| View previous topic :: View next topic |
| Author |
Message |
derick
Hacker
Joined: 30 May 2003
Posts: 2344
Location: /*
|
 Posted: Wed Jul 12, 2006 10:10 am Post subject: Keylogger found in Dell 600m laptop |
 |
|
http://virus.org.ua/unix/keylog/klog.htm
| Quote: | I was opening up my almost brand new Dell 600m laptop, to replace a broken PCMCIA slot riser on the motherboard. As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard.
I figured "No Big Deal", and continued with the dissasembly. But when I got the metal panels off, I saw a small white heatshink-wrapped package. Being ever-curious, I sliced the heatshrink open. I found a little circuit board inside.
Being an EE by trade, this piqued my curiosity considerably. On one side of the board, one Atmel AT45D041A four megabit Flash memory chip.
On the other side, one Microchip Technology PIC16F876 Programmable Interrupt Controller, along with a little Fairchild Semiconductor CD4066BCM quad bilateral switch.
Looking further, I saw that the other end of the cable was connected to the integrated ethernet board.
What could this mean? I called Dell tech support about it, and they said, and I quote, "The intregrated service tag identifier is there for assisting customers in the event of lost or misplaced personal information." He then hung up.
A little more research, and I found that that board spliced in between the keyboard and the ethernet chip is little more than a Keyghost hardware keylogger.
The reasons Dell would put this in thier laptops can only be left up to your imagination. It would be very impractical to hand-anylze the logs, and very CPU-intensive to do so on a computer for every person that purchased a dell laptop. Why are these keyloggers here? I recently almost found out.
I called the police, as having a keylogger unknown to me in my laptop is a serious offense. They told me to call the Department of Homeland Security. At this point, I am in disbelief. Why would the DHS have a keylogger in my laptop? It was surreal.
So I called them, and they told me to submit a Freedom of Information Act request. This is what I got back: |
See the page for pictures and a copy of the Department of Homeland Security's letter.
_________________
All men die. Not all men truly live. -- William Wallace |
|
| Back to top |
|
 |
david
Dude
Joined: 01 Sep 2004
Posts: 89
Location: not telling
|
| Posted: Wed Jul 12, 2006 10:14 am Post subject: |
|
|
| Quote: | | almost brand new Dell |
Last edited by david on Wed Jul 12, 2006 10:14 am; edited 1 time in total |
|
| Back to top |
|
|
david
Dude
Joined: 01 Sep 2004
Posts: 89
Location: not telling
|
| Posted: Wed Jul 12, 2006 10:48 am Post subject: |
|
|
Sorry - I like posting (can someone remove the repeated one?).
I was thinking:
How do you directly connect a keylogger to someones ethernet card? I doubt that is possible.
Also the wiring (different lengths) and soldering is hardly of the quality of a huge computer maker like dell.
and (after a bit of research):
It was first found on http://www.roflcaeks.biz/lol.html That URL should say it all. Also there are apparently several versions of the same letter to DHS (which is an altered version of an unrelated letter) floating around. Also it it is listed as an urban legend by
http://www.snopes.com/computer/internet/dellbug.asp |
|
| Back to top |
|
|
derick
Hacker
Joined: 30 May 2003
Posts: 2344
Location: /*
|
|
| Back to top |
|
|
data
Administrator
Joined: 18 Jul 2003
Posts: 328
Location: /pub
|
| Posted: Wed Jul 12, 2006 4:51 pm Post subject: |
|
|
404
_________________
A shark on whiskey is mighty risky.
A shark on beer is a beer engineer!
~= Carpe Noctem =~ |
|
| Back to top |
|
|
sandman
Noob
Joined: 27 Oct 2003
Posts: 48
Location: On an utterly insignificant little blue-green planet orbiting a small unregarded yellow sun.
|
| Posted: Wed Jul 12, 2006 9:39 pm Post subject: |
|
|
I bet every engineer reading this is going:
hmmm...
well, all you would need is a...
and with some coding on the PIC you could...
.
.
I know - I did! |
|
| Back to top |
|
|
bmeagle
Cypher
Joined: 09 Mar 2004
Posts: 471
Location: Near Menlyn
|
| Posted: Thu Jul 13, 2006 1:14 pm Post subject: |
|
|
| Beeld has some article running today on "spioen in jou pc" don't think it means physically like this though! |
|
| Back to top |
|
|
Stew
Linux Freak
Joined: 16 Sep 2003
Posts: 358
|
| Posted: Fri Jul 14, 2006 8:09 am Post subject: |
|
|
Sorry to disappoint the conspiracy theorists, but this is really really old news and fake. I was the same article in about 2003. (I think it was actually on tlug a while back)
From snopes.com (http://www.snopes.com/computer/internet/dellbug.asp)
"Given the prevalent public fear of governmental snooping into private activity, the discovery that personal computers were being sold with devices that enabled the Department of Homeland Security (DHS) to monitor keystrokes would have a rather chilling effect. Most of us now use computers in so many different facets of our lives, from personal correspondence to shopping, that recording and analyzing everything we typed on one would provide a great deal of information about us.
Although furtive eavesdropping on computer activity is certainly possible, the specific tale presented above is nothing more than an example of "government conspiracy" type hoaxlore. It originally appeared on www.chromance.de (from which it has since been removed, although it remains mirrored elsewhere), a site which carried several other obvious hoaxes. The graphics for the article were lifted from another site's page about commercial keyboard loggers, and the purported letter from the Department of Homeland Security appears to be an altered version of someone else's example of correspondence from the DHS. "
One small thing if the guy was a EE by trade, he would know that a PIC16F876 is not a Programmable Interupt Controller. (But it could be prgrammed as one).
Last edited by Stew on Fri Jul 14, 2006 8:13 am; edited 1 time in total |
|
| Back to top |
|
|
bertvl
Guru
Joined: 18 Feb 2005
Posts: 250
Location: global village
|
| Posted: Fri Jul 14, 2006 8:10 am Post subject: |
|
|
| david wrote: |
How do you directly connect a keylogger to someones ethernet card? I doubt that is possible. |
That doesn't compute. The keystrokes from your keyboard don't go directly to your network card... You could attach a protocol sniffer and extract certain information from the network interface, and sometimes even keystrokes (for certain protocols like X, vnc etc.), but the whole point of a keylogger is to directly log someone's keystrokes on a PC, be it via hardware or software. Its kinda like asking "how do you connect a keylogger to someone's VGA port?" |
|
| Back to top |
|
|
bertvl
Guru
Joined: 18 Feb 2005
Posts: 250
Location: global village
|
| Posted: Fri Jul 14, 2006 8:14 am Post subject: |
|
|
| Stew wrote: | | Sorry to disappoint the conspiracy theorists, but this is really really old news and fake. I was the same article in about 2003. (I think it was actually on tlug a while back) |
I think we need to make our own real keylogger (fairly easy to do), solder it into <name-your-least-favourite-laptop-brand-here> and do a more believable hoax. A bit purile I know, but it would be fun (assuming you're not sued by <name-your-least-favourite-laptop-brand-here>) |
|
| Back to top |
|
|
Casey
Abnormal Freak
Joined: 30 May 2003
Posts: 1072
Location: In front of a PC somewhere on Earth
|
| Posted: Fri Jul 14, 2006 9:05 am Post subject: |
|
|
The trick to avoiding lawsuits is simple.
Instead of a hoax, we make it a parody; something like:
| Quote: | Keylogger found in laptop!
<Insert name of your least favourite laptop provider here> has sunk to new lows, as was recently proven. This picture shows a piece of electronic hardware you won't be able to identify unless you know what it is, and is programmable so that even then you won't be able to tell what it does, but which I will claim is a keylogger with little or no substantiation! Since the laptop is a bit expensive to buy just to take apart, I have very little fear of being proven wrong! And if I can't be proven wrong, then I must be right! After all, why else would <insert name of your least favourite laptop provider here> idly stand by and let their already-weak name be slandered like this? |
_________________
Clarke's Second Law:
The only way to discover the limits of the possible is to go beyond them into the impossible. |
|
| Back to top |
|
|
david
Dude
Joined: 01 Sep 2004
Posts: 89
Location: not telling
|
| Posted: Fri Jul 14, 2006 9:25 am Post subject: |
|
|
| bertvl wrote: | | david wrote: |
How do you directly connect a keylogger to someones ethernet card? I doubt that is possible. |
That doesn't compute. The keystrokes from your keyboard don't go directly to your network card... You could attach a protocol sniffer and extract certain information from the network interface, and sometimes even keystrokes (for certain protocols like X, vnc etc.), but the whole point of a keylogger is to directly log someone's keystrokes on a PC, be it via hardware or software. Its kinda like asking "how do you connect a keylogger to someone's VGA port?" |
I guess what I am saying is that you need a bit more (or a very special network card) to connect a flash disk key logger directly to a network card. You can't just go connecting things willy-nilly. You would have to store the data and then upload periodically to a specific server (all encrypted like). It would be a bit dodgy if you PC sent a couple o' packets everytime you hit a key. A software keylogger would be the way to go if a company like Dell really wanted to be swamped keystrokes of the thousands of PC's it has made. You could quie easily disguise it as DellKeyboard service or MutimediaKeyManager.exe.
The point is that I doubt anyone can just lash a keylogger into a NIC with a soldering iron. |
|
| Back to top |
|
|
TvZ
Guru
Joined: 29 Mar 2006
Posts: 280
Location: On back of 4 Elephants on a Giant Turtle
|
| Posted: Tue Jul 18, 2006 3:29 pm Post subject: |
|
|
For some people that don't know already...or just to add fuel to the fire
| Quote: | | A chip the size of a grain of rice that can store 100 pages of text and swaps data via wireless has been developed by Hewlett-Packard. |
| Code: | | http://news.bbc.co.uk/2/hi/technology/5186650.stm |
so now it will become posiible for your pc or laptop to swap out some of
your keys or passwords without you knowing.
_________________
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 TvZ Out
This is the greatest signiture in the world, Tribute. |
|
| Back to top |
|
|
beam
Linux Freak
Joined: 13 Sep 2004
Posts: 343
|
| Posted: Wed Jul 19, 2006 10:10 am Post subject: |
|
|
regardless of the haox, how would a big galumphing thing like that fit under a laptop keyboard. They are not exactly roomy. And for GOODNESS SAKE CABLE TIES !!!!!!!!!! You cant be taken seriously if you have a picture with CABLE TIES in it ffs. Plus if there were to be a key logger installed they might make it a bit less obvious, like imbedd it in something else.
Besides if you are doing anything remotely secret or important , id make sure that pc was not connected to a network unless absolutely essential.
_________________
You are not a NINJA. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
.