From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Thu, 5 Jan 95 22:58:49 PST
To: cypherpunks@toad.com
Subject: sniff passwords on PC (DOS)
Message-ID: <0098A089.4C425900.550@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain


As a demonstration of concept, I wrote a small, simple program that
replaces the keyboard interrupt and stores all keystrokes in a buffer.

It was very very easy to write.

It works while using pgp and windows\net.

It does not work after starting windows.  Not sure, but it seems obvious
that MS windows installs it's own keyboard interrupt.

I suppose it would be easy to enhance this simple program (I bet it's been
done by others) to store passwords into a secret file on a hard drive
unbeknownest to the user.

I first suspected that such a program already existed after hearing, two
days after his arrest, that the CIA had cracked Aldrich Aim's encrypted
files.   (sorry if I spelled his name incorrectly.)

Think about it, the govt. could spend 50,000 to 100,000 to create a 
freeware gif viewer, for example, that installed such a tsr.

Mike

P.S.  If the guy who wanted to see his gf's files writes me, I'll send you
this keyboard sniffer program.