Talk:Keystroke logging/Archive 1

Bias, anyone?
I'm sure most of us have understood keyloggers are bad things if put on your system by someone else, but it's biased to think they are all bad. For instance, they can log keystrokes incase a window closes, a program doesn't send the information, or a person loses typed information. They are a valuable tool, to say the least, in data recovery.

Commercial Links / External Links (October 2006)
I've started a new header here because the discussion was long and difficult to follow. Could anyone replying to this please indent their replies (use a colon) and sign them (four tilde(~) characters).

So.. I do believe that this article would be improved to some extent by links to external resources regarding keyloggers. Unless anyone here is an expert on the comparative testing of them, I don't think that we can make a fair assessment as to which are the market leaders (and so make good examples), and since we obviously have people here who promote such products, such an assessment is going to be contested as subjective.

For that reason, I've added a link to keylogger.org, and removed all the other commercial links. Many or all of the commercial keyloggers are linked to (and reviewed) on this page, and it claims (and seems) to be an independent site which reviews keyloggers. This easily satisfies the need to provide examples, as well as decisions regarding which ones. If anyone disagrees with this, please let me know why! I'll remove any commercial keyloggers that start reappearing as spam unless there's a convincing case made here for their reappearance, or established wikipedians disagree. njan 17:40, 7 October 2006 (UTC)


 * Hi.
 * You want to add keylogger.org site.
 * It is not a good solutions cause:
 * 1)That site does not give objective reviews! it is an affiliate with these keyloggers sites (I can see it in the buy-now link). With each sell came from their site, they get revenue.


 * 2)This site is NOT up-to-date at all.
 * Most of the keyloggers on that site were reviewed 2 years ago.


 * You know how many things can change in 2 years????
 * Also, that site offers the users to download the keyloggers from their server.
 * These files are very old versions (most of them contains bugs that were already fixed)
 * And since these are old versions, every anti virus will find them.
 * Most of them can not be installed since the AV privents it (cause these files are old and not up to date).


 * Mod21


 * Thankyou for at least posting to the talk page. Unfortunately, I believe that this you're a Sock Puppet - I've explained my reason for believing this here. Additionally, you've uploaded more commercial links to what I would imagine are sites you are affiliated with without uploading others. As I've pointed out, wikipedia is not a collection of external links. If we do have external links, they need to be useful - and the reason I've removed the external links is because the current cycle whereby software vendors upload more and more spammy external links to the page and delete others or reposition theirs in the list isn't sustainable.
 * Further, Even if this site is out of date, it still provides a number of vendors, along with reviews, and a large list. The site has a forum, a comprehensive set of testing criteria, last uploaded news a few months ago, and has forum activity within the last few days.
 * Since you've re-added links without allowing time for further discussion, and since you're a new user who may be created expressly for the purposes of spamming us with links (apologies if you aren't), I'm removing the links and reverting the page to prior state until other editors who have been involved with this issue have a time to further discuss this. In the meantime, please don't upload more links as this will just damage your case! njan 00:45, 8 October 2006 (UTC)

Hello, I have a question. Why is it that this article is permitting external links to an affiliate site, but removing internal links that are relavant to the subject because it is about a company? I can completly understand if there was no relevance to the article, but I just do not understand what the issue is here. I am not going to call anyone out, but there is a particlar person that is editing any internal link I add on multiple articles, and not to mention editing content additions I have made to make some articles a little more informational. Techie guru 13:09, 5 December 2006 (UTC)

Question about Keyloggers
This is for any one out there reading this message. I need to know all of the pro's and con's of keyloggers. If any one can help me out that would be great. It seems like a necessary evil for security reasons but it's an invasion of privacy! If any one would respond to this page ASAP it will be much appreciated.

Hello, I was just wondering about the validity of the statement that the onscreen keyboard can circumvent software keyloggers. I know that most of the keyloggers that I have made or installed or heard about can trace keystrokes made with the onscreen keyboard, and was about to change this but am not quite sure if this is true for all keyloggers. Perhaps someone should check this out?

Onscreen keyboard is just clicking, right? Then how the HELL can the keylogger hear keystrokes that aren't there?


 * Onscreen keyboards is NOT just clicking. After the click occurs, the software must send the clicked "key" to the target app, and this sending is what a keylogger can intercept. SJ2571 (talk) 05:32, 28 June 2008 (UTC)

External link
Does clicking on that last external link really immediately install a trojan on your computer or does it ask you first? IE has a lot of security so I would imagine it would ask, but I guess I could always be wrong. Please tell me in my usertalk page.

--Flarn 18:59, August 7, 2005 (UTC)

Could be used for Usability, too, to identify common sequences of the same keystrokes that could be circumvented with interface updates. Is there such a thing as a mouse logger? — Omegatron 19:24, August 27, 2005 (UTC)

Something like a mouse logger is used for software "odometers" to track "mouse miles".
 * http://www.mee.tcd.ie/~bruckerj/projects/mousemiles.html
 * http://search.techrepublic.com.com/search/mouse+meter.html

Also, I assume something like a mouse logger was used to generate http://blogs.msdn.com/alexbarn/archive/2005/05/31/423678.aspx . --68.0.120.35 05:16, 6 February 2007 (UTC)

How about copypasting?
The on-screen keyboard does work against hardware keyloggers, doesn't it? However, if it doesn't work against software keyloggers, then how about this method: Type all numbers and letters somewhere: 1234567890qwertyu....ZXCVBNM or find a web page with the letters/symbols you need - this shouldn't be too hard. :) Then just copy and paste each letter/number/symbol to the password field one by one. I'd imagine this would fool most keyloggers. Does anyone have any deeper knowledge on the subject? --ZeroOne 23:00, 23 January 2006 (UTC)
 * Or use charmap.exe --JiFish(Talk/Contrib) 23:28, 23 January 2006 (UTC)
 * Copying and pasting is not a solution as many keyloggers retain a history of the clipboard. SJ2571 (talk) 05:21, 28 June 2008 (UTC)
 * I find it doubtful that a keylogger would check for this particular workaround. meinsla   talk  05:18, 4 September 2008 (UTC)
 * You can doubt all you want but they do. SJ2571 (talk) 12:21, 20 December 2008 (UTC)

Please Clarify
The following was taken from the section "Automatic Form Filler Programs" on the article page.

"It is important to generate passwords in a fashion that is invisible to keyloggers and screenshot utilities. Using a browser integrated form filler and password generator that does not just pop up a password on the screen is therefore key. Programs that do this can generate and fill passwords without ever using the keyboard or clipboard."

Can someone please clarify what they mean by "does not just pop up a password on the screen"?


 * I think they mean that things like "perfect passwords" display the password on the screen, where it could be captured by a screenshot.--68.0.120.35 05:16, 6 February 2007 (UTC)

Magic Lantern?
That paragraph doesn't need to be there. And at the very least, let's be a bit more specific than "He was convicted."
 * I agree it should be more specific or be removed. --JiFish(Talk/Contrib) 12:07, 17 February 2006 (UTC)

External link that is example of keystroke logger
There's been some disagreement over whether that link qualifies as external link spamming. Personally, I think it should be removed just to be on the safe side, even though I understand why it is included. Opinions? --Jaysweet 22:00, 10 August 2006 (UTC)
 * I agree -- per WP:EL, we should strive to avoid linking to websites which exist mainly to sell a product. Wikipedia is not a collection of external links, but an encylopedia. I don't feel it's our place to designate any one product as the "keylogger of choice," especially when doing so seems to violate WP:NPOV. It's not evil to include the link, I understand there's a rationale for it, and I respect that, but I also have my own opinion. I would highly prefer discussion to a revert war, in this matter. Luna Santin 05:35, 11 August 2006 (UTC)

I hope editing this page is the proper way to join in the discussion. If not please let me know.

Regarding external links: I have read quite a bit about wikipedia guidelines on external links. I have also clicked around and found quite a few “editors” who dismiss 99% of external links as spam.

Since I am new here, I won’t presume to think I could teach some of you veteran editors anything. However, perhaps some key points have been lost in the Holy War Against Spam.

From the Five Pillars of Wikipedia: “Be bold in editing, moving, and modifying articles”.

From the Wikipedia Simplified Ruleset: “If the rules discourage you from improving or maintaining Wikipedia's quality, ignore them.”

Both of these inspired me to stand my ground. Most importantly is the second item from the Simplified Ruleset. To put it simply: External Links do improve Wikipedia!

With respect to what Luna wrote: I also read what you pointed out. It does say to avoid external links to sites “that primarily exist to sell products or services.“ It also says, under sites you should link to: “Sites with other meaningful, relevant content that is not suitable for inclusion in an article”

As I wrote before on Luna’s talk page:

A link to a site with contains software that is mentioned in the article is HIGHLY relevant.

There are no GPL keyloggers in existence (unless I missed something.) Therefore, it is impossible to link to one instead. To not link to an external site because it happens to be a company is ridiculous. By definition all companies sell things. And there are probably hundreds of articles on Wikipedia that link to sites which are commercial. Just one example is here:

http://en.wikipedia.org/wiki/Spyware links to Lavasoft and Safer Networking (under Software). Both companies sell software to prevent spyware. Under a strict interpretation of the external link guidelines, both of these should be removed.

Do you really think it is a good idea to delete Lavasoft from the external links? Don’t you think that, not only is it relevant, but it would actually help thousands of people who stumble across this article in a desperate need to fix their computers?

I for one, think it is shortsighted to do so. Yet, if you are to follow the “letter of the law” everyone in this discussion should be scrambling to delete these links. I, for one, will not be among you.

So I guess we are at an impasse. Sure, you can argue that editors are in a “consensus”. But I think a consensus is silly when speaking of 3 people. All it would take is one more person to join in this discussion and the pendulum would swing the other way.

I would rather here a compelling argument of why these types of links should not be included. And so far, the best ones are the charge of spam, and the reference to guidelines that would support both of our points of view.

I too respect everyone’s right to have an opinion, yet I don’t agree with the ones I have heard so far. Not because I am opposed completely to them, I just think external links are fine. This is the web for crying out loud! And that there is nothing “unsafe” about an article that contains a link to an example of what you are describing.

And finally, I would like to point out that they are in fact called Guidelines. Likely they were not named Ten Commandments for a reason.

I welcome your comments.

CheezyD
 * Thank you for taking the time to reply; especially since this is one of your earlier experiences, I'm sorry this has been causing you so much trouble. You've clearly put a lot of thought into this -- more than I had expected -- and I'm impressed. I do ask that you understand that spam is a pretty serious problem; at some point, it may become difficult to justify removing links to the other two-dozen commercial links, if we let this one stay. I hope that makes sense? So, with that in mind, I've got another proposal: let's make another section under external links, "Examples of keyloggers," under which we would allow only some of the most famous/notable examples (say, three to five), to keep things under control. Thoughts? Luna Santin 08:14, 15 August 2006 (UTC)

I agree, that spam is a problem. And while I haven't been on Wikipedia enough to see how rampant it is here, I have seen it on plenty of message boards and blogs to make me very aware of it. I also agree that agressively eliminating most external links certainly is one way to eliminate all spam, but at the expense of not having relevant links that readers may find useful. I think your proposed solution is a fair and thoughtful compromise. I would be happy to help implement this either by proposing some other links or by watching the article and offering my opinion as others add them. Thanks! CheezyD.


 * Sorry CheezyD, I'm not convinced that any commercial links should exist on a page about keyloggers. There is far too much risk for abuse. Companies are interested in receiving hits off the search term "keylogger" or a link on wikipedia as there is plenty of competition with many affiliates and resellers in the market. Allowing an example keylogger section in the page will simply encourage link spamming. E.g. wiretap pro and all-in-one keylogger do not strike me as famous/notable examples as requested by Luna. Regards, Fedia.

I'm sorry too. I have discussed my reasons to the point of exhaustion. I choose to contribute to Wikipedia by adding relevant content and useful information. If you choose to contribut to Wikipedia by being part of the self appointed spam police, then I guess, to each his own. Best wishes in all your future edits.


 * Thanks for your explanations. I personally believe it is easy enough to locate a keylogger, a simple search on any search engine will provide hundreds of results for users to choose from based on their own merits. Adding a section for commercial links to this page will simply encourage link spamming. All the best. Regards, Fedia.

By the way, it is worth pointing out that since the "spam police" decided to tolerate the Example Keyloggers section, it has continued to churn with various people adding their favorite and/or removing their least favorite keylogger. This is exactly what we feared would happen... I feel bad that CheezyD had such an unfriendly initial Wikipedia experience, but I also can't help but say "I told you so." heh... Should we remove the section now? --Jaysweet 21:01, 1 September 2006 (UTC)

Actually, Officer Fedia did not tolerate anything. He/she has been deleting this section repeatedly. In response, others have been re-adding the section. This is the cause of the churning you wrote about. Had Fedia chose to be a gentleman about it like Luna and yourself, it would not have come to this. Instead he chose to be no better than a vandal. He is a crusader without a crusade; so, lucky us, we get to have him among us and enjoy his hijinks. I think my experience with Wikipedia is most interesting so far. While I'm sure many editors have good intentions, I can see that there are those who view this as their little domain and resist anyone who doesn't get with their program. They are, in fact, self appointed spam police. Notice, most of them never actually contribute; they simply delete! Nevertheless, these type of people are everywhere else in life so why not Wikipedia? Hehe. I won't let them bug me or scare me off. And I definitely won't play ball. With regard to removing the section... if you think this was the cause and/or will solve the problem I'm shocked. People are going to keep trying to get away with stuff, section or no section. --Cheezyd 21:09, 2 September 2006 (UTC)


 * Dear Cheezyd. Please let us know what makes your example keylogger so famous/notable and deserving of recognition on Wikipedia? You can (ab)use Wikipedia as you like, but don't get personal when moderators choose to remove link spam from the pages. Regards, Fedia.

Compromise proposal: How about if we put the "Example Keystroke loggers" section in flashing text? That way, it will continually disappear and reappear from the page, but you two won't have to spend so much time manually making it do that. :p --Jaysweet 19:07, 7 September 2006 (UTC)


 * I have five pillars of "you all suck" right here in my pocket.
 * Seriously, people, engaging in a low-level revert war that just barely skirts 3RR is pathetic. Add to that the fact that all of you (and I mean all of you, i.e. CheezyD, Fedia, and Wikire) all appear based on contribs to be borderline single-purpose accounts just to argue about this page, and I have to wonder what your point is.  The Talk page is the proper venue for poopflinging, not the Article page.  Sheesh...  --Jaysweet 05:17, 12 September 2006 (UTC)

Dear Jaysweet. Can you please step in and arrange a compromise. Maybe make a separate page on Wikipedia of example keyloggers where anyone interested can add a link. Regards, Fedia.

Fedia, I just read this section and am absolutle confused. If there are resellers and affiliates trying to get on this page, why is there an external link to an affiliate web site? I can understand that you want to keep the integrity of the page, but in my opinion it is not fair that you make the exception to an external affiliate link while removing internal links that are absolutley relevant to the situation. The more I read on about the way you feel about this, the more confised I am getting. I think that everyone here is aware that there is and has been an affiliate web site linked from here for a long time, but yet it remains and you clearly do not like that. I guess that what i am trying to say is that it seems a bit biased to keep an affiliate web site as an external link (they are commercial) and yet you remove internal links that are relevant, but commercial by nature? Where is the fairness in that? Techie guru 13:38, 5 December 2006 (UTC)

keylogger.org
Hi there,

Very nice article. I recommend it to my students. Got a link to suggest. I came accross a site, where many commercial keyloggers from different companies can be found (was surprised to learn there are dozens of them!). Guess it's worthy of appearing here, in External Links section: www.keylogger.org —The preceding unsigned comment was added by Special:Contributions/ (talk)

Question
''Hi, guys, please let me know why are you deleting keylogger.org links? The site is up-to-date now, so I don't see the reasons for its links to be deleted.''

ANTI-KEYLOGGER.ORG
Yes, I agree with the guy, who posted a link to keylogger.org as I also think that it is a very useful site... I also found this one, dedicated to anti-keyloggers - I have been using their No.1 program for years! —The preceding unsigned comment was added by 203.66.209.247 (talk) 22:29, 13 May 2007 (UTC).

You can help reach consensus over the inclusion of one or more example keystroke loggers
All, I think that while this section exists the Ad war will go on. Remove it!

Fedia,

I am no moderator, and most of my usual consensus-building tactics have failed in this case. But, I am glad you came back to the table, though, that means there is some hope! I will do my best. (The "you can help reach consensus" subject heading is one of my favorite and most successful tactics, and I just busted it out now, so we'll see how that goes ;D )

CheezyD and Wikire,

Please, let's try one more time to reach a consensus, because the way things are going now is not beneficial to anyone. Let's try one more time to talk it out. Don't feel like we are picking on you! I think we all genuinely want to reach an agreement that makes everyone happy.

All,

Fedia suggested a separate page for example keyloggers. To be frank, what will happen if we do that, is that I will nominate the other page for deletion (sorry) and it will very rapidly be voted delete by a huge margin. That is indeed one way to resolve this. But, I just want you all to know that's how it will go down, if that's the route we take. I've participated in a number of Wikipedia AfD discussions, and I can guarantee that will be the outcome.

Wikire has been adding a link that purports to offer a comparison of various keyloggers. Maybe that is the compromise we want? i.e. delete the example keyloggers section, but just have the comparison link? That makes me less uncomfortable than the actual link to Wiretap Pro, etc. CheezyD, Fedia, what would you think about that compromise? --Jaysweet 04:57, 13 September 2006 (UTC)

All,

Following up on Jaysweet's points, I'd like to add one of my own: There's also another external link I've attempted to re-include to a non-manufacturer comparison site, MonitoringSoftwareReviews.org, that keeps getting removed as the pure-commerical links do. I believe we should consider keeping it. I offer this to the community:

The site offers a section of their Consumer Guide page that has objective side-by-side comparison of pros-and-cons of hardware and software keylogger technology in general terms. (Before anyone hurls insults about objectivity, please visit that page. ;-) Further, it also has comparisons of various keylogger software, too. Sure, the site doesn't compare every product out there, but what site does? It still serves a very valid point to readers of this article: education of what's out there.

My personal belief is that someone new to the technology gets great benefit from all the external links like these. Here's why:

When someone--particularly a newcomer--to the technology clicks through to these external links in the example section, as I did, there's a momentary, "Eureka!" moment for them after which they say (often aloud), "Holy smokes! I didn't realize you could do *that!!*"

That's what these links do: they really bring to life a lot of the conceptual and technical stuff that we're talking about in the article.

As for the comparison link I mentioned earlier, sure we could cover the information ourselves here on this page, but why? Source sites like that are perfectly valid sources of information, just as valid indeed as Wiki. I'd sure like to see them all stay, but if the pure commercial links must go, fine, at very least leave the comparison site, it's not owned by any of the manufacturers, and it's a valuable resource to readers--especially above the referenced page.

Lastly, I offer this for consideration. This is what I asked myself about the article with these links included:
 * Does the article help people become more or less aware of what keyloggers do and how they work?
 * Does the article further an individual's education of what's out there?
 * Does the article provide more of a Eureka moment to a reader so "they get it?"

In my eyes, the answer is yes to all three. Further, I feel that we're actually making the article *less* useful by omitting them.

Best,

--Isthisthingon 09:44, 13 September 2006 (PST)

Isthisthingon wrote: "if the pure commercial links must go, fine, at very least leave the comparison site"

Your site does not give objective reviews! You are affiliate with these keyloggers sites (I can see it in the buy-now link). With each sell came from your site, you get revenue. (That is why the expensive keylogger gets the top places at your site no?) Mod22

Mod22 wrote:

"Your site does not give objective reviews!"

Hmmm... So sorry you misunderstood me. I never disputed that there were buy now links available on their site. One can see from their 'About Us' page that their site and reviews are funded by purchases. No disputing that. They're very open about it in fact. I think you'd agree, how much more open can you get than such a disclosure?

What I referred to though (as you'll no doubt see by reviewing my prior post) was specifically the linked page that compares the pros and cons of hardware vs. software keyloggers. This is a neutral tone link, page, and section that stick to the facts. For reference, this is the page and section to which I'm referring: MonitoringSoftwareReviews

In fact, not only does that page sure seem to be quite even-handed (you may perhaps have different opinions about their pros and cons), but it's good content. Further, it also contains no '...buy-now link. With each sell came from your site....' as you put it. It's a fully relevant, topical, information only page.

Best,

Isthisthingon 02:53, 14 September 2006 (UTC)Isthisthingon 19:35:00 13 September 2006 (PST)

Greetings,

Sorry.. I have been away from this discussion which now consumes way too much time. First of all, I concur with Jaysweet when he says all of the users involved seem to have accounts that are uses soley for this revert war. This includes those adding links (like myself) and Fedia who, under the guise of helping, deletes what I think are useful links.

Secondly,I concur with whoever wrote (above) that links are beneficial. Thirdly, 95% of external links on wikipedia are monetized in some way and therefore commercial. Unless you guys are blind or simply unintiated in the big bad internet marketing machine, you will see that a huge percentage of links contain things like adwords or other types of mechanisms. Case in point: www.monitoringsoftwarereviews.org which clearly was designed to make money via affiliate marketing. If you guys think this objective, unbiased or noncommercial, think again!

I think adding a separate page to just house external or example links is stupid. I have wrote before that links are not bad. I see no reason whatsoever why there can't be a few links allowed. After that, the spam deleters who love to do this can simply prune the section. The argument of: "if we allow some links... then we have to allow all links" or "if we let one link stay, then everyone will try to add links" is ridiculous. Neither arguments hold up in practice. You CAN allow some links and delete all new ones. People are doing this right now. And deleting the section all together will NOT stop people from adding links. The REALITY is people will continue to add links no matter what you do. So the only solution is to do what you are doing: monitor for new links and delete what you term as spam.

And Finally: A consensus will not be reached. Because those who delete links are suspicious of those who add them. There are no (read: ZERO, ZILCH, NADA) freeware or GPL keyloggers. Therefore it is impossible to use one as a link instead. Fedia's argument of "is it notable" is also silly because no one has ever heard of a "famous" keylogger. At least not yet. So why not let the wiretap link stay? I wrote before, I added it because I have used it in my consulting business. It works, worked well for my purpose and therefore I linked to it. That is how the internet works. You link to things readers will find useful. --Cheezyd 04:36, 15 September 2006 (UTC)


 * CheezyD -- please do not give up on the possibility of reaching a consensus. Note that when I say that word, I don't mean it has to be unanimous -- we just need to establish an agreement between enough people on the talk page so that 1) any anti-consensus edits can be caught and reverted, and 2) (this is the key point) the consensus is documented in a clear manner, so that way if administrator intervention becomes necessary (god forbid), the admins will know what to do.
 * I am growing more sympathetic with Luna's earlier compromise solution, to allow two or three example links, and then just have somebody keep an eye on the page to make sure it doesn't grow beyond that. I don't mind volunteering to do that, if we reach a consensus on a specific number is set in stone, and the consensus is well-documented so that if I get in a revert war I can just report it to WP:AIV.
 * My vote would be for two links. One is too few (shows preference) but three is an invitation to add more.
 * Fedia -- would my promise to keep an eye on the article satisfy your concerns about "if we allow one, we allow a hundred"? Or would you still be strongly opposed to that? --Jaysweet 15:50, 15 September 2006 (UTC)

Jaysweet, I agree that Luna's solution made sense which is why I happily agreed to it before. I agree 1 link would show favoritism... but I'm not sure 3 is the magic number to encourage more. I believe there will be attemps to add more links regardless of whether there are 0 or 100 links; so I think the number we allow is arbitrary. I think something like 3-5 is reasonable. I also think the quality of link is important. For example, right now there is a link that says "Hardware vs Software keyloggers". This is not an example keylogger, and therefore should not be in the section. And finally, I also will volunteer to watch the page once a consensus is reached.Cheezyd 18:44, 18 September 2006 (UTC)

Hello everyone. Jaysweet asked me to join, so here I am. Cheezyd wrote: "I also will volunteer to watch the page once a consensus is reached" Same here. The problem will be to choose the links. There are lots of keyloggers programs but only 5-7 are good. I am sure me and Cheezyd can reach an agreement about these we should include it the list. In my opinion, we should allow 5 links of keylogger examples. Every keylogger site will be able to add its site. When we get more than 5 links on the page, we will delete these which were not on our initial list.Wikire

I like the above mentioned suggestion. I beleive that having a few of the more widley used ones would be a better idea than continuing to have the affiliate web site that is currently listed. I would go one step further to state that having the actual makers of the software receive the links, that is by far the most unbiased way to acomplish that. Otherwise affiliate sites would simply compete on the links for this page. Good suggestion Wikire. Techie guru 14:09, 5 December 2006 (UTC)


 * Hi Techie Guru, I would support the removal of the keylogger.org site as it does not seem independent at all (there are buy-now links all over it). Also, I'm not convinced that the spectorsoft page is anything more than the commercial promotion of a company. We don't want to encourage link spamming at any level, even links internal promo pages such as spectorsoft. Regards, --Fedia 17:13, 6 December 2006 (UTC)

Hi Fedia, I would most certainly support that as well. I can understand your perspective, but you should consider reading up on what that company is all about. Additionally, there is not any rule stating you can not create an article about a company, look at Microsoft, and countless others. let me give an example: If someone wanted to read about an operating system, they would go to that page, and notice that there is a link for Microsoft Windows and a few other Operating Systems. Is that link spam? I do not think it is, especially if someone actually takes the time to read an article, find relevance to another article and internally link those articles. If this was about external links, yes, I would agree with you, but this is not about external links. I am certain that you are an expert in this area, but that does not mean others are not. Techie guru


 * Hi Techie Guru, being as the spectorsoft page contains external links to several of their products, and the text on that page reads like a thinly veiled promotional page, I hope you can understand my skepticism regarding your motives for adding the links. This page has been locked down before, and I do hope it will not be locked down again due to link spammers and the like. Regards, --Fedia 00:46, 7 December 2006 (UTC)

Hi Fedia, The external links are to the company the article is about. Would that not make more sense than to have an affiliate web site link there instead? I can understand you being skeptic, but do not agree with you on that. I beleive that we can come to a conclusion on this, but we really need to meet a middle ground on this. Here is a proposal for this article, why not remove the keylogger web site (as we all know it is an affilite site) and pick 3 of the most widley used keyloggers that are made? I am sure we can both do some research on who they are and place them there in place of the keylogger site? I would also like to continue the discussion on your talk page about other things as well. Cheers Techie guru 11:27, 7 December 2006 (UTC)

Antikeylogger list
Related to the question of external links I have added a list of freeware anti-keyloggers. I do believe they can be beneficial given the discussion of anti-keylogging protection on the same page. Any thoughts? Too many maybe? There is no question of commercial interest except maybe for KeyScrambler that sells a pro version, the rest are completely free. Aarontay 18:48, 12 January 2007 (UTC)

-- The anti keylogger programs are commercials. From "I Hate Keyloggers" site: This evaluation version is fully functional, but will show a splash screen when it loads. Please register so the program will load faster without splash screen. Registration fee is US $30.

"MyPlanetSoft Anti-Keylogger" site has an Order option!. (http://www.myplanetsoft.com/products/order.php)

Keyscambler has a paid version.

Mouse-Only Keyboard site has an Order option.

Admins someone is fulling you! added signature that was not signed by Antispam123 --

LOL, Antispam123 is probably one of the disgruntled anonymous and newbie editors that have being disrupting this page (as well as other anti-malware related pages) for the last few days or so with insertions of affiliate links and shameless promotion of specific products from a certain company. Probably pissed of at me and other editors that have being reverting them.

To the accusations, I would point out that Myplanetsoft Anti-keylogger and Mouse-only keyboard are completely free, so what if there is an "order option"? It's not for those software! Or does wikipedia have a new rule that states you can't link to a page that happens to have ads?

The other programs are completely functional, free and not time limited. It is true one of them produces a splash screen (which iirc does not nag you to buy) and Key scrambler has a pro paid version (I stated it upfront). So what? Ad-aware has a pro version too, but it's still freeware.

Besides It's a far cry from the rubbish that has being posted here by people in the past few days who are clearly affiliates or spammers of a specific company products who have here for no other reason than to insert spam links. Still as a matter of good faith, I'm willing to discuss it further and remove some or perhaps all of it, if the consensus of editors who are editing in good faith feel that such links are unnecessary. Right now I'm tending towards the position of removing all the links freeware or not, because clearly spammers are trying to use that as an excuse to put in their own links.

You see, the difference between my edits and those of the spammers is this. I added those 3 links (as well as a couple of others) at the same time because i thought they might be useful, and not because I have a stake in promoting them. If I had something to gain, I would not be adding links to various software produced by different people, nor would I link to their specific non-affiliate pages. :) Aarontay 18:18, 22 January 2007 (UTC)

I personally think that this list needs editing. Nothing against you, but more so that the content on those sites is thin at best. I do not think it is a necessary thing to compare what you are doing to the "other" spammers as I would assume that not all of us are spammers. Techie guru 12:05, 23 January 2007 (UTC)


 * The fact is unfortunately as pointed out above, many people on this talk page arguing (including you)are using accounts that exhibit pretty suspicious behavior, e.g adding links to only a certain company's product. I suppose a customer could fall in love with a certain brand of keylogger, but not to the extent you are showing?? :) Aarontay 19:48, 23 January 2007 (UTC)


 * The answer to that is, no. Also I am not trying to argue.  I have no intention of addin external links to this article, nor did i ever.  I am not quite sure what you mean about suspect behavior, besides, that would be better addressed on my talk page, or else where.Techie guru 21:47, 23 January 2007 (UTC)

Why not lose the light content sites and be broader? Maybe a DMOZ listing, Yahoo Directory listing, and so on. Techie guru 12:05, 23 January 2007 (UTC)


 * I could be wrong but weren't you pushing for specific links to specific keyloggers instead of broader links to keyloggers? Why the change in policy here when it comes to anti-keyloggers? Doesn't specter have a anti-keylogger line? Aarontay 19:48, 23 January 2007 (UTC)


 * I am not affiliated with "specter" so I do not know if they have a anti-keylogger, Sorry. I was not pushing for anything other than a discussion. Granted, I did add an internal link that I beleive was relevant and it ended up being a revert war. I decided to not get involved with that and have not participated in anything other than the discussions about the links on this page as they are constantly being altered.Techie guru 21:47, 23 January 2007 (UTC)

Also Neokeys link is a download. That should not be there as there is no clue as to what that zip contains. Considering the nature of the article, at the very least that should be removed. Also, I notice that only Freeware is listed in the anti-keylogger section. Why? Techie guru 12:05, 23 January 2007 (UTC)


 * Because the current situation on this page is such that anything that smells even close to advertsing will be shut down. As it is I'm already getting hit for adding something that has a pro version! Not that I disagree with your point about Neokeys. I have a better link not sure why I linked directly to the download in the first place. Aarontay 19:48, 23 January 2007 (UTC)

There are also other anti keyloggers that are equal or better than the list you added. Examples: Zone alarm can pick up a majority of keystroke loggers, Norton Security and A/V can as well, So can Spyware Doctor, McAfee, AVG, and the list goes on. Surely you can not rule them out as they are the authorities in the field. Also with a lot of those mentioned companies, they have details explaining what the different applications can do. Techie guru 12:05, 23 January 2007 (UTC)


 * I was thinking more in terms of specific/specialised anti-keylogging measures, rather than other stuff like firewalls and antiviruses which might detect or stop keyloggers. Besides mention of and internal links to firewalls and antispywares are already in the main text, there seems little point in adding specific external links. This isn't the antivirus or antispyware page after all Aarontay 19:48, 23 January 2007 (UTC)


 * This is one of the many reasons why those links need to be included. It is 2007 and the facts are that spyware/malware/trojans/keystroke loggers all get lumped up in to one category.
 * While i wish it was not like that, it is. With that said, I understand that this is not an anti-spyware or anti-virus page, but those kind of applications are what the majority people that surf the web use. To not include those site would be a dis service to the article as Wikipedia is intended to provide visitors with accurate information. I agree this is not an anti-spyware/anti-virus page, but it is certainly not an anti-keylogger page either, but i can see the relevance in having links for them.Also it need to be pointed out that those sites I mentioned are more than capable of detecting and disabling the majority of keystroke loggers and most people have that kind of software on their computers already, so it would save them the time of downloading and also save them money too.Techie guru 21:47, 23 January 2007 (UTC)

In closing, I think that you are spot on in adding a anti keylogger section to this article, but I think there are better sources out there that would be beneficial to anyone that reads this article. Maybe keep a couple of the freeware and add some authority links to it? Also, I think it is a good idea to remove the Neokeys link or at least change the link to a page with content instead of a download. That in my opinion is a danger to people that click it anddo not know what they are doing. For all we kno0w its a zip file containing a keylogger or a trojan. I do not really think that is the case, but can you see the point on that? RegardsTechie guru 12:05, 23 January 2007 (UTC)

Code examples
Reading the article, it gets very informal when it starts talking about the programming behind keylogging. I've cleaned it up a bit, but the descriptions either need to be removed as unneeded, or replaced with a more technical and formal explaination. I also question weither or not having any of that code is suitable on wikipedia. -- Pauric ( talk-contributions ) 00:02, 8 December 2006 (UTC)


 * After reading this discussion page im not sure if there has ever been code examples on this page, but I am unsure on wikipedia's policy on this sort of thing. Anyway I was thinking of writing a very simple keylogger in python just to show the simplicity and the workings of keyloggers. Obviously most key loggers will be a lot more advanced, but... what do you think? 87.84.118.226 (talk) 10:48, 17 September 2008 (UTC)Bodsda


 * Not to discourage you but it probably wouldn't survive long due to WP:NOTHOWTO. --CliffC (talk) 13:09, 17 September 2008 (UTC)

-- The anti keylogger programs are commercials. From "I Hate Keyloggers" site: This evaluation version is fully functional, but will show a splash screen when it loads. Please register so the program will load faster without splash screen. Registration fee is US $30.

"MyPlanetSoft Anti-Keylogger" site has an Order option!. (http://www.myplanetsoft.com/products/order.php)

Keyscambler has a paid version.

Mouse-Only Keyboard site has an Order option.

Admins someone is fulling you! --

Protection?
This page needs to be semi-protected. All the annoymous people are constantly adding spam links. Pretty much the last 50 or so edits are just reverting spam links. Aarontay 11:41, 20 January 2007 (UTC)
 * Agreed. I've requested this at WP:RFP. Fayenatic london 13:07, 22 January 2007 (UTC)

DVORAK and Alternate Keyboard Layouts
I think this section to be unwarranted speculation. There is no reason to suggest that a person with the proper motivation could not convert the most simple single character replacement cipher which would possibly be created by using a DVORAK keyboard or keyboard layout.

Also, any hardware based Dvorak keyboard would simply send the proper character codes without regards to it's key placement. This is not to mention the amount of time it takes to learn to use this layout, coupled with the fact that you cannot see what you're typing into the password field.

All of this considered, it's entirely possible that the windows keyboard layout application sends keyboard events which would be picked up as if there were no layout anyway, were a software Dvorak solution used.

I'm not sure I feel comfortable removing this section personally, would anybody care to agree with me on this one and remove it?

''Agree. On any kind of Dvorak, Qwerty, AZERTY, or other physical keyboard, sooner (hardware in the keyboard) or later (software in the OS), the keypresses are translated to ordinary letters.'' If a software keylogger is spliced in after that point, it picks up those letters in plain text, no matter what kind of keyboard you use. If a software or hardware keylogger is spliced in before that point, it's a simple substitution cipher. There may be good reasons to use Dvorak, but security is not one of them. --68.0.120.35 04:59, 2 February 2007 (UTC)

detecting keyloggers
Gil Sever says that "there are software solutions available which can detect the presence of hardware keyloggers and disable them".

I was under the impression that it is impossible for software on a PC to detect a hardware keylogger.

How could software detect a hardware keylogger? --68.0.120.35 04:59, 2 February 2007 (UTC)


 * Beats me. But there are products that claim such protection. See http://www.privacykeyboard.com/privacy-keyboard.html . Just an example btw, not saying we should add it. Aarontay 06:30, 2 February 2007 (UTC)

Interesting. That software certainly does claim protection against hardware keyloggers. But (as far as I can tell) that software does not detect or disable hardware keyloggers -- instead, that software assumes there *might* be a hardware keylogger, and uses a kind of virtual keyboard. Most virtual keyboards are operated using only the mouse (or a stylus), yet the illustrations on that site show people with their hands on a keyboard, so perhaps there is something I am missing. --68.0.120.35 05:16, 6 February 2007 (UTC)

Actually, PrivacyKeyboard simply disables the bios mechanism that all keylogger's architecture works on. If you activate the program, you will also disable the printscreen button, this is because it blocks the mechanism in which screen shots are captured and stored, which is another method that spy software programs log. Hence, it doesn't necessarily detect it but it won't allow it to work. PrivacyKeyboard does not look for key signitures in order to disable software it disables the catalyst used.

In the best case a non-QWERTY layout will encrypt what you type with a Ceaser Cypher,. This is not secure. With a little trial an error, it's easy to figure out what letter each keystroke should correspond to.

As other have pointed out, the keystroke logger would most likely record the plaintext of what was typed anyway, since the OS translates keypresses. —Preceding unsigned comment added by 75.60.181.130 (talk) 18:41, 15 September 2007 (UTC)

Countering keystroke loggers relative to password capture
One current, widely used, technique that may warrant a mention in the article is the use of one-time passcode generators - if the system is built to utilize this type of authentication mechanism, the ability to capture the keystrokes is useless, for passwords anyway. I relaize this is not a universal solution but just one additional tool to help prevent unauthorized access to user information.

128.29.43.2 14:59, 21 March 2007 (UTC)chuck

100% Remote?
Is there any 100% remote keyloggers. I heard of several instances in which users of internet forums or other such online communities (like habbo hotel) have made contact with fellow users over instant messengers, sent them a program which they have run and it has secretly monitored the victim's computer and stolen their passwords.

Maybe we should list the names of such programs to make people more aware? 86.31.108.223 21:01, 24 March 2007 (UTC)


 * It is basically always true that whenever you run a program, anything can happen. There is almost no protection possible for this, except to not run programs that you are not SURE are safe.  And program names don't matter much - very easy to rename any program to anything. -69.87.204.172 15:18, 16 August 2007 (UTC)

Figuring out where the LAUSD comments come from
Dear WhisperToMe (talk): I consider my being on Wikipedia a privilege for which I'm honored. That being said, if I have something to say on any subject, I say so in an article somewhere and I sign my name to it. Whatever small edits I have done here and there, I also sign my name. I was, thus, wondering if within your high-tech level of WP knowledge, you may be able to tell which computer the LAUSD comments came from? I have never discussed my password with anyone at all, in fact, I have since the incident changed my password. I am, however, concerned that someone with a high level of computer sophistication may be watching me closely and hacking my password at whim. And that this spammer, in question, may use me as a tool to further his/her cause, whatever that may be. Please, let me know. In the meantime have a very Happy New First Day of 2008.Mig 21:21, 1 January 2008 (UTC)

[edit] Figuring out where the LAUSD comments came from

Mrs. C, you will have to ask a Wikipedia:Developer that question - Regular users and sysops alone cannot determine the IP address of a registered user (including yourself and the person who pretended to be you).

Anyhow, I would suggest avoiding using your account while on public computers and checking your own computer for keyloggers. Wikipedia has a technique to disable "brute force" password crackers (The "repeat the words in this image" trick), so if someone repeatedly finds your passwords, it could be due to a keylogger. WhisperToMe (talk) 00:08, 2 January 2008 (UTC)

Thanx, WhisperToMe for your response and I will take appropriate measures to see if I learn more about what happened and how to identify the hacker. I used my account here while I was working at LAUSD, but have never used a "public" computer. I wonder if the problem comes from LAUSD, given the rage I've seen and the subject matter. Oh, BTW, I'm "Ms." because C is my dad's family name. Thanx for addressing me so respectfully, however. Mig 01:48, 2 January 2008 (UTC)

Retrieved from "http://en.wikipedia.org/wiki/User_talk:"Mig 01:58, 2 January 2008 (UTC)

Needed sections
Need sections here on:

Legalities involved if Employer institutes keylogging
 * rights violated?
 * recourse for recovery of sensitive (SS#/bank account) information.

Alternatives to keylogging for support personnel. (is keylogging ever needed for legal means?) Is 100% compliance with Corporate AUP (Acceptable Use Policy) ever a reason to institute a program of company-wide key-logging?

Is the institution of a company-wide program of key-logging legal, or does it leave an institution SO vulnerable as to cause it to become a "fly trap" for future lawsuits?

—Preceding unsigned comment added by 71.127.207.78 (talk • contribs)

Correct Inaccuracy: On-Screen Keyboard, Program-to-program (non-web keyboard)
I wish to correct an inaccuracy in the current "Program-to-program (non-web) keyboards" section, but I would like to ask for feedback from fellow Wikipedians before submitting this proposed change.

The current section states that ALL on-screen keyboard programs are susceptible to keyloggers (and perhaps screen loggers). This is not true. Some on-screen keyboard programs disable the hook mechanism, and others avoid the use of keyboard event messages, instead relying on drag and drop (discussed in the article).

Here is the suggested (revised) text for this section:

It is sometimes said that a third-party (or first party) on-screen keyboard program is a good way to combat keyloggers, as it only requires clicks of the mouse. However, this is not always true.

Most on screen keyboards (such as the onscreen keyboard that comes with Microsoft Windows XP) send keyboard event messages to the external target program to type text. Every software keylogger can log these typed characters sent from one program to another. Additionally, some programs also record or take snapshots of what is displayed on the screen (periodically, and/or upon each mouse click).

However, there are some on-screen keyboard programs that do offer some protection, using other techniques described in this article (such as dragging and dropping the password from the on-screen keyboard to the target program). Ezen (talk) 04:26, 13 November 2008 (UTC)Ezen. 13th Nov 08

--Update 14th Nov - have implemented the changes. Happy to discuss with others... --124.168.223.108 (talk) 10:08, 14 November 2008 (UTC)