kvantum wrote: |
One of the first things he did was replace the USB keyboard with a PS/2 one. |
Quote: |
Now, even though the docking station has a PS/2 port, he used a PS/2-to-USB adapter to connect it. |
Quote: |
We've tried checking the driver, but it detects as a standard adapter. As I would expect from a good keylogger. |
Quote: |
We can't do anything with him unless we know for sure. Also, the adapter was installed for quite some time before we found it, so if it is indeed a keylogger, he already has a lot of stuff. |
Quote: |
I've searched the net stores for a similar looking device, but there's too many out there to go through them all. |
Quote: |
Does anyone know of a way to break into these things? |
moondoggie wrote: |
i can't speak to the functionality of the device, but would it not be company policy to force him to use the provided keyboard and take this device away "for study with compliance with IT user policy"? i mean, you can always make the excuse that the compatibility of the device needs to be studied before he can use it on his system at work. |
kvantum wrote: |
In case it is not a keylogger, it would compromise more information. Besides nothing is stopping him from taking device home overnight. |
Quote: |
Just plug that thing in and run a keystroke generator on the client.... |
Quote: |
Kvantum, you seem to contradict yourself. I thought you ""don't know what happened to [the device] during the upgrade," how could he take it home? |
Quote: |
And if the device is not a keylogger, what else is it? How would it compromise more information if it is not a keylogger? |
Quote: |
Too many suspicions, but nothing solid to state otherwise. |
kvantum wrote: |
The device has been held, we just "don't know what happened to it during the upgrade". But this brings us no closer to the root of this. |
Silverblue wrote: |
wow, that's a story i thought physical keyloggers are gone forever |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours