| 07-October-2007 13:23
Post #1 |
|
| Senior Member
Group: Administrators |
This story is two years old apparently, but I’ve not seen it before so I’m guessing others might have missed it too. I can’t vouch for its accuracy, but if it is true (and it seems likely to me that it is), then… well, just think about it…
I myself saw wireless keylogging devices designed to clip unnoticed onto a keyboard cable years ago disguised as an inductive choke, but I think I might spend this afternoon examining the guts of a couple of laptops I have lying around. Will report back if I find anything. QUOTE GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS! Turner Radio Network | October 4, 2005 Devices capture everything you ever type, then can send it via your ethernet card to the Dept. of Homeland Security without your knowledge, consent or a search warrant each time you log onto the internet! (IMG:http://fearthegovernment.com/keystroke_logger_thingy0240.jpg) Freedom Of Information Act Requests For Explanation From DHS, refused. I was opening up my almost brand new laptop, to replace a broken PCMCIA slot riser on the motherboard. As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard. I figured “No Big Deal”, and continued with the dissasembly. But when I got the metal panels off, I saw a small white heatshink-wrapped package. Being ever-curious, I sliced the heatshrink open. I found a little circuit board inside. (IMG:http://fearthegovernment.com/keystroke_logger_thingy1320.jpg Being an EE by trade, this piqued my curiosity considerably. On one side of the board, one AtmelAT45D041A four megabit Flash memory chip. (IMG:http://fearthegovernment.com/keystroke_logger_thingy3320.jpg On the other side, one Microchip TechnologyPIC16F876 Programmable Interrupt Controller, along with a little Fairchild SemiconductorCD4066BCM quad bilateral switch. Looking further, I saw that the other end of the cable was connected to the integrated ethernet board. What could this mean? I called the manufacturer’s tech support about it, and they said, and I quote, “The intregrated service tag identifier is there for assisting customers in the event of lost or misplaced personal information.” He then hung up. (IMG:http://fearthegovernment.com/keystroke_logger_thingy2160.jpg) A little more research, and I found that that board spliced in between the keyboard and the ethernet chip is little more than a Keyghosthardware keylogger . The reasons a computer manufacturer would put this in their laptops can only be left up to your imagination. It would be very impractical to hand-anylze the logs, and very CPU-intensive to do so on a computer for every person that purchased a laptop. Why are these keyloggers here? I recently almost found out. I called the police, as having a keylogger unknown to me in my laptop is a serious offense. They told me to call the Department of Homeland Security. At this point, I am in disbelief. Why would the DHS have a keylogger in my laptop? It was surreal. So I called them, and they told me to submit a Freedom of Information Act request. This is what I got back: (IMG:http://fearthegovernment.com/keystroke_logger_thingy_foi_letter.jpg) . Under the Freedom Of Information Act (FOIA) the only items exempt from public disclosure are items relating to “law enforcement tools and techniques” and “items relating to national security.” The real life implications of this are plain: Computer manufacturers appear to be cooperating with the Department of Homeland Security to make every person who buys a new computer subject to immediate, unrestricted government recording of everything they do on those computers!EVERYTHING ! This information can be sent to DHS, online, without your knowledge or consent, without a search warrant or even probable cause! That’s why this device is hard-wired directly into the ethernet card, which communicates over the internet! I am not certain how long this information will be permitted to remain online for all the world to see before the government takes some type of action to attempt to have it removed from public view. I URGE you to take copy of this page immediately and spread this information to everyone you know immediately! The more people who find out about this, the more can protect themselves and raise a HUGE outcry to force government and computer manufacturers to immediately CEASE installing these devices in new computers! Original article posted here |
| 31-October-2007 16:01
Post #2 |
|
| Newbie
Group: Members |
Hello, I found this forum post while stumbling. I joined this site because I thought it necessary to squash this as a Hoax.1. In any laptop I have ever taken apart from the mid 90’s up until now, they have all had a surface mounted flat cable style connection. They are designed this way to save space. A big bulky cable like this with a bulky chip would take up unecessary space. Things get pretty tight in there and engineers do all they can to save space. 2. If this were really a ‘secret govenerment key logger’ like the story claims, why wouldn’t they remove any identifying information on the chips so people wouldn’t look them up and find out what they did? 3. You can’t attach a keyboard directly to an ethernet board like that. Computer systems simply do not work that way. And even if they did, what about all of those wireless users out there? Most people who use laptops use the onboard wireless to connect to the network, not the built in ethernet. 4. Where are the pics to prove that this cable is attached to the keyboard or to the onboard ethernet? All we see is a blurry picture of something metalic looking and a picture of the microchips. 5. And the biggest argument is this site: http://www.dansdata.com/keyghost.htm This is where all of the images were supplied from. I could probably go on to list atleast another dozen reasons why this isin’t technically or logistically fesable but I think you get the idea. Stumbleupon users, I urge you to vote this article thumbs down and stop spreading this crap around! |
| 31-October-2007 16:59
Post #3 |
|
| Newbie
Group: Members |
QUOTE (tonestyle @ 31-October-2007 16:01)Hello, I found this forum post while stumbling. I joined this site because I thought it necessary to squash this as a Hoax.1. In any laptop I have ever taken apart from the mid 90’s up until now, they have all had a surface mounted flat cable style connection. They are designed this way to save space. A big bulky cable like this with a bulky chip would take up unnecessary space. Things get pretty tight in there and engineers do all they can to save space. 2. If this were really a ‘secret government key logger’ like the story claims, why wouldn’t they remove any identifying information on the chips so people wouldn’t look them up and find out what they did? 3. You can’t attach a keyboard directly to an ethernet board like that. Computer systems simply do not work that way. And even if they did, what about all of those wireless users out there? Most people who use laptops use the onboard wireless to connect to the network, not the built in ethernet. 4. Where are the pics to prove that this cable is attached to the keyboard or to the onboard ethernet? All we see is a blurry picture of something metalic looking and a picture of the microchips. 5. And the biggest argument is this site: http://www.dansdata.com/keyghost.htm This is where all of the images were supplied from. I could probably go on to list atleast another dozen reasons why this isin’t technically or logistically fesable but I think you get the idea. Stumbleupon users, I urge you to vote this article thumbs down and stop spreading this crap around! I don’t know if this story is true or not, but I don’t think that what you have written refutes it. My interest is not to “prove” or disprove this story. 1. I don’t see how that is relevant. If this was something that was somehow mandated, as seems to be the implication, then this extra device would be exempt from space considerations. Finally, your last statement. I would have preferred just a couple of reasons why this is not feasible. I think it would have made a stronger argument. I will supply one of my own. I can’t imagine that the government is interested in or capable of keeping track of every keystroke that every person types. This post has been edited by Bobby: 31-October-2007 17:01 |
| 31-October-2007 21:40
Post #4 |
|
| Newbie
Group: Members |
QUOTE
I don’t know if this story is true or not, but I don’t think that what you have written refutes it. My interest is not to “prove” or disprove this story. 1. I don’t see how that is relevant. If this was something that was somehow mandated, as seems to be the implication, then this extra device would be exempt from space considerations. Finally, your last statement. I would have preferred just a couple of reasons why this is not feasible. I think it would have made a stronger argument. I will supply one of my own. I can’t imagine that the government is interested in or capable of keeping track of every keystroke that every person types. 1. True, if it were indeed mandated than it would be done but the designers would integrate it into the design of the motherboard. They wouldn’t buy a commercial keylogger and splice it into the system. 2. If the computer manufacturer wanted to conceal the fact that they were violating your privacy and placing a keylogger inside of the computer, you can be certain you wouldn’t be able to identify the components. If you were able to identify that as a flash memory than some curious and inventive hacker would find a way to download the data off of the chip and the whole thing would be out in the open. 3. “As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard. … Looking further, I saw that the other end of the cable was connected to the integrated ethernet board.” And the point I was trying to make about point number five is that there is no actuall photo proof of this because they jacked the photos off of another website. So all we have to go by is this guy’s word that there is a keylogger in the computer because the pictures are not his. This is an urban legend that plays off of people’s fear of being spied upon, fear and lack of understanding of technology. It is a hoax, nothing more. |
| 02-November-2007 21:18
Post #5 |
|
| Senior Member
Group: Administrators |
Thanks to you both for your input. I just wanted to pick up on a couple of points:
QUOTE True, if it were indeed mandated than it would be done but the designers would integrate it into the design of the motherboard. They wouldn’t buy a commercial keylogger and splice it into the system. This point isn’t really strong enough to stand. This feature, if indeed it is real at all (and I understand your concerns on that) might have been a local mod to conform to local regulations or it might have been a short term production line solution, again to meet changing regulations (ie, because it takes time to redesign, test, tool and take to manufacture a revised mobo). I’ve seen examples of both of these types of temporary stop-gap measures before – though not keyboard loggers as such. QUOTE If the computer manufacturer wanted to conceal the fact that they were violating your privacy and placing a keylogger inside of the computer, you can be certain you wouldn’t be able to identify the components. Not at all true IMO; because it really doesn’t need to be. The vast majority of people CAN’T identify the components anyway and even those who can, can’t really do much about it. QUOTE If you were able to identify that as a flash memory than some curious and inventive hacker would find a way to download the data off of the chip and the whole thing would be out in the open. This is a good point – and the post goes on to make others. Ultimately, I don’t know. I do know however, that I’ve seen keystroke recorders which clip onto keyboard cables – and that was at least 10 years ago, if not 15. |
| 09-March-2008 22:19
Post #6 |
|
| Site Admin
Group: Founder members |
It certainly appears that Keyghost – the company named in the article as the manufacturer of the device – believes that it’s possible. Not only that, but it claims to be able to save up to a full year’s worth of keystrokes on a single keylogging device. Here’s what the website says:
QUOTE Record and retrieve everything typed, including emails, chatroom activity, instant messages, website addresses, search engine searches and more with plug-in keylogger. No software installation is necessary to record or retrieve keystrokes! BEFORE AFTER (IMG:http://www.keyghost.com/images/kginst1.jpg (IMG:http://www.keyghost.com/images/kginst2.jpg For security reasons, the photo (above right) is only a representation of what the KeyGhost key logger (stand alone unit) looks like. The actual KeyGhost key logger is injection moulded to look exactly like an EMC Balun. (IMG:http://www.keyghost.com/images/bullet.gif) Easy to use. No new software to install or learn. (software free device) To install the external KeyGhost hardware keylogger you simply unplug the keyboard cable from the back of the PC, plug it into one end of the KeyGhost, then plug the other end back into the PC. Why do you need a KeyGhost hardware keylogger? Several areas have been identified where a hardware keylogger, like the KeyGhost, is in great demand: (IMG:http://www.keyghost.com/images/bullet.gif) As a key logger tool for computer fraud investigations. But I use a software ‘key logger’ program… As a user’s technical knowledge increases and weaknesses in software become well known, software keylogger http://www.keyghost.com/sx/advantages.htm key loggers and keystroke loggers) become less effective. If the user is capable of disabling or bypassing the security system (or manipulating the logs), then there is no record of the break-in or what has been done. Investigations of the computer break-in become very difficult, if not impossible. In addition, there is the added risk of the log file being stolen and its sensitive contents read. Advantages of KeyGhost Keylogger: (IMG:http://www.keyghost.com/images/bullet.gif) It records every keystroke, even those typed in the critical period between computer switch on and the operating system being loaded. [/size](IMG:http://www.keyghost.com/images/bullet.gif) KeyGhost even captures and displays key combinations such as Ctrl+C, Alt+F and Ctrl+Alt+Delete, making it easy to understand exactly what was typed. (IMG:http://www.keyghost.com/images/bullet.gif) Keylogger works with any PC operating system, and stores a continuous log even across multiple operating systems on one computer. (IMG:http://www.keyghost.com/images/bullet.gif) No software installation is necessary to record or retrieve keystrokes. KeyGhost is software free! How (IMG:http://www.keyghost.com/images/bullet.gif) It has a capacity of up to 2,000,000 keystrokes stored with STRONG 128-bit encryption. (This is approximately 300,000 words, or 1 years worth of typing). (IMG:http://www.keyghost.com/images/bullet.gif) Keylogger features looping memory so you will never miss the most recent keystrokes. (IMG:http://www.keyghost.com/images/bullet.gif) Impossible to detect and/or disable by using software scanners. (IMG:http://www.keyghost.com/images/bullet.gif) It is a very user-friendly keylogger which can be easily used even by those with little computer knowledge. It has a very simple operation for such a powerful tool. Simply plug the key logger device into the keyboard cable. (IMG:http://www.keyghost.com/images/bullet.gif) The log in the KeyGhost cannot be tampered with. It is an authentic record of what was typed, and therefore, it may be used as strong evidence in a court of law. (IMG:http://www.keyghost.com/images/bullet.gif) KeyGhost Hardware Keyloggers have been extensively tested for over 5 years on almost every brand of PC, and have received many positive independent reviews. You can be sure our Keyloggers work as advertised. Anotherpageon the site has this to say: QUOTE KeyGhost used as an investigation tool. By connecting this device to the ethernet card, it may not send out the information automatically, but the potential exists for someone to connect in to the device via the network card & trigger it to download the information. Since the KeyGhost was here installed as an integral part of a working laptop, there is no reason whatsoever to assume that all of the instruction code has to be contained on its 4 Mbit chip; in fact, I think it would be silly to assume that. The device shown is without dobt the KeyGhost keylogger, and logic dictates that there must exist some reason for it to be attached to the Ethernet card. Otherwise, there would not be any connection between the two, simple as that. It seems that a lot of people are putting a tremendous amount of energy into trying to discredit this article, which is in itself very interesting. The guy who posted the article has now updated his page with the following: QUOTE Since posting this article, there has been overwhelming attempts to disprove this threat to our privacy. To the extent that I had to rename the link to avoid so many hits. Right on, I couldn’t agree more. The icing on the cake for me was that Trend Micro blocked me from accessing the KeyGhost site as “undesirable” when I tried to visit it – surely, very strange behaviour indeed for an antivirus program to block access to a supposed “security” site – albeit that Trend now has such strong connections with the NWO owned unholy trinity of eBay / Skype / Paypal. If I had not already been swayed by the information in the article, the fact that I wasn’t meant to check out the iinfo for myself on KeyGhost nailed it for me. Incidentally, “HauteSecure” (a free security tool that you can run alongside your AV) reports no issues with the site. How very odd. This is how the KeyGhost site looks after Trend Micro Internet Security Pro sticks its oar in: QUOTE Blocked by Trend Micro Trend Micro Internet Security Pro has identified this Web page as undesirable. If you still want to see this blocked page:
Note:If you think that Trend Micro Internet Security Pro should not block this Web page, please notify Trend Micro by clicking this button: |