Silk Road forums

Discussion => Security => Topic started by: SilkRoadRambler on August 09, 2013, 06:07 pm

Title: How to destroy keyloggers...
Post by: SilkRoadRambler on August 09, 2013, 06:07 pm
Is it possibly to "reset" one's system in such a way that any keyloggers are removed?

Also, has there ever been a case of LE planting keyloggers on linux systems remotely? Thanks.
Title: Re: How to destroy keyloggers...
Post by: Bazille on August 09, 2013, 06:28 pm
I strongly doubt LE planted a keylogger on your Linux system remotely. That being said, the only way to 100% get rid of it is wiping the drive and reinstalling the OS. You could probably take your /home/* folders with you, as it's unlikely they hid the keylogger in there, because there are no files inside which get automatically executed on boot.
Title: Re: How to destroy keyloggers...
Post by: astor on August 09, 2013, 06:51 pm
I have increasingly been using virtual machines for my Tor activities. Actually, I exclusively use VMs now that that we've seen deanonymizing server-supplied exploits in the wild. I install an operating system in VirtualBox and immediately export it as an appliance. I do this for several operating systems: WinXP, Win7, and a few Linux distributions. That way I have clean images that I can re-import if I suspect something bad has happened to one of my VMs, like it was infected with malware. It's easier than reinstalling an OS on the whole computer, and you can isolate Tor from the browser by putting them in separate VMs, making it much harder for an exploit to get your real IP address. You can also store sensitive files outside of the VM that you browse in, so exploits can't access them.

Title: Re: How to destroy keyloggers...
Post by: SilkRoadRambler on August 09, 2013, 06:56 pm
Bazile, don't many key-loggers operate from the Bios somehow when booted, and not through the operating system?

astor, very good idea...
Title: Re: How to destroy keyloggers...
Post by: Bazille on August 09, 2013, 09:05 pm
I don't think there is a keylogger which gets started from the bios. Normally keyloggers are normal programs, which get autostarted somehow during the boot process.

This clearnet article has some infos about Linux keyloggers:
http://askubuntu.com/questions/169887/how-can-i-detect-a-keylogger-on-my-system