From: jpb@miamisci.org (Joe Block)
To: cjs@netcom.com (cjs)
Message Hash: 6d19338ae855bf6c5d9911352d263a441f6349a1f0affe8f136ff2dd9d52e053
Message ID: <v01520c04ad332e13000a@[199.227.1.134]>
Reply To: N/A
UTC Datetime: 1996-01-30 05:08:00 UTC
Raw Date: Tue, 30 Jan 1996 13:08:00 +0800
From: jpb@miamisci.org (Joe Block)
Date: Tue, 30 Jan 1996 13:08:00 +0800
To: cjs@netcom.com (cjs)
Subject: Re: CONTEST: Name That Program! (no-brainer)
Message-ID: <v01520c04ad332e13000a@[199.227.1.134]>
MIME-Version: 1.0
Content-Type: text/plain
At 1:29 PM 1/29/96, cjs wrote:
>> As you may have read in my previous message, First Virtual has developed
>> and demonstrated a program that completely undermines all known schemes
>> for using software-encrypted credit cards on the Internet. More details
>> are avialable at http://www.fv.com/ccdanger.
>>
>> That was the easy part.
>
>***ROFL***
>
>This "pre-encryption" program is not a virus. It attaches to the
>keyboard driver and captures keystrokes from the keyboard as they are
>typed -- BEFORE they can be encrypted by the application encryption
>software. First Virtual scientists note that credit a check-digit. A
>greater danger is that passwords are also as easily captured.
>
>***ROFL***
Umm - that is not news, it's an old hacker trick originally used for
scamming login/passwd pairs.
I've seen this done as either a patch to the telcom program used in a
public lab on campus (this was actually quite clever - it'd wait till you
completed your login and then email the cracker your login/passwd while
simultaneously keeping the information from appearing on screen. It even
kept his email address encrypted so I had to use a debugger to find it) or
as a TSR or Macintosh extension.
2048bit-Fingerprint: F8 A2 A5 15 56 42 9B 16 3F BD 57 0F 8A ED E3 21
No man's life, liberty or property are safe while the legislature is in session.
Return to January 1996
Return to “jpb@miamisci.org (Joe Block)”
1996-01-30 (Tue, 30 Jan 1996 13:08:00 +0800) - Re: CONTEST: Name That Program! (no-brainer) - jpb@miamisci.org (Joe Block)