[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling)



-----BEGIN PGP SIGNED MESSAGE-----

(sorry, no discussion of FV or pleasant coffee aromas in this message)

Tim Philp writes:
> I have been wondering about the possibility of using a JAVA applet to do 
> keyboard sniffing. As I am not familiar with this language, does anyone 
> know if this would be possible?

If you are running a broken or Trojan interpreter or class loader, then 
you're probably sunk regardless, because it can execute whatever deleterious 
code it wishes. 
(I say "probably" because I suppose you might have some separate watchdog 
program monitoring the actions of the interpreter. But ultimately that's just
part of an infinite regress: the watchdog could also be compromised, etc. ad
infinitum.)

The I/O class libraries don't offer calls anywhere near as deep as the
hardware keyboard interrupts. About all you can do is read a byte or a line
of input, as in any common programming language, but that's different than
surreptitiously reading bits when they are read as input by some other 
program. I don't see how you could build a keyboard sniffer in Java unless 
you could somehow trick the interpreter into feeding an input stream to an
additional process. 

Much more likely, IMHO, than a Java sniffer is a Java Trojan horse that pops 
up an innocuous dialog box and asks you to enter some sensitive piece of
information, then sends it off somewhere. About all it takes to write that is
a modicum of skill in user interface design. You could write it in any 
programming language, but in Java it may be particularly effective, since 
people may come to expect to be prompted for sensitive info over the net by 
Java apps. Maybe the Java folks who just left Sun decided to seize the
opportunity ;>

Futplex <[email protected]>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMQ2afinaAKQPVHDZAQFfkAf/SKDoP6D8BvbBPBScMTS5t51k6n4uI9KJ
AcmIFxheQzpWcJd0qh1Vo2OClHmgWWUbekWsNcC9vfWPMqcQTju+DFc+/ncbg7PQ
F4dTgRm2pIVs70lsTd8hFaAauAagqmuEzyhYXv3XGT/gdMuSOJ/z84cp/yK0VpdQ
N0UpsONTjarx9DIvun14x8UU77SqXgvOz0F/n309TiLkVYSNBsUzk7ub6hdk4Q1a
ay/8rP6m7ZqpFTWXKGmPjUne7gfX0VmJPcePB5d9hr585e/0oCgCWHg40kfUJnOs
MRrj7ot86yGEVEdR3ykmEo5XoFD1WxuvXpdDq5EwR3QvtNyTfMh/Ew==
=1j5R
-----END PGP SIGNATURE-----