Spyware and process viewer
I've been reading quite a bit lately about spyware. My question is this: If a spyware app is running on your OS X computer, will opening the process viewer show it as a running app?
On a related note, can you set up the OS X firewall in block your computer from transmiting information from unknown apps?
Thanks to all who answer.
On a related note, can you set up the OS X firewall in block your computer from transmiting information from unknown apps?
Thanks to all who answer.
Comments
the only thing i've heard of that is even close is the neo-modus direct connect client spawning an ad window every hour or so.
if there were spyware, and it were a program, it would show up in the process viewer, yes. but there isn't.
i'm thinking NO.
..TOTAL INFORMATION AWARENESSS SYSTEM.
Run by convicted felon Admiral Poindexter, known for lying to congress, subverting the constitution, and other forms of lewd behavior involving Oliver North and the Bush Crime Family.
Look it up if you not frightned.
You will be.
<strong>What about the FBI's magic lantern, the ulimate spyware which can install itself unnoticed if the user does something as simple as looking at a picture in an email program? I doubt it would show up.</strong><hr></blockquote>
Um, what? I hate to tell you, but this isn't possible. They MIGHT be able to carefully craft an image to cause a buffer overflow in the loading application (possibly a standard platform graphics library) and run arbitrary code, but that would be VERY application/library specific, and a bug to boot.
Most spyware programs would indeed run as an application, and be visible in the process viewer. However, it might be possible to create a custom keyboard driver that tracks keypresses without running as a process, and trick you into installing it. To eventually communicate this back to a listener, a process would have to be run, but not necessarily at the time your keypresses would be being recorded.
I say "might be possible" above due to the lack of knowledge about a few things:
1. Do built in keyboards such as those on my PowerBook use a kernel extention for the driver, or is it built into the kernel? (It could still be possible to hijack, but they'd have to give you an entirely new kernel build... open source makes this possible, though).
2. I assume that USB keyboards are handled through a kernel extension, as USB itself seems to be (if memory serves). This sort of driver could be more easily hijacked.
Also, from my understanding of it, if the FBI wants to record what you are doing, they usually obtain a warrant and break into your house when you are not there, and put a physical device into your keyboard to track keypresses. I'm not sure how this is legal, but then again there are a lot of things our justice system does these days that I don't understand the legality of.
<strong>Forget spyware, the thing to watch out for now is the...
..TOTAL INFORMATION AWARENESSS SYSTEM.
Run by convicted felon Admiral Poindexter, known for lying to congress, subverting the constitution, and other forms of lewd behavior involving Oliver North and the Bush Crime Family.
Look it up if you not frightned.
You will be.</strong><hr></blockquote>
Not to mention the fact that it had the creepiest logo ever. The most parnoid conspiracy theorist wouldn't have thought they'd be that overt. I think it has been changed now though. It was originally the all seeing eye on top of the pyramid looking over the planet. ugh.
Oh, and don't let people confuse you over Poindexter. This man was convicted of lying to congress and subverting the constitution. His conviction was only thrown out because of his immunity granted by congress (a stretch of the law by the Republican appeals court), not because he was innocent.
Otherwise known as...
-------------
RosettaStoned
<strong>No The FBI program I believe your talking about is called carnavor. They install it at your ISP and record ever one of your packets on to tape for any given amount of time. Then they disect your packets.</strong><hr></blockquote>
<a href="http://abcnews.go.com/sections/scitech/CuttingEdge/cuttingedge011221.html" target="_blank">Magic Lantern</a> is not Carnivore. Carnivore does monitor transmisssions sent over the Internet, but it cannot break encryption, which all smart criminals use. Magic Lantern is a "undetectable" trojan horse which monitors keystrokes. The program is supposed to find passwords and encryption keys, which can be used by Carnivore. The software does exist. The FBI has told the public they've used it against the Mob.
There are several ways Magic Latern could be installed on your computer. The FBI could break into your house and install it manually. It could be inside an email attachment. Heck, who's to say the FBI couldn't go to Microsoft and ask them to include it in the Office 2003 installer?
<strong>Not to mention the fact that it had the creepiest logo ever. The most parnoid conspiracy theorist wouldn't have thought they'd be that overt. I think it has been changed now though. It was originally the all seeing eye on top of the pyramid looking over the planet.</strong><hr></blockquote>
Those crafty Masons! That's hilarious, I never saw the logo.
<strong>
Those crafty Masons! That's hilarious, I never saw the logo.</strong><hr></blockquote>
here it is...
<strong>In general what should be listed in Process Viewer? </strong><hr></blockquote>
Processes?
As to Magic Lantern, why do you care? You think they ported it to Mac OS X? Not quite
<strong>
Processes?
As to Magic Lantern, why do you care? You think they ported it to Mac OS X? Not quite </strong><hr></blockquote>
Who's to say it hasn't. Smart criminals would use Macs, although, you're probably right.
<strong>
Those crafty Masons!</strong><hr></blockquote>
<img src="graemlins/lol.gif" border="0" alt="[Laughing]" /> <img src="graemlins/lol.gif" border="0" alt="[Laughing]" /> <img src="graemlins/lol.gif" border="0" alt="[Laughing]" />
Hey, imagine what the logo would be like if the project was run by Mac users?
Barto
uh, sir, i hate to report but we couldn't install the lantern.
"why not agent johnson"
they had a mac sir.