Saturday, August 7, 2010

A Keylogger Challenge for Linux

I see posts on the Ubuntu forums quite often about keyloggers in Linux.  Many people are under the impression that a keylogger can merely download itself onto a machine without any user intervention (like through a browser exploit) and suddenly begin logging keystrokes.  Eventually, as the theory goes, the user will elevate privileges and the keylogger will steal the root password and send it back to some shady eastern European hacker.  I call BS on this.