Key-Logging Attack

See also: Security | Exploit | Cryptography/Attacks | TEMPEST

Like tapping your phone but on your computer, a type of attack upon computer security where malicious code is used to eavesdrop at the point of entry. This is more effective than waiting until after something has been encrypted. Key-loggers capture user-input such as typed-in passwords, e-mail messages, or otherwise. Keyboards also create relatively a lot of radiation which makes the possibility of a Tempest attack possible.

Key-Logging may also be used on one’s own computer as forensic evidence or to watch others’ activities on your system.

Other Internet Monitoring tools (Tucows)

Defence

Prevent software key-loggers (by far the most common):

Will prevent all key-logging attacks:

  • Practice security through obscurity. No one wants to monitor key logs of a person who’s work isn’t valuable.
  • When using PGP, keep your private key elsewhere or on disk or to install anti-key-logging software.
  • For the very paranoid, use a laptop and travel often, keeping your laptop in your posession at all times and connecting to the Internet from different locations.
  • Use TinFoil Hat Linux

Related

TakeDown.NET -> “Key-Logging-Attack