Not necessarily. There are many setups, like in a CoffeeShop, or even your home with guest accounts allowed, where someone other than you has root control, but you are just
allowed to run the XServer. So if I go to a coffee shop, and they give free linux computer access (not your computer, theirs), and they have that script running, they are grabbing everything you type....cc numbers, passwords, etc. A husband may setup a linux box at home, and record his wife's or guests Xsessions without them knowing. Or vice-versa. If root is doing that, he could also be sending the captured data out on a socket.
| [reply] |
So you're using computer under other-person's control, I still don't see anything scary (you're already Pwned, if he wanted, computer could shoot rockets at your behind :))
| [reply] |
Well then, let me ask you this. According to your view, why should any of us worry about key stroke recorders? If we are not owners of our computers, we should assume key-logging? And if we are the owners, we already know what we are typing. What about distros like Ubuntu and it's varieties? You own it, it's yours, but they keep root access somewhat difficult to use. Some innocent newbie could be running a hacked version of Ubuntu, and not know their xev's are being watched. My whole point being that any type of keystroke recording on linux, is possibly nefarious, and people should look at how it's being done. The first line of defense is awareness. I pointed it out, because the euphenism "keystroke dynamics monitor", glosses over the true nature of what it's doing, and many monks may have passed by without looking.
| [reply] |