Have we to protect ourselves against keyloggers ?

7 réponses [Dernière contribution]
shokin
Hors ligne
A rejoint: 03/01/2013

Hello, everybody,

I started reading about what keyloggers are. It seems that they can remember what we typed, for example our passwords.

Do we need, on Trisquel, to protect ourselves against keyloggers ? if yes, how ? is the danger very important ? (someone find our passwords with a keylogger)

Otherwise, do we need an antivirus on Trisquel ? if yes, which one ?

Thank you in advance for your answers.

lembas
Hors ligne
A rejoint: 05/13/2010

Hey shokin!

The risk of getting a keylogger is small if you stick to programs in the official Trisquel repositories.

You don't need an antivirus. There are no GNU/Linux viruses.

Darksoul71
Hors ligne
A rejoint: 01/04/2012

In general it is a wellknown myth that Linux has no viruses. There are viruses and rootkits similar to other operating system.

Sticking to the official repos is always a good idea but unless you are able to review all source code of the apps you use and compile them by yourself, you can never be shure about backdoors, malware and so on.

Open source helps but is not the ultimate protection.

onpon4
Hors ligne
A rejoint: 05/30/2012

I don't know about keylogging, but viruses are a curiosity at best on Unix systems, and that includes GNU/Linux. They need root access to do damage to the system outside of your home directory (which is something you don't tend to routinely grant to programs), and GNU/Linux users use all kinds of different software, so it's not as easy for viruses to spread. Combine the facts that Windows is the most vulnerable system and the most popular system at the same time, and viruses just aren't a problem at all for GNU/Linux users. Antivirus software, such as Clam (ClamTK in Add/Remove Apps), is actually meant to detect Windows viruses.

Magic Banana

I am a member!

I am a translator!

Hors ligne
A rejoint: 07/24/2010

Because the X protocol is not secure, none of the current distribution actually is technically immune to nasty graphical applications keylogging. Wayland (and Mir on Ubuntu's side) should solve that problem.

Like other users said, one had better stick with software in Trisquel's repository. It is all free software (freedom 1 guarantee that the users can study the source code and the reputation of the developers is at stake) that has been reviewed by Debian and/or Ubuntu's developers.

shokin
Hors ligne
A rejoint: 03/01/2013

Thank you for your answers. By reading you, it seems that now we - simple users - don't need to care about this.

Would it change if many more people (everybody ^^) used Linux ? (maybe the black hackers/hat would attack more Linux)

Chris

I am a member!

Hors ligne
A rejoint: 04/23/2011

Rules to keep you safe:

Don't download programs from outside of the software managment system (synaptic, apt-get, apptitude, etc), deb packages or similar files with extensions like, .run, .rpm, .tar.gz, etc.

Don't run commands on the terminal if you don't understand what they do- or at least have some guidance from a trusted source.

Don't add sources to package manager, or the sources.list file, etc.

Don't run macros in LibreOffice if your prompted (it warns you its dangerous and you should follow the warning), keep html disabled in your email client, etc.

Keep your system up to date.

Core packages get security updates although others may not. If you need to be sure your system is secure don't install any non-core packages (unfortunately Rubén merged the sections and that makes this a more challenging one to figure out, although you could use packages.ubuntu.com to figure it out, the universe packages are a lot lower risk though than the core packages simply due to the fact they are not installed by as many users and as such are less likely to be targeted by those wanting to gain access to your system).

Anti-virus on GNU/Linux doesn't provide any benefits to you. It will more than likely put you at risk. Most anti-virus packages for GNU/Linux are non-free just like on MS Windows. There creating a larger surface area for attack and that makes them even more dangerous (even if you had the source code, etc).

Keyloggers are a potential threat. They can be used by slightly more tech savvy individuals. Lock your system up. Keep it out of reach of your room mates, friends, etc. As far as others whom can gain unauthorized access to your physical space such as law enforcement your best bet is to disassemble the system and look for anything unusual. Check the parts that are installed (did they swap a mini pcie card for one which can log keystrokes? is there a tiny USB device that you can't really see in your USB port? etc). If your at risk individual from corporations, reporters, law enforcement, etc keep the medium your booting off of on you at all times. Avoid inadvertently giving others access to your system. Don't transport hardware across national lines. Never provide your password to an encrypted disk to anyone. No matter how much they threaten you keep quiet. They can only keep you detained for so long or they'll have to charge you with a crime. They may charge you with something, but chances are you'll get out on bail at a minimum the second a lawyer gets involved, (should you have remained silent, and not surrendered any passwords). They will lie to you. Some countries like the UK will be able to arrest you if you don't reveal the password. Your lawyer will advise you though- don't give it up until your advised to do so, and chances are you shouldn't even IF your thrown in the slammer, because you'll get a lesser sentence (max in the UK for failure to disclose is 2 years).

The reason cops question you is because they *lack* evidence. So keep your mouth shut. Surrender your name & address only. If your in a vehicle surrender your registration, license, insurance, etc. Make sure you say you prefer to remain silent, ask if you may go every few minutes, in the United States they have to let you go if they don't suspect you of a crime, and whatever you do make it clear you do not consent to a search. The search will be thrown out probably if you have made it clear *before they enter* you do not consent and you *do not provide permission for them to come in*. And I would suggest you make clear that they don't have permission to come in. They will threaten to come back with a warrant. Let them. If they had something on you they wouldn't need to ask for permission. "making it hard on yourself" or using words like "stop refusing to cooperate" is a threat they'll use regardless, and generally one with no backing, provided you obey orders such as "get on the ground", etc. In the US they can search your person if they feel threatened. You have more rights walking down the street, and generally they can't stop you without suspicion. Keep walking if they come up to you. Ask "am I being detained", "are you ordering me to stop", etc. If your not you can keep walking and safely ignore there questions.

I'm not a lawyer and this is not legal advice. Read up and consult a lawyer!

If the government takes (even temporarily) any device of yours, or gets you separated from that device, you have to presume it is compromised (has a key logger installed). Never enter your password on the device ever again.

Nothing on your phone is secure. Your phone is a tracking device. You can't keep them out. If your phone is on or the people you are withs phone is on you must assume your being monitored. The same thing applies to computers with webcams and microphones (if your system is not compromised it is less likely they have control, but still a risk, if you can remove the microphone/webcam it's advisable to do so). Make sure you do not have gaming consoles with webcams/microphones either.

We have physically removed microphones/webcams for customers at ThinkPenguin plenty of times. It is possible.

If you need anonymity online use the TorBrowser, and preferably Tails. Tails will ensure that there is no trail of your activities/communications left behind on the system your using. Make sure your using the latest recommended version of each. The recent sting events proved just how important it is. More so use Tails. Tails is setup to make attacks like that of the FBI on users (and other government agencies) more difficult.

shokin
Hors ligne
A rejoint: 03/01/2013

Thank you for your very detailed answer, Chris.

I applicate most of your recommandations.

I have never yet been asked to give my computer or any password to authorities.