Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: pgp passphrase
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Mar 2004 13:19:55 -0500

On Sat, 20 Mar 2004 15:33:30 PST, Jim Richardson <warlock () eskimo com>  said:

No need, the worm would steal the passphrase while it was running on
your host.

I would be interested to see how it would accomplish that.

Google on some combination of "FBI", "Magic Lantern", and "Scarfo".

Most of the detailed stuff on the Scarfo case is available here:


Particularly interesting was one PDF of how the FBI crafted the Scarfi
keystroke logger to make sure it only grabbed signatures and not keystrokes
they weren't authorized to grab:


Of course, the FBI was trying very hard to Do The Right Thing in this case.
Malware won't be as nice about it.

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]