From: "Mark M. Lacey" <mml@halcyon.com>
Date: Tue, 12 Nov 1996 10:12:12 -0800 (PST)
To: Rabid Wombat <teddygee@visi.net>
Subject: RE: two bogus messages to this list
Message-ID: <01BBD081.63E4D3C0@blv-pm101-ip1.halcyon.com>
MIME-Version: 1.0
Content-Type: text/plain


>Um, not to disagree with you re Intel/Micro$loth, but most UNIX systems 
>can be brought up in single-user mode and the root password changed by 
>anyone with physical access to the system. You could end up with even 
>more trouble than if someone messed with your M$ box.

Microsloth has, at the heart of it's system, a call which traps ALL
KEYSTROKES and EVENTS.  This call exists from Win32s on, and can be
placed inside of a DLL which most users would have no idea was loaded.
Even under NT, this DLL can be made to remain resident and trapping
Keystrokes, events, and window contents.

This is (or was?) no problem under X Windows the last time I tried it (not recently), too.  In fact, you could monitor the keystrokes of any machine that you had access to remotely, as long as X was running.  All it took was a short little C program.  So what call is it on NT that you're talking about?

Mark M. Lacey <mml@halcyon.com>
"Speaking for nobody but myself."
[Finger mml@halcyon.com for my PGP public key.]
[If you don't have 'finger', e-mail me for it.]