[Michael]

As part of my “patching the end user” efforts, I figured I would*write about keyloggers.

This is the definition I found on the internet: “A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard.” In short, not something you would ever want on your computer.

Not too long ago, I decided to manually download all the keyloggers I could find on the internet and update our database as far as that type of threat is concerned. I figured it would keep me busy for a day or so. Oh boy, was I ever wrong! There is a rather large amount of programs that log your keystrokes, for some ones else convenient later perusal. It's big business.

I must have spent a good solid week downloading* keylogger after keylogger. Every time I thought*I was nearing the end, I would stumble onto another sample. As my collection efforts finally dwindled, I noticed that some of the depreciated keyloggers migrated from pseudo legality, to downright illegality. Essentially, when some of the more "fly-by-night" outfits that market keyloggers go out of business, the source code tends to be recycled by the malware community.

I found this on a website that reviews keyloggers. I also witnessed similar disclaimers during the installation of the more commercially marketed samples I tested.

"DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence."

This has to say something about the ethical issues that surround using this type of software.

Here are a few select screen captures of*different keylogger administrative interfaces.



Not very subtle, now are we? As far as I am concerned if you aren't presented with a disclaimer, or explicitly made aware that your keystrokes are logged, it should be illegal.

*************************************************** *

When you are given the option to disable the warning message and make the keylogger go into full stealth mode, it even further*muddies the waters. The software*maker can claim to take the high road, as these are not checked by default.*

****************************************

I'm in a peculiar situation, as I've experienced first hand having a keylogger installed on my machine. The profound breach of trust that it engenders is devastating. Many of these applications are marketed towards the Spouse/parent/partner as a peace of mind device. The landing pages for some of these applications are eerily similar to the scare tactics pages used for rogue antispyware software.

*If you have to resort to spying, and lets not kid ourselves, that is what these programs and devices do, there is so little implied present trust in the relationship, that logging keys should be the least of your concerns...

Jean "TinFoilHatMan" Taggart

[NorbV]

Many of the issues you bring up in your post are subject to different opinions but there is one area, employee monitoring, that is more clear cut and that I feel was overlooked.Employee monitoring is a completely different case than that of a parent monitoring a child or one spouse monitoring another.

Employees using their employers computers do not have any right to privacy. Almost any employer of any size has an agreement that new employees sign in regards to use of company computers. Such agreements generally make it clear that proper use of the computers is expected and that the employee may be monitored. So I do not feel there is an issue of propriety involved.

Even if an employer does not care about lost productivity, although they are throwing money away if they are not, there are liability issues that monitoring software can protect you from. Issues such as harassment or leaking of confidential data can be proven or dis proven definitively with a good monitoring product installed.

Our company has used Spector CNE for years and it is very useful for not only the reasons listed above, but for the simple fact that when employees know they may be monitored they are much less likely to mis-use the computer in the first place.