Tuesday, February 28, 2006

Warning: keystroke logging is a threat -- and Franco is still dead

Monday's edition of The New York Times published a Tom Zeller piece on the proliferation of keystroke logging spyware, especially originating in Brazil. While no doubt a useful warning to Times readers unaware of the risks, the article was quirky:

-- Keystroke logging is not new. In fact, The Times reported on the issue twice in October 2004 alone, and as far back as 2001.

-- The article only discusses key logging software. It fails to mention key logging hardware, which, although introduced only via a physical attack vector, is even more pernicious, because no defensive software measures can detect it.

-- The Times' search engine can't find the article under the word "keystroke" -- it turns out the author uses the neologism "keylogging" which you'd guess does not appear in the style guide.

-- The Times' search engine does offer plenty of links for purchasing key logging software. No doubt the advertising engine is powered by Google -- and a lot more attention goes into picking the best keywords for ads than The Times will ever spend on indexing its own news stories.

Click to see full-size screen shot