On Sat, 20 Mar 2004 15:33:30 PST, Jim Richardson <warlock@xxxxxxxxxx> said: > >No need, the worm would steal the passphrase while it was running on > >your host. > I would be interested to see how it would accomplish that. Google on some combination of "FBI", "Magic Lantern", and "Scarfo". Most of the detailed stuff on the Scarfo case is available here: http://www.epic.org/crypto/scarfo.html Particularly interesting was one PDF of how the FBI crafted the Scarfi keystroke logger to make sure it only grabbed signatures and not keystrokes they weren't authorized to grab: http://www.epic.org/crypto/scarfo/murch_aff.pdf Of course, the FBI was trying very hard to Do The Right Thing in this case. Malware won't be as nice about it.
Attachment:
pgp00094.pgp
Description: PGP signature