How would I know if someone installed key logger or some other kind
of recording program on a PC I might use? Sometimes I use a public
computer and I just want to feel secure while working or chatting or
doing any private things.
I hate to burst your bubble, but you can’t.
Things are bad enough on your own computer, where you have some
semblance of control, but when you use someone else’s computer –
especially a public computer – all bets are off.
]]>
The only way to really, truly know that a computer is exactly what you think it is, and nothing more, is to control that computer completely.
As we’ve seen with spyware and other forms of malware, even when the computer is our own, that’s not always possible to achieve. Each time you open an attachment, or even install a program or operating system, you’re placing some amount of trust in whomever provided that software. In a sense, you’ve giving up a little bit of your control.
The same actually applies to hardware, though it’s less vulnerable in general, since physical access would be required to do something to it that you didn’t authorize.
When you consider public computers, as I said, all bets are off for both software and hardware. You have no control, and in fact no idea what has, or has not been installed on that computer. It might very well have keyloggers installed recording every keystroke and mouse movement you make, along with corresponding screenshots to fully detail exactly what you’ve been doing.
When we think of keyloggers we instantly think of spyware, but that needn’t be the case. It’s also quite possible that monitoring software has been installed on purpose by the computer’s owner. They might do a great job of keeping the computer malware free – and yet install parental control or other monitoring software to keep track of how the computer is being used.
I heard a recommendation the other day that you perhaps have and use a Linux Live CD and boot the system (if you can) from that CD instead of running whatever is installed. The premise is that this then replaces all the software you don’t know with software that you control; the software on the live CD.
The problem with this is that it’s not always just about the software. There are, in fact, hardware keyloggers out there. Installed somewhere perhaps in the keyboard plug, or even inside the computer itself, these devices are software independent, and can still capture the keystrokes you type. They might be installed maliciously, or once again, by the computer’s owner.
If it’s not your computer, you just don’t know.
Now, I don’t want to come out sounding all paranoid, because honestly I’m not. Most public computers are probably just fine, as far as they go. Depending on how they’ve been set up and maintained it’s quite possible that they’re perfectly safe to use for certain types of activity. I definitely wouldn’t go checking my bank accounts on a public computer, but I’d feel fairly safe benignly surfing the web or maybe accessing one of my throw-away free email accounts.
The bottom line problem is simply that you don’t know what’s on someone else’s computer. And there’s no way to know. Not for certain.
Spot on article. You cannot trust anything over which you don’t have total control. Even then you need to continuously verify control exists, continues to exist, and has not been compromised. These are difficult tasks for even secure computing environments; they are impossible for computers exposed to the public in any way. So be very, very careful out there. The technology exists to record everything. The limiting factor (so far) has been the inability to review and act on everything that has already been recorded. But we’re getting there. Uh, someone (probably) is.
I would recommend ALL who might be worried about their machine(s} and/or other machines ….. and much else also to read ‘Little Brother’ by Cory Doctorow – I bought it – I am no relation or friend of the author and I found it magic. It IS fiction but it is a brilliant comment on privacy and social reform as well as useful computer history to know.
Leo – if you decide not to get this posted – ok .. but a recommend for this book (and if you have not read it yet please do) might be useful to your readers?
Good article. All the anti-whatever apps, firewalls, etc., just can’t catch everything all the time. Get apps up-to-date especially AV, AS, firewalls, etc. I have installed on my computer the application KeyScrambler Pro. It supposedly scrambles all your keystrokes so that if there is a “keylogger” on your machine all the keylogger will get is a bunch of random garbage. Take care and computer safely!
17-Dec-2008
Can it be helpful if you never enter a password on any site, Instead just keep a record of them in a word document and copy and paste the password so it will not register on a keylogger.
18-Dec-2008
I assume the above holds true probably even more so for corporate or workplace computer workstations.
28-Dec-2008
is there anyway to find out if someone has a keystroke program on my computer an if so anyway to track the ip address its going to
08-Nov-2010