Is Your Laptop Your Best Friend?

07-October-2007 13:23

Post #1

Senior Member

Group: Administrators
Posts: 242
Joined: 9-June 07
Member No.: 1,026

This story is two years old apparently, but I’ve not seen it before so I’m guessing others might have missed it too. I can’t vouch for its accuracy, but if it is true (and it seems likely to me that it is), then… well, just think about it…

I myself saw wireless keylogging devices designed to clip unnoticed onto a keyboard cable years ago disguised as an inductive choke, but I think I might spend this afternoon examining the guts of a couple of laptops I have lying around. Will report back if I find anything.

QUOTE

GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS!

Turner Radio Network | October 4, 2005

Devices capture everything you ever type, then can send it via your ethernet card to the Dept. of Homeland Security without your knowledge, consent or a search warrant each time you log onto the internet!

(IMG:http://fearthegovernment.com/keystroke_logger_thingy0240.jpg) Freedom Of Information Act Requests For Explanation From DHS, refused.

I was opening up my almost brand new laptop, to replace a broken PCMCIA slot riser on the motherboard. As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard.

I figured “No Big Deal”, and continued with the dissasembly. But when I got the metal panels off, I saw a small white heatshink-wrapped package. Being ever-curious, I sliced the heatshrink open. I found a little circuit board inside.

(IMG:http://fearthegovernment.com/keystroke_logger_thingy1320.jpg

Being an EE by trade, this piqued my curiosity considerably. On one side of the board, one AtmelAT45D041A four megabit Flash memory chip.

(IMG:http://fearthegovernment.com/keystroke_logger_thingy3320.jpg

On the other side, one Microchip TechnologyPIC16F876 Programmable Interrupt Controller, along with a little Fairchild SemiconductorCD4066BCM quad bilateral switch.

Looking further, I saw that the other end of the cable was connected to the integrated ethernet board.

What could this mean? I called the manufacturer’s tech support about it, and they said, and I quote, “The intregrated service tag identifier is there for assisting customers in the event of lost or misplaced personal information.” He then hung up.

(IMG:http://fearthegovernment.com/keystroke_logger_thingy2160.jpg) A little more research, and I found that that board spliced in between the keyboard and the ethernet chip is little more than a Keyghosthardware keylogger .

The reasons a computer manufacturer would put this in their laptops can only be left up to your imagination. It would be very impractical to hand-anylze the logs, and very CPU-intensive to do so on a computer for every person that purchased a laptop. Why are these keyloggers here? I recently almost found out.

I called the police, as having a keylogger unknown to me in my laptop is a serious offense. They told me to call the Department of Homeland Security. At this point, I am in disbelief. Why would the DHS have a keylogger in my laptop? It was surreal.

So I called them, and they told me to submit a Freedom of Information Act request. This is what I got back:

(IMG:http://fearthegovernment.com/keystroke_logger_thingy_foi_letter.jpg) .

Under the Freedom Of Information Act (FOIA) the only items exempt from public disclosure are items relating to “law enforcement tools and techniques” and “items relating to national security.”

The real life implications of this are plain: Computer manufacturers appear to be cooperating with the Department of Homeland Security to make every person who buys a new computer subject to immediate, unrestricted government recording of everything they do on those computers!EVERYTHING !

This information can be sent to DHS, online, without your knowledge or consent, without a search warrant or even probable cause! That’s why this device is hard-wired directly into the ethernet card, which communicates over the internet!

I am not certain how long this information will be permitted to remain online for all the world to see before the government takes some type of action to attempt to have it removed from public view. I URGE you to take copy of this page immediately and spread this information to everyone you know immediately! The more people who find out about this, the more can protect themselves and raise a HUGE outcry to force government and computer manufacturers to immediately CEASE installing these devices in new computers!

Original article posted here

 

31-October-2007 16:01

Post #2

Newbie

Group: Members
Posts: 2
Joined: 31-October 07
Member No.: 1,236

Hello,
I found this forum post while stumbling. I joined this site because I thought it necessary to squash this as a Hoax.1. In any laptop I have ever taken apart from the mid 90’s up until now, they have all had a surface mounted flat cable style connection. They are designed this way to save space. A big bulky cable like this with a bulky chip would take up unecessary space. Things get pretty tight in there and engineers do all they can to save space.

2. If this were really a ‘secret govenerment key logger’ like the story claims, why wouldn’t they remove any identifying information on the chips so people wouldn’t look them up and find out what they did?

3. You can’t attach a keyboard directly to an ethernet board like that. Computer systems simply do not work that way. And even if they did, what about all of those wireless users out there? Most people who use laptops use the onboard wireless to connect to the network, not the built in ethernet.

4. Where are the pics to prove that this cable is attached to the keyboard or to the onboard ethernet? All we see is a blurry picture of something metalic looking and a picture of the microchips.

5. And the biggest argument is this site: http://www.dansdata.com/keyghost.htm This is where all of the images were supplied from.

I could probably go on to list atleast another dozen reasons why this isin’t technically or logistically fesable but I think you get the idea. Stumbleupon users, I urge you to vote this article thumbs down and stop spreading this crap around!

 

31-October-2007 16:59

Post #3

Newbie

Group: Members
Posts: 1
Joined: 31-October 07
Member No.: 1,238

QUOTE (tonestyle @ 31-October-2007 16:01)Hello,
I found this forum post while stumbling. I joined this site because I thought it necessary to squash this as a Hoax.1. In any laptop I have ever taken apart from the mid 90’s up until now, they have all had a surface mounted flat cable style connection. They are designed this way to save space. A big bulky cable like this with a bulky chip would take up unnecessary space. Things get pretty tight in there and engineers do all they can to save space.

2. If this were really a ‘secret government key logger’ like the story claims, why wouldn’t they remove any identifying information on the chips so people wouldn’t look them up and find out what they did?

3. You can’t attach a keyboard directly to an ethernet board like that. Computer systems simply do not work that way. And even if they did, what about all of those wireless users out there? Most people who use laptops use the onboard wireless to connect to the network, not the built in ethernet.

4. Where are the pics to prove that this cable is attached to the keyboard or to the onboard ethernet? All we see is a blurry picture of something metalic looking and a picture of the microchips.

5. And the biggest argument is this site: http://www.dansdata.com/keyghost.htm This is where all of the images were supplied from.

I could probably go on to list atleast another dozen reasons why this isin’t technically or logistically fesable but I think you get the idea. Stumbleupon users, I urge you to vote this article thumbs down and stop spreading this crap around!

I don’t know if this story is true or not, but I don’t think that what you have written refutes it. My interest is not to “prove” or disprove this story.

1. I don’t see how that is relevant. If this was something that was somehow mandated, as seems to be the implication, then this extra device would be exempt from space considerations.
2. That’s easy. Hypothetically, if the story is true, the government doesn’t install these things. The computer manufacturer does. Since the device itself is not the problem, only that it is installed without consent, it would just draw more attention to make these devices with no markings, and make an issue of it. I would imagine that people that assemble computers don’t have to know what each part is or does so why have a special unmarked part?
3. I don’t think they are exactly saying that the keyboard is directly connected to the ethernet card, but that this device is spliced in as a secondary connection. In other words, the keyboard and this device function independently and the only connection is that keystroke information is sent to this device.
4. Don’t know. For this story to work you pretty much have to believe the person writing it. Or not.
5. I don’t understand this point. Are you saying that the site these pictures came from can’t be trusted or that this person is faking their evidence? I don’t get the point.

Finally, your last statement. I would have preferred just a couple of reasons why this is not feasible. I think it would have made a stronger argument. I will supply one of my own. I can’t imagine that the government is interested in or capable of keeping track of every keystroke that every person types.

This post has been edited by Bobby: 31-October-2007 17:01

 

31-October-2007 21:40

Post #4

Newbie

Group: Members
Posts: 2
Joined: 31-October 07
Member No.: 1,236

QUOTE

I don’t know if this story is true or not, but I don’t think that what you have written refutes it. My interest is not to “prove” or disprove this story.

1. I don’t see how that is relevant. If this was something that was somehow mandated, as seems to be the implication, then this extra device would be exempt from space considerations.
2. That’s easy. Hypothetically, if the story is true, the government doesn’t install these things. The computer manufacturer does. Since the device itself is not the problem, only that it is installed without consent, it would just draw more attention to make these devices with no markings, and make an issue of it. I would imagine that people that assemble computers don’t have to know what each part is or does so why have a special unmarked part?
3. I don’t think they are exactly saying that the keyboard is directly connected to the ethernet card, but that this device is spliced in as a secondary connection. In other words, the keyboard and this device function independently and the only connection is that keystroke information is sent to this device.
4. Don’t know. For this story to work you pretty much have to believe the person writing it. Or not.
5. I don’t understand this point. Are you saying that the site these pictures came from can’t be trusted or that this person is faking their evidence? I don’t get the point.

Finally, your last statement. I would have preferred just a couple of reasons why this is not feasible. I think it would have made a stronger argument. I will supply one of my own. I can’t imagine that the government is interested in or capable of keeping track of every keystroke that every person types.

1. True, if it were indeed mandated than it would be done but the designers would integrate it into the design of the motherboard. They wouldn’t buy a commercial keylogger and splice it into the system.

2. If the computer manufacturer wanted to conceal the fact that they were violating your privacy and placing a keylogger inside of the computer, you can be certain you wouldn’t be able to identify the components. If you were able to identify that as a flash memory than some curious and inventive hacker would find a way to download the data off of the chip and the whole thing would be out in the open.

3. “As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard. … Looking further, I saw that the other end of the cable was connected to the integrated ethernet board.”
It sure sounds to me like they are saying the keyboard is directly connected to the ethernet device. Oh, and one more minor consideration. Integrated ethernet cards in desktops and laptops are apart of the northbridge as well as a whole host of other devices. this saves space on the boards. Another consideration is that a device can’t write directly to another device. It has to go through some medium such as Memory (DMA) or the CPU. And even if it were some how directly connected to the ethernet, how would this little device be able to package its data and send it out over the ethernet as network packets? There isin’t enough programming space avaliable on a 4megabit flash chip to store a TCP/IP protocol let alone, any hardware to do process that sort of data. And if you are going to mention that the ethernet board could process it, thats all done in software by the OS. And if you are going to say that the computer manufacturer would have designed the computer to do this with out the help of an OS, then they would have added the hardware to do so from the get go and wouldn’t have had to splice a commercially avaliable keylogger into the computer to begin with. They would have integrated it into the design of the motherboard.

And the point I was trying to make about point number five is that there is no actuall photo proof of this because they jacked the photos off of another website. So all we have to go by is this guy’s word that there is a keylogger in the computer because the pictures are not his. This is an urban legend that plays off of people’s fear of being spied upon, fear and lack of understanding of technology. It is a hoax, nothing more.

 

02-November-2007 21:18

Post #5

Senior Member

Group: Administrators
Posts: 242
Joined: 9-June 07
Member No.: 1,026

Thanks to you both for your input. I just wanted to pick up on a couple of points:

QUOTE

True, if it were indeed mandated than it would be done but the designers would integrate it into the design of the motherboard. They wouldn’t buy a commercial keylogger and splice it into the system.

This point isn’t really strong enough to stand. This feature, if indeed it is real at all (and I understand your concerns on that) might have been a local mod to conform to local regulations or it might have been a short term production line solution, again to meet changing regulations (ie, because it takes time to redesign, test, tool and take to manufacture a revised mobo). I’ve seen examples of both of these types of temporary stop-gap measures before – though not keyboard loggers as such.

QUOTE

If the computer manufacturer wanted to conceal the fact that they were violating your privacy and placing a keylogger inside of the computer, you can be certain you wouldn’t be able to identify the components.

Not at all true IMO; because it really doesn’t need to be. The vast majority of people CAN’T identify the components anyway and even those who can, can’t really do much about it.

QUOTE

If you were able to identify that as a flash memory than some curious and inventive hacker would find a way to download the data off of the chip and the whole thing would be out in the open.

This is a good point – and the post goes on to make others.

Ultimately, I don’t know. I do know however, that I’ve seen keystroke recorders which clip onto keyboard cables – and that was at least 10 years ago, if not 15.

 

09-March-2008 22:19

Post #6

Site Admin

Group: Founder members
Posts: 893
Joined: 22-March 06
From: Scotland
Member No.: 1

It certainly appears that Keyghost – the company named in the article as the manufacturer of the device – believes that it’s possible. Not only that, but it claims to be able to save up to a full year’s worth of keystrokes on a single keylogging device. Here’s what the website says:

QUOTE

Record and retrieve everything typed, including emails, chatroom activity, instant messages, website addresses, search engine searches and more with plug-in keylogger.

No software installation is necessary to record or retrieve keystrokes!

BEFORE

AFTER

(IMG:http://www.keyghost.com/images/kginst1.jpg

(IMG:http://www.keyghost.com/images/kginst2.jpg

For security reasons, the photo (above right) is only a representation of what the KeyGhost key logger (stand alone unit) looks like. The actual KeyGhost key logger is injection moulded to look exactly like an EMC Balun.

(IMG:http://www.keyghost.com/images/bullet.gif) Easy to use. No new software to install or learn. (software free device)
(IMG:http://www.keyghost.com/images/bullet.gif) Installs in seconds, just plug it in.
(IMG:http://www.keyghost.com/images/bullet.gif) Can be unplugged and information retrieved on another PC.
(IMG:http://www.keyghost.com/images/bullet.gif) Uses no system resources.
(IMG:http://www.keyghost.com/images/bullet.gif) Excellent real-time backup device.

To install the external KeyGhost hardware keylogger you simply unplug the keyboard cable from the back of the PC, plug it into one end of the KeyGhost, then plug the other end back into the PC.

Why do you need a KeyGhost hardware keylogger?
KeyGhost hardware keyloggers protect computer resources and increase computer security.

Several areas have been identified where a hardware keylogger, like the KeyGhost, is in great demand:

(IMG:http://www.keyghost.com/images/bullet.gif) As a key logger tool for computer fraud investigations.
(IMG:http://www.keyghost.com/images/bullet.gif) As a monitoring device for detecting unauthorised access.
(IMG:http://www.keyghost.com/images/bullet.gif) As a deterrent, to prevent unacceptable use of company resources.
(IMG:http://www.keyghost.com/images/bullet.gif) As a back up tool which creates a log of all keystrokes typed on a keyboard.

But I use a software ‘key logger’ program…
(IMG:http://www.keyghost.com/images/cdguy.jpg
Article
Over $120 billion was lost in the USA due to employee fraud last year. And this figure is growing.

As a user’s technical knowledge increases and weaknesses in software become well known, software keylogger http://www.keyghost.com/sx/advantages.htm key loggers and keystroke loggers) become less effective. If the user is capable of disabling or bypassing the security system (or manipulating the logs), then there is no record of the break-in or what has been done. Investigations of the computer break-in become very difficult, if not impossible. In addition, there is the added risk of the log file being stolen and its sensitive contents read.

Advantages of KeyGhost Keylogger:
(IMG:http://www.keyghost.com/images/bullet.gif) Easy to install in a few seconds! Simply plug it in. Installation pictures

(IMG:http://www.keyghost.com/images/bullet.gif) It records every keystroke, even those typed in the critical period between computer switch on and the operating system being loaded.

[/size](IMG:http://www.keyghost.com/images/bullet.gif) KeyGhost even captures and displays key combinations such as Ctrl+C, Alt+F and Ctrl+Alt+Delete, making it easy to understand exactly what was typed.

(IMG:http://www.keyghost.com/images/bullet.gif) Keylogger works with any PC operating system, and stores a continuous log even across multiple operating systems on one computer.

(IMG:http://www.keyghost.com/images/bullet.gif) No software installation is necessary to record or retrieve keystrokes. KeyGhost is software free! How

(IMG:http://www.keyghost.com/images/bullet.gif) It has a capacity of up to 2,000,000 keystrokes stored with STRONG 128-bit encryption. (This is approximately 300,000 words, or 1 years worth of typing).

(IMG:http://www.keyghost.com/images/bullet.gif) Keylogger features looping memory so you will never miss the most recent keystrokes.

(IMG:http://www.keyghost.com/images/bullet.gif) Impossible to detect and/or disable by using software scanners.

(IMG:http://www.keyghost.com/images/bullet.gif) It is a very user-friendly keylogger which can be easily used even by those with little computer knowledge. It has a very simple operation for such a powerful tool. Simply plug the key logger device into the keyboard cable.

(IMG:http://www.keyghost.com/images/bullet.gif) The log in the KeyGhost cannot be tampered with. It is an authentic record of what was typed, and therefore, it may be used as strong evidence in a court of law.

(IMG:http://www.keyghost.com/images/bullet.gif) KeyGhost Hardware Keyloggers have been extensively tested for over 5 years on almost every brand of PC, and have received many positive independent reviews. You can be sure our Keyloggers work as advertised.

Anotherpageon the site has this to say:

QUOTE

KeyGhost used as an investigation tool.
Currently, security professionals in private and government organisations are one of the most common groups using the KeyGhost. For example, investigators can use it as a monitoring device to establish an audit trail on a suspect’s computer; auditors, receivers and liquidators can use it to create an unalterable log of all electronic communication on their client’s computers.

By connecting this device to the ethernet card, it may not send out the information automatically, but the potential exists for someone to connect in to the device via the network card & trigger it to download the information. Since the KeyGhost was here installed as an integral part of a working laptop, there is no reason whatsoever to assume that all of the instruction code has to be contained on its 4 Mbit chip; in fact, I think it would be silly to assume that.

The device shown is without dobt the KeyGhost keylogger, and logic dictates that there must exist some reason for it to be attached to the Ethernet card. Otherwise, there would not be any connection between the two, simple as that.

It seems that a lot of people are putting a tremendous amount of energy into trying to discredit this article, which is in itself very interesting. The guy who posted the article has now updated his page with the following:

QUOTE

Since posting this article, there has been overwhelming attempts to disprove this threat to our privacy. To the extent that I had to rename the link to avoid so many hits.
To me, any attempt so massive designed to turn a credible story into a so called hoax is pretty convincing evidence that someone out there doesn’t want the truth to be known.
To all people attempting to destroy this story’s credibility, it is possible to do this, and it is being done. The KeyLogger business is real, Look up KeyGhost on Google.. The US government has been admitting to spying on US citizens using the massive AT&T servers to log and record EVERY email that is sent in this country and listening to any phone calls that might interest them, are you so gullible that you really think the industry that makes computers couldn’t be forced to build in these devices ? Think for yourselves people. Do not trust a government that blatantly admits to violating the laws that provide your right to privacy.

Right on, I couldn’t agree more. The icing on the cake for me was that Trend Micro blocked me from accessing the KeyGhost site as “undesirable” when I tried to visit it – surely, very strange behaviour indeed for an antivirus program to block access to a supposed “security” site – albeit that Trend now has such strong connections with the NWO owned unholy trinity of eBay / Skype / Paypal. If I had not already been swayed by the information in the article, the fact that I wasn’t meant to check out the iinfo for myself on KeyGhost nailed it for me. Incidentally, “HauteSecure” (a free security tool that you can run alongside your AV) reports no issues with the site. How very odd.

This is how the KeyGhost site looks after Trend Micro Internet Security Pro sticks its oar in:

QUOTE

Blocked by Trend Micro

Trend Micro Internet Security Pro has identified this Web page as undesirable.
Address:http://www.keyghost.com/Credibility:Unsafe

If you still want to see this blocked page:

  1. Click the Windows Start button and launch Trend Micro Internet Security Pro from the list under All Programs.
  2. Click Internet & Email Controls.
  3. Click the Settings… button under Parental Controls or Protection Against Web Threats.
  4. Click the List of Approved Web Sites link in the next window that opens.
  5. Copy and paste the address of the blocked Web site into the list.

Note:If you think that Trend Micro Internet Security Pro should not block this Web page, please notify Trend Micro by clicking this button:
Copyright © 1995-2007 Trend Micro Incorporated. All Rights Reserved.