From Slashdot, the New York Times and the what’s-olde-is-new-dept: The NY Times has a story… on a weapon now being wielded by bad guys (most likely in Eastern Europe, according to the Times): Trojan horse keyloggers that report back in real-time. Real-time keyloggers were first discovered in the wild last year, but the …Times article should bring new attention to the threat.
So now that the Bad Guys™ are hoovering up your validation credentials in real-time (not “real” real-time, but faster than before), they’ve managed to break one particular implementation of a Two-Factor Authentication scheme.
Not bad, but the real threat is quite a bit less esoteric: continuous reporting of keystrokes gives miscreants a larger window of time to operate in. The dangers presented by keystroke loggers could be largely mitigated by using some not-so-common sense: Keeping your computer clean and healthy and maybe even switching to a minority · operating system (while keeping your newly developed good habits) means that you’ve just eliminated a large majority of your security threats.
So you think getting people to “do the right thing” by their computers and data is impossible? It wasn’t too long ago that people weren’t washing their hands before eating or preparing food, nor were they covering their mouths when they sneezed.
Good computer hygiene practices can be learned. And understood.