OSX Security Scanning Software?
in [UK Mac]
|
Prev: Unison 2.0.5 font ?
Next: A bit of a cleanup...
From: D.M. Procida on 26 Jun 2010 17:41 Adrian C <email(a)here.invalid> wrote: > Friend is convinced that someone else got physical access to his Mac > (OSX) and planted a key logger on it. How likely is this, compared to all the other things that cohere with the evidence that makes him suspect a key-logger? It might well be that someone has obtained information that should not properly have been obtainable, but if someone has had physical access to the machine and the technical nous to install such software, there are other things they could have lifted from the machine. And that's not to mention other possibilities. Daniele
From: Rowland McDonnell on 26 Jun 2010 17:42 J. J. Lodder <nospam(a)de-ster.demon.nl> wrote: > Adrian C <email(a)here.invalid> wrote: > > > Friend is convinced that someone else got physical access to his Mac > > (OSX) and planted a key logger on it. > > Just reinstall the system. > > > Can anyone recommend a suitable, cheap, easy to use program that can > > scan a Mac system for something as nasty as this? > > Begin with Little Snitch > for monitoring unauthorized outgoing trafic. > A keylogger that doesn't connect to the outside world > won't be much use to anyone, Very good point. However - what about a hypothetical keylogger that subverts an existing Mac process that already (perhaps) has permission to talk to the outside world? Is that a real risk, or what? Rowland. -- Remove the animal for email address: rowland.mcdonnell(a)dog.physics.org Sorry - the spam got to me http://www.mag-uk.org http://www.bmf.co.uk UK biker? Join MAG and the BMF and stop the Eurocrats banning biking
From: Adrian C on 26 Jun 2010 18:51 On 26/06/2010 22:41, D.M. Procida wrote: > Adrian C<email(a)here.invalid> wrote: > >> Friend is convinced that someone else got physical access to his Mac >> (OSX) and planted a key logger on it. > > How likely is this, compared to all the other things that cohere with > the evidence that makes him suspect a key-logger? I'm not 100% sure myself that he has a key-logger. He's an elderly chap probably exposed to some information published in the 'daily mail' on the existance of this. However, the girl that visited the computer (young 'friendly' one from the tennis club apparently) is clearly up to no good disseminating my friend's private emails to all and sundry, and causing considerable upset by this. > It might well be that someone has obtained information that should not > properly have been obtainable, but if someone has had physical access to > the machine and the technical nous to install such software, there are > other things they could have lifted from the machine. > > And that's not to mention other possibilities. Yep. :-( -- Adrian C
From: Woody on 26 Jun 2010 19:55 Adrian C <email(a)here.invalid> wrote: > Friend is convinced that someone else got physical access to his Mac > (OSX) and planted a key logger on it. > > Can anyone recommend a suitable, cheap, easy to use program that can > scan a Mac system for something as nasty as this? In activity monitor you can get a list of all applications running, look for anything that shouldn't be there. To key log the thing would need admin access so it would have needed to be installed by someone who knew the password (even if it was logged in). It would also need internet access, so either little snitch to tell you when something is connecting or netstat which will show you what is connected to where. -- Woody www.alienrat.com
From: Chris Ridd on 27 Jun 2010 02:06
On 2010-06-26 23:51:19 +0100, Adrian C said: > On 26/06/2010 22:41, D.M. Procida wrote: >> Adrian C<email(a)here.invalid> wrote: >> >>> Friend is convinced that someone else got physical access to his Mac >>> (OSX) and planted a key logger on it. >> >> How likely is this, compared to all the other things that cohere with >> the evidence that makes him suspect a key-logger? > > I'm not 100% sure myself that he has a key-logger. He's an elderly chap > probably exposed to some information published in the 'daily mail' on > the existance of this. > > However, the girl that visited the computer (young 'friendly' one from > the tennis club apparently) is clearly up to no good disseminating my > friend's private emails to all and sundry, and causing considerable > upset by this. It sounds more likely that she's altered Mail to bcc her, or something like that. Does he use Mail, and what sort of mail accounts (gmail, etc) does he have? -- Chris |