National Security companies use key loggers to spy on suspects the same way parents use key loggers to monitor their children’s Internet activity. Key loggers secretly record all PC key strokes and automatically send them to a remote location.
Key loggers are intentionally designed to be very hard to detect (if antivirus software found them, they could be deleted) but all key loggers have to call home using standard protocols to work.
This is a key logger’s most vulnerable point, when they call home, where they can be detected, identified and tracked.
If enough prominent people find unauthorized key loggers spying on their PCs, their outrage would pressure the media and law enforcement to investigate and stop this spying.
Project Goal: Produce simple, reliable means to detect when key loggers call home and identify where and when they are sending data in a form that can be easily shared widely with activists.
Concept #1: Use Linux firewalls to monitor all outgoing traffic to prove key loggers are present and to identify where the information is being sent.
The system should be designed to be as simple and inexpensive as possible and to minimize the possibility of hacks and back doors being installed to defeat them.
Develop simple step by step procedures for setting up inexpensive Linux firewalls to do this.
Invite hackers to make suggestions as to how it could be defeated and improved. Solicit better ideas from the hacking community. Review and improve the approach and instructions.
Once the design is finalized, share the instructions widely publicly in different languages.
Key logger sweeps could be a money making opportunity for people who have the interest, equipment and skills to do it.
Note: Norton and other major security software vendors specifically exempt certain key logger detection functions to protect law enforcement activities. The solution MUST be able to catch these protected exemptions.
Even the simple recording of outgoing addresses that could be easily imported into an Excel spreadsheet might be of value.
Is this the best approach? Has it already been done and documented? What is the best way to proceed?
I don’t have the expertise or skills to develop this myself, but I can certainly help test, polish and promote it.
Please Support This Effort & Stop the National Security State