From: Roger Bryner <bryner@atlas.chem.utah.edu>
Date: Fri, 1 Jul 94 17:14:59 PDT
Subject: Re: Beware of keystroke capture tools!
In-Reply-To: <199407012332.QAA08516@netcom7.netcom.com>
Message-ID: <Pine.3.89.9407011842.A28164-0100000@atlas.chem.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


WfOn Fri, 1 Jul 1994, Timothy C. May wrote:

> I want to remind folks of another _practical_ security weakness in
> using PGP or any other crypto program: keystroke capture utilities.
I would be intersted in technical details of these for several machenes.  
I am interested in going around them.  Code for these programs  would be 
appreciated.

One really good way is to display the alphabet on the termanal, with 
mixed up character corispondence, done as a one-time pad.

You then enter the char from the display and a spy would need to see your 
screen, and your keystroke record, and match them up.

Roger,  Mad Dog Libertarian, Bryner.
**************************************
P.S. A very strong pro-Liberty candidate I worked for here just won their 
primary, in a region that goes in favor or her party.