[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ideal secure personal computer system



>Bill Frantz ([email protected]) said something about RE: ideal secure personal computer system on or about 11/17/96 5:37 PM

>(Note that even if it only runs with a user's privileges, a Trojan horse
>will have no problem stealing e.g. that user's PGP secret key ring.  Not
>everything of value is in system files.  

True enough.

>Question, can a user-level Trojan
>horse insert itself as a keyboard monitor and get the PGP pass phrase as
>well?)

In the September 95 issue of NT Developer Richard Wright describes an NT Key Log Service (started as a challenge after his wife threatened to password protect the familiy accounting software <g>). Source code for such a trojan is provided.

Note that the Login screen is *never* hooked.

There must be a way to walk the chain of system hooks. I'll let you know when I find it as that would be the key to writing a detector.


--j
-----------------------------------
| John Fricker ([email protected])
| -random notes-
| My PGP public key is available by sending mail with subject "send pgp key".
| www.Program.com is a good programmer web site.
-----------------------------------