Mailinglist Archive: opensuse-security (81 mails)

< Previous Next >
Re: [suse-security] Intrusion spyware malware key stroke detection
  • From: Randall R Schulz <rschulz@xxxxxxxxx>
  • Date: Wed, 22 Feb 2006 07:44:23 -0800
  • Message-id: <200602220744.23557.rschulz@xxxxxxxxx>
Tim, Martin,

On Wednesday 22 February 2006 07:07, trainier@xxxxxxxxxx wrote:
> I wrote an agent that watches current google search queries in
> realtime (not quite realtime, but quite close)
> This is not hard to do, either. I suspect this is what's going on.
> Log into your machine as root and do a ps aux and show us the output.

Why as root? There is no output from "ps" that's available to root only.
At the same time, if there actually were some spyware or other exploit
with a foothold on the OP's system (very unlikely, I agree), then
exposure could conceivably be increased by logging in as root.

> I highly doubt there is a piece of malware
> running, but it's worth checking for.
> Tim
> ...
> > > Everyday I am seeing spam email which is a reflection of complex
> > > sensitive key word phrases I had typed into google just a few
> > > days previously.

If these "complex" "key word phrases" (a contradiction in terms, by the
way) are truly "sensitive," then you should not be sending them to
Google. While Google may (for now) protect search terms from being
associated with the individuals that submit them, they do not in any
way guarantee that all they'll do with them is use them to conduct the
search you request.

Randall Schulz

< Previous Next >
Follow Ups