[dm-crypt] avoid keyloggers: enter password with mouse (virtual keyboard)

Heinz Diehl htd at fancy-poultry.org
Tue Apr 13 21:38:31 CEST 2010


On 13.04.2010, Arno Wagner wrote: 

> If he has a hardware Keylogger on his system, somebody
> did physically manipulate his machine and all bets
> are off anyways.

Of course. 

So this boils down to the fact that a software keyboard is useless :-)
If somebody had physical access to the machine, there will be no
way to detect any backdoors, and if somebody had been able to install a
software keylogger, this person has already gained root access to the machine
and could simply have read the master key from memory or whatever, you
name it.




More information about the dm-crypt mailing list