RE: [Full-disclosure] Most common keystroke loggers?

["Jan Nielsen" <jan@xxxxxxxxxxxx>]

-----Original Message-----
From: boyakash@xxxxxxxxxxxxxxxxxxx [mailto:boyakash@xxxxxxxxxxxxxxxxxxx]
On Behalf Of Nick FitzGerald
Sent: 3. december 2005 00:22
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: RE: [Full-disclosure] Most common keystroke loggers?

Jan Nielsen to me to Jan:

> >Obviously, then, your book does not include the phrase "Halting 
> >Problem"...
> 
> Sorry, I don't follow you there, you mean that the scan would halt the
> system ? fair enough, I don't think any method of scanning a target is
> fool-proof, no matter how its done.

>Ahh, no...

>   http://en.wikipedia.org/wiki/Halting_problem


Good to know, i did not know that this dilemma had a name :-)


>It would be _nice_ to do that, but it is an equally fraught problem.  
>After all, even if you could entirely reliably programmatically 
>determine that the users's system was compromised, you cannot trust any

>response from the system, or that any message you try to send to them 
>to alert them to this will not be intercepted by some warez put on the 
>system as a result of the compromise...

Good point, I guess I am glad I am not trying to design this system.

> ... a
> textmessage/SMS might be wiser.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/