* Greg Black <[EMAIL PROTECTED]> [010822 19:46] wrote:
> Matt Dillon wrote:
>
> | This gets an 'A' on my cool-o-meter.
> |
> | http://www.vnunet.com/News/1124839
>
> The real research might be interesting, but the information in
> the article seems to be wrong. It says:
>
> Each keystroke from a user is immediately sent to the target
> machine as a separate IP packet. By performing a statistical
> study on a user's typing patterns, and applying a key
> sequence prediction algorithm, the researchers managed to
> successfully predict key sequences from inter-keystroke
> timings.
>
> While this is true for events that occur while you are typing at
> something like an xterm, it's not true while you type in a
> password. In that case the ssh client at your end collects the
> entire password, encrypts it, and transmits the whole thing when
> you hit <Enter>.
>
> How are they going to determine inter-keystroke timings from
> that? Maybe the real trick is much cooler than what is shown in
> the article ...
No, the idea is that one may have ssh'd into a remote host that's
trusted, and there the user is typing a password to access something
from the trusted host.
One could do the statistical analysis then.
--
-Alfred Perlstein [[EMAIL PROTECTED]]
Ok, who wrote this damn function called '??'?
And why do my programs keep crashing in it?
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
