Situation:
A reporter in Baghdad must send a secure message to the home office. The only option is to use a local coffee/ internet cafe. When setting up a VPN connection (RSA key fob, or other) can the initial setup be monitored by keystroke monitoring software? (most likely: yes)
Now, the real question is ... once the VPN is created, can the keystroke monitoring software still intercept the author's individual keystrokes as they are being sent into the VPN connection, or are they immediately obscured/ encrypted/ etc and therefore private?
2007-04-03 09:47:15 · 8 answers · asked by uptightwiseguy 2 in Computers & Internet ➔ Security
Key logging can occur even within a VPN session. The logging captures the keyboard input without care for the VPN session. Now what might vary is what happens after the logging. During a VPN session, the key logging application won't be able to send the information out immediately as the VPN software will take over the network interface. If the key logging software buffers the keystrokes in a cache, they can be sent later after the VPN session ends or they could be retrieved by a process (remote copy or a remote request to upload the keystrokes) at a later time.
What you might want to try if the situation absolutely requires the use of a public terminal is the use of a point/click character set on a secured web page. By clicking the mouse on graphical representation of the letters (similar to a PDA) or even common words, you could partially circumvent the key logging software. Of course you wouldn't want to arrange the characters in a known format in case mouse clicks were also being monitored and someone could easily reverse process the sequence of clicks and ultimately figure out the words generated. It would take a significant amount or processing but it could be done.
2007-04-03 09:53:08 · answer #1 · answered by Jim Maryland 7 · 0⤊ 0⤋
You said Baghdad? So you are an Al Quaida Operative????
Why should we help here again???
You can do anything you want security wise and the NSA can break it down before the addressee finishes reading it! That is the truth and you can't alter it. Wireless encryption at a Cafe is either WEP or WPA and would already be broken before you connected because you are in A HOSTILE TERRITORY! Use your cell phone, please! That's real secure. There is no hiding comms inside IRAQ.
If a keystroke logger is on your computer, then it will record everything YOU do(kinda of a duh!) I mean that is what they were meant to do. It will then connection share without your noticing when you open a "familiar program" like IE, FireFox, or Email and transmit the stored data to a prearanged IP address. Credit Card numbers are a primary target and bank accts/pwd/pins are popular to sell.
Keystrokes can't be encrypted as they are just ASCII characters and the recorder program is resident on the infected computer totally bypassing anything to do with a VPN. It will just store your sensitive messages untill you go surf porn in IE and then send it all out while you see your own web activity. There are ways to tell when this is happening, but you have to have a bit more knowledge of computer hardware and Operating systems to find it.
Support our Troops hack a terrorist.
By the way VPN's really aren't all that secure anyway to a super computer. The encryption protocols were officially broken a couple years ago in China.
2007-04-03 17:07:31 · answer #2 · answered by Anonymous · 0⤊ 0⤋
Short answer, yes and yes. Keyloggers (hw & soft) intercept the traffic from keyboard to application, they just differ in the point of interception. There are ways of defeating them, and if you carry around software to set up a VPN, you have to room for software that will block a sw logger and is not detectable with a hw logger. I hope for him that he isn't so stupid to type a long report in a icafe.
2007-04-03 17:57:01 · answer #3 · answered by Chris W 2 · 0⤊ 0⤋
Yes, key logging software logs keystrokes regardless of other activity.
2007-04-03 16:50:01 · answer #4 · answered by Linux OS 7 · 1⤊ 0⤋
I highly recommend employing http://www.vpnpower.net to unblock web-sites. I am using their services for more than 4 years with no issues.
2014-04-19 23:02:32 · answer #5 · answered by Anonymous · 0⤊ 0⤋
My partner and i endorse using VPNPower to unblock websites. I have been using them since 4 years. http://www.vpnpower.net
2014-08-18 16:21:02 · answer #6 · answered by Anonymous · 0⤊ 0⤋
If you can't trust the system they're using, don't use it.
If you can't trust the connection, I'd avoid using it.
2007-04-03 16:56:00 · answer #7 · answered by Master J 4 · 0⤊ 0⤋
sure they can be lifted with ease
2007-04-03 16:50:29 · answer #8 · answered by Anonymous · 1⤊ 0⤋