Brian points to this article about USB keyloggers that were found attached to computers at public libraries. If I saw one of these on a library computer, I might not even be sure what it was, or that it wasn’t part of the keyboard. Know your hardware, what to expect and what not to expect and check out the backs of your computers from time to time.
3 thoughts on “would you recognize a hardware keylogger in your library?”
Any Android smartphone can have its USB controller reconfigured to do this in theory after that proof-of-concept keystroke injection attack. With prepaid burner Android smartphones out there, this is going to potentially grow.
I just posted about this on my blog with a possible solution – Centurion software (what we use on our public machines to wipe them clean after use) offers a way to disable just some USB functions – including wireless managers, which send the data from the keyloggers to the person who installed it on your machine.
Comments are closed.