Ive been hacked...now what? - Page 6

galmost · #51 01-06-2007, 06:56 AM

I hope my post isn't an insult to your intelligence, but did you go to any of the sites that spam FTP?

You will sometimes see spam like: "Try our poker probabilities calculator, and see the probabilities just like on TV."

The software probably contains a key logger or something.

Ricks · #52 01-06-2007, 06:34 PM

[ QUOTE ]
[ QUOTE ]
I don't like storing any passwds. You can use a passwrd storage program that will temporarily copy the passwrd to the clipboard: keypass, for example.

[/ QUOTE ]

I use Keepass. How hard is it for someone to gain access to whatever is copied to your clipboard? Could this be an easy way to steal some of my passwords?

[/ QUOTE ]

The next time that you copy/paste a password from Keypass and submit the form, you will notice that the password is no longer in memory. At least this is the way it works with my web banking.

train. · #53 01-07-2007, 11:28 AM

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
I don't like storing any passwds. You can use a passwrd storage program that will temporarily copy the passwrd to the clipboard: keypass, for example.

[/ QUOTE ]

I use Keepass. How hard is it for someone to gain access to whatever is copied to your clipboard? Could this be an easy way to steal some of my passwords?

[/ QUOTE ]

The next time that you copy/paste a password from Keypass and submit the form, you will notice that the password is no longer in memory. At least this is the way it works with my web banking.

[/ QUOTE ]

If I copy a password from Keepass and then wait just a few seconds before pasting I have to recopy because it's not on the clipboard anymore.

edit: but does that mean it's irretrievable by some hacker?

Ricks · #54 01-07-2007, 01:36 PM

[ QUOTE ]
edit: but does that mean it's irretrievable by some hacker?

[/ QUOTE ]

From their web site. KeyPass

[ QUOTE ]

In-memory passwords protection

While KeePass is running, your passwords are encrypted using a 'session key' (randomly generated at startup). This means, that even if you would dump the whole KeePass process memory to disk, you couldn't find the passwords (at least not in plain text). Note that this only applies to the passwords field, not to the usernames, etc. because of speed reasons. When you want to copy a password to the clipboard for example, KeePass first decrypts the password field using the session key, copies it to the clipboard and immediately re-encrypts it using the session key. Here, ARC4 is used as encryption algorithm, the session key has a fixed size of 12 bytes.

KeePass securely erases all security-critical memory when it's not needed any more, i.e. it overwrites those memory areas with random data before zeroing and releasing it (this applies to all security-critical memory, not only the passwords field).

[/ QUOTE ]

Roba1111 · #55 02-06-2007, 11:33 PM

any updates? did you get the money back? did you find out how you were hacked? what did stars support do that was so helpful?