models can transmit keystroke data over wireless signals stronger than WiFi so don&#8217;t count on the less sophisticated models that require access to the machine to be deployed.<\/p>\n<p><strong>So What Can I do to protect myself?<\/strong><\/p>\n<p>Take a hint from Kathy Bates&#8217; masterfully frightening performance in the &#8220;ceramic penguin&#8221; scene in the film <em>Misery<\/em>.<\/p>\n<p style=\"text-align:center;\">[youtube=http:\/\/www.youtube.com\/watch?v=E55ni_xc4ww]<\/p>\n<p>If something seems out of place, it is out of place!<\/p>\n<p><strong>Countermeasures to Hardware Key Loggers<\/strong><\/p>\n<ul>\n<li>Check your keyboard cables and where they connect into the computer!<\/li>\n<li>Check for anything attached to the video monitor cables<\/li>\n<\/ul>\n<ul>\n<li>Check on and around your keyboard for:\n<ul>\n<li>Any tool marks<\/li>\n<li>Glue residue<\/li>\n<li>Small red, yellow, or gray bits of plastic<\/li>\n<li>Loose screws<\/li>\n<li>Stripped screws<\/li>\n<li>Rattling noises inside the keyboard<\/li>\n<li>Unexplained dust that looks like plastic shavings<\/li>\n<li>Broken hard pieces of plastic<\/li>\n<li>The halves of the keyboard seem to fit incorrectly<\/li>\n<\/ul>\n<\/li>\n<li>Get a ceramic penguin.<\/li>\n<li>Use a rubber or &#8220;floppy&#8221; keyboard.\n<ul>\n<li>Since these are seamless, they are much harder to &#8220;tap&#8221;.<\/li>\n<li>These are also more resistant to acoustic microphones meant to record the unique sounds that each keyboard key makes.<\/li>\n<\/ul>\n<\/li>\n<li>Setup video monitoring of your computer desk.<\/li>\n<li>Tape offbeat colored tape around the &#8220;seams&#8221; of the keyboard and over the screw holes of the keyboard.\n<ul style=\"text-align:left;\">\n<li>Use multiple colors and different size strands and put them in a pattern that you will remember but an outside observer may not make sense of.<\/li>\n<\/ul>\n<\/li>\n<li>Turn off anywireless devices in your area and then use a portable wifi signal detector around your computer to see if there are any signals coming out.<\/li>\n<\/ul>\n<p>This article is by no means meant to be exhaustive and as always I encourage the reader to do their own research and make their own conclusions.<\/p>\n<p><strong>References<\/strong><\/p>\n<address><a href=\"http:\/\/www.uspystore.com\/white-noise-generators.html\">http:\/\/www.uspystore.com\/white-noise-generators.html <\/a><\/address>\n<address><a href=\"http:\/\/www.keycobra.com\/usb-keylogger.html\">http:\/\/www.keycobra.com\/usb-keylogger.html<\/a><\/address>\n<address><a href=\"http:\/\/www.refog.com\/hardware-keylogger.html\">http:\/\/www.refog.com\/hardware-keylogger.html<\/a><\/address>\n<address><a href=\"http:\/\/www.wirelesskeylogger.com\/\">http:\/\/www.wirelesskeylogger.com\/<\/a><\/address>\n<address><a href=\"http:\/\/www.keydemon.com\/\">http:\/\/www.keydemon.com\/<\/a><\/address>\n","protected":false},"excerpt":{"rendered":"<p>BY HCS Technical Staff Disclaimer: HCS and any affiliated persons are not responsible for anything that may result from the use or misuse of the information below. The unauthorized interception of anyone&#8217;s communications without their consent or the appropriate legal authority is a serious crime in most jurisdictions. This information is for academic study and&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_newsletter_tier_id":0,"jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[65],"tags":[51,52,178,179,180,181,182,55,183,60,184,185,63,67],"jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/posts\/771"}],"collection":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/comments?post=771"}],"version-history":[{"count":0,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/posts\/771\/revisions"}],"wp:attachment":[{"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/media?parent=771"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/categories?post=771"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thetacticalhermit.com\/index.php\/wp-json\/wp\/v2\/tags?post=771"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}