What Is Keylogging?

Many people use the internet to check their e-mails, bank accounts, shop, and to send personal and private information to others. Most Web sites are usually safe, but criminals have found a way to steal a user's information right off his keyboard. Keylogging is a process of recording a person's key strokes, usually without the person's knowledge, and sending the information to an intended target. Doing this, a person can learn everything that is typed on a computer to use as they will. It is also possible to track a person's computer use using this technology.

Before anyone can detect what is being typed on a certain computer, the person has to gain access to the computer keyboard. This can be done in two ways: with keylogging software and with hardware. Keylogging hardware usually records what a user types on his keyboard and stores it in a mini hard disk until it is physically retrieved. These devices are commonly disguised as keyboard plugs and therefore can be difficult to detect. In addition, since it is hardware, anti-virus programs cannot usually detect it.


Keylogging software, on the other hand, does not need a physical access point. This type of keylogger can be downloaded onto a computer without the user's knowledge. Once installed on the computer, it can then record the data typed on the keyboard and occasionally send that data to a target person. That target person can then have access to anything typed on the computer. Though this type of keylogger can be difficult to detect by a user, some anti-virus software may be able to identify it.

One of the most common uses for keylogging is the theft of personal information. Should a criminal use the software or hardware to capture personal information, he can use that information for his own use. For instance, he can go on a shopping spree using the victim's credit card information. This is why it is important for users to do all they can to protect themselves from such intruders. Knowing and understanding the programs running in the computer background and having the appropriate kind of updated anti-malware software are just two methods a person can use to help protect his personal information.

Some may argue there are some good aspects to keylogging. Parents can use the technology to monitor children's activities. It can also be used by companies to monitor an employee's computer use. It may even help save important documents that are lost due to a power outage. These activities, however, may bring up privacy rights issues, so it is important to use these programs in such a way as to not break local laws.

What Is a Computer Cleaner?

In the course of using a computer, various records accumulate that reveal a user’s activities on and offline. A subsequent party can access these records to snoop on the previous user’s actions, and might even be able to gain personal information. A computer cleaner is a utility that wipes these records to maintain privacy.

The number and type of records generated while using a computer are numerous and varied, found in many different places throughout the computer. For example, many software programs keep a list of recently opened files and documents, or recently viewed images or movies. Run and Find histories are also logged. Temporary files archive copies of documents that might persist for months or even years, if not wiped.

Online activities also leave footprints. A Web browser sets aside allocated memory on the hard disk as cache, or a place it can keep copies of recently viewed Web pages so that these pages can load faster on subsequent visits. Browser cache is a rich source of information about previous browsing sessions.

The convenient auto-complete or auto-fill feature scans records of previously typed words to predict input based on the first few keystrokes entered. This feature can inadvertently reveal previous searches and websites visited, even if browser cache has been wiped. A public computer might “leak” personal information such as name and address, if a previous user filled out a form providing this information.


Snoops cannot read computer cookies because the contents are encrypted, but they can see which websites issued the cookies, inadvertently revealing surfing habits to any would-be busy-body. A computer cleaner takes care of this by wiping cookies.

Windows Internet Explorer makes use of a file called index.dat, which stores information about websites visited and keeps an index of cookies received. Even if using the built-in privacy features of the browser to wipe history, cookies and cache, the index.dat file will remain intact. Only a comprehensive computer cleaner will wipe the index.dat file. Explorer creates a new, ‘blank’ one at the next session.

A good computer cleaner will address all of these issues and more, and should be easily configurable to optionally preserve certain files such as useful cookies. Running the utility from a USB memory stick or flash drive will allow you to clean footprints from a public computer or work station without installing the software.

Although a computer cleaner does a good job of protecting privacy at a basic level, it is not a forensic tool. Windows operating systems lock a portion of the hard disk to use as a designated paging or swap file, for example. This file contains a great amount of unorganized (and therefore seemingly chaotic) data that nevertheless provides records of usage. Readily available tools allow anyone to view the contents.

You can set Windows or a computer cleaner to wipe the paging file at shutdown, but this action typically delays the shutdown process by several minutes or longer. Also, shutting down a public or work computer might not be practical. More obscure traces of activities left untouched by a computer cleaner might also persist that would not likely be found by the casual snoop, but could be recovered by law enforcement or administrators.

What Is an Internet Spy?

The term Internet spy typically refers to something or someone that is monitoring activity on a computer. Most often, the term is used to talk about software designed to capture screenshots of what a person is doing online, or log all text a person enters into the keyboard. This type of computer software is frequently used to steal credit card numbers, passwords, and other private details. Occasionally, it is used to catch a cheating spouse or monitor the activity of a child to ensure their safety. An Internet spy may also refer to someone who physically — rather than remotely — looks through someone else’s computer files to view what websites he or she has been visiting and conversations with other people.

Internet spy software is often downloaded when a person is trying to download other media, like desktop wallpaper, videos, or games. The malicious programs are bundled into the media and can start gathering data as soon as it is accidentally opened. Malware like this can sometimes be avoided by being very cautious about downloading new files, and reading reviews written by other downloaders, if available.


A reputable anti-virus program can usually spot an Internet keylogger or other software application designed to spy on someone. The program should be set to automatically scan the computer every day or so to quickly delete suspicious files. Installing an anti-virus program that is reputable is especially important because some malware programs are designed to look and act like anti-virus programs while either subtly doing harm or being blatant by demanding money to fix viruses that do not actually exist. For example, Norton™, Kaspersky® Lab, and avast!® are generally well-known and respected names in the anti-virus business, while Advanced Anti-virus Remover, Personal Anti-virus, and Anti-virus IS are widespread fake programs.

As for an Internet spy that is an actual person looking through private files on another person's computer, this can usually be avoided by password-protecting the computer. Typically, when a computer is password-protected, it cannot be completely booted up without the user entering a password. When using the Windows® operating system, the user can also set the computer to enter screen-saver mode after being idle for a certain amount of time, then require a password to exit. In conclusion, no matter how an Internet spy tries to steal information or snoop, whether that spy is a nosy human or a simply a software program, there is usually a way to counter the method.

How Do I Choose the Best Open Source Keylogger?

When considering an open source keylogger, you should think about the types of features you want in the program and how you intend on using the keylogger. Different programs can provide you with different functions, such as the ability to e-mail the log to a particular account or take screen captures of visited websites. You should ensure the keylogger you choose can support the use you want, for example if you want to use it to back up your data or to track the activities of someone else. Before you download and install any open source keylogger, you should also make sure it is a reputable program to avoid malicious software and that you only use keyloggers in a legal way.

An open source keylogger is a program to track and record each keystroke made by the user of a computer. This means that each key someone presses is tracked, and all information typed on that computer is saved in one or more files. An open source keylogger is simply a keylogger program that is free to use and modify under an open source license.

You should look for any particular features you want in any open source keylogger program you consider using. Some programs can e-mail a copy of the keylogging file to any account you enter, while others may be able to take screenshots of websites visited. Not all of these functions are available in all programs, however, so you should look for software with the features you want.


As you look at various programs, you should also keep in mind how you want to use your open source keylogger. If you want to use a keylogger on your computer to backup data that you type, in case of system failure, then you can use a fairly simple and basic program. More elaborate programs can be used to track usage by children or to monitor websites visited on public or work computers. These programs are often more discreet as they track user activity.

You should be sure that any open source keylogger you use is safe and that you only use the software in legally responsible ways. As with any program you download and install, you should be sure the maker of the software is reputable and that you only download the program from trusted websites with good reputations. This can help you avoid malware that may be installed onto your computer, or keylogger software that can send your private data to a remote terminal. You should also only use open source keylogger software in ways that do not violate the privacy of other people, including employees, or you may face legal and civil consequences for doing so.

What Is Physical Access?

Physical access security prevents people from coming into direct contact with computer systems and components. It is an important security concern, as all the technical access controls in the world cannot eliminate some problems, like someone walking into an office and taking a hard drive, for example. There are a number of measures security professionals can use to limit physical access and keep systems safe. These can include the use of locks, biometric identification, and security guards in facilities with sensitive equipment.

If someone can gain physical access to a location with secure computer components, that person may be able to crack the security and obtain information. Sometimes this can be as simple as checking a desk drawer for a password someone may have written down. The hacker could also install keystroke loggers and use various cracking attempts on the computer system to get to the data. If these measures fail, hackers can simply take the computer itself and work on it in another location.

One basic measure of physical access is a locking door, with access limited to authorized personnel only. Server rooms and similar facilities can be kept locked at all times to secure them. People may be able to enter with a key or a card. Some facilities use biometrics to make sure that people don’t gain access by stealing cards or faking the credentials used to open a lock. This simple access control can be highly effective in some facilities.


Cameras may be used to monitor sensitive areas where physical access is a concern. Guards can watch for signs of suspicious activity remotely, and the cameras can also be reviewed after a break in to collect information. Additionally, facilities can post guards near a room with sensitive computer equipment, or around the building in general, to make it impossible for anyone without the right credentials to enter. Other external security measures can include fencing, alarms on windows, and guard dogs, depending on the facility and its needs.

It is possible for physical access and computer security to interface. Many access control systems use a network to communicate information, as seen with biometrics and electronics credentials. These systems themselves can be vulnerable to hacking as well as need to be appropriately secured. Human guards are not infallible for a different reason; they might be bribed, blackmailed, or overpowered by someone who wants to enter a facility. Layers of security can reduce the risk of a breach by creating automatic fail-safes.

What Is a Keyboard Circuit Board?

A keyboard circuit board is a sheet or panel in a computer keyboard that is designed to sense when a key is pressed, determine what key was pressed, and send the information to a computer or other devices to which the keyboard is attached. There are two main parts that comprise a keyboard circuit board, with the largest and most prominent section being the area under the physical keys that can be pressed. Although there are different mechanisms that can be used, this area generally uses a pattern of circuits that are either completed or broken when a key is depressed, telling the keyboard controller the location of the pressed key. Also on the keyboard circuit board is a microprocessor known as a keyboard controller, some read-only memory (ROM) that is used to store information about what key locations equate to what characters, and some type of hardware interface for sending the key data to another device, such as a universal serial bus (USB) or serial port connector. The actual material from which a keyboard circuit board is made can be metal, epoxy or thin sheets of plastic on which the necessary circuits are printed.


There are two primary methods that can be used on a keyboard circuit board to capture key presses. The first method involves placing a small conductive plate on the bottom of the physical keys. On the circuit board beneath the keys, there is a pattern of incomplete circuit pathways. When a key is depressed, it completes the circuit on the board, sending a signal to the controller informing it of the location of the key that was pressed. The controller then can use a table stored in the keyboard’s ROM to determine what character is at that location.

A second method that also is frequently found in keyboards involves a keyboard circuit board that is covered in a pattern of active, completed circuits. Sometimes called a capacitive keyboard, an electrical signal is constantly running through this type of keyboard circuit board. On the bottom of each key is a small plate that, when the key is pressed, gets close enough to the array of circuits that it changes the charge passing through the circuit underneath. This change in current is detected by the keyboard controller to determine which key was pressed.

The material from which a keyboard circuit board is actually made can vary. Older models can be made from metal, while other types can be made from layers of thin sheets of plastic with circuits printed on their surface; these often are called printed circuits. In addition to the area of the circuit board that is used to detect key presses, the board also usually contains a microchip — known as the keyboard controller — that functions as a very basic processor and usually contains some ROM and a digital comparator for basic computations. A circuit board also has some type of output interface attached, such as a serial connector or wireless transmitter, so the information can be relayed to the device with which it is being used.

What is a Keylogger?

A keylogger builds a log of everything typed into a keyboard to be reviewed by a third party. Keyloggers can be used for legitimate purposes to troubleshoot networks, analyze employee productivity, or to assist law enforcement, for example; or they can be used for illegitimate purposes to surreptitiously spy on people for personal gain. A keylogger can be a hardware device or a software program.

The most common hardware keylogger plugs into the computer’s keyboard port, connecting to the keyboard cable. It can look like an extension tail or in other cases a small cylindrical device. This makes it easy to spot, if looked for, but it won’t be detectable by software. Models are priced around the number of keystrokes they can hold, with higher capacities being more expensive. One entry model costs $49 US Dollars (USD) with a capacity of 128,000 keystrokes.

Once installed, the log is retrievable through opening a word processor and entering a password to reveal a hidden keylogger menu. Like all hardware keyloggers, it has the limitation of requiring physical access to the system, but might be used by network administrators or by parents to monitor the family computer.

Another type of hardware keylogger is preinstalled inside the keyboard itself on the circuit board. This device is undetectable barring disassembly of the keyboard, but does require replacing the existing keyboard. A similar keylogging product can be soldered on to the circuit board of any keyboard, but this requires some skill.


Software keyloggers are often installed through malware like Trojans, viruses, spyware or rootkits. These keyloggers can collect keystrokes through a number of methods, depending on design. Some keyloggers work at the kernel level; others use a hook to hijack system processes that manipulate the keylogger; and still others use entirely different means. A keylogger that is installed remotely through malicious means secretly sends its logs to the person who planted the device via an Internet connection.

The danger of a malicious keylogger is that it traps information before it can be encrypted. For example, banking websites provide a secure connection between your computer and the website so that all data is encrypted in transit. However, as you type a username and password, the keylogger is recording those keystrokes, bypassing any and all security measures. Keyloggers not only have the ability to trap usernames and passwords, but credit card numbers, bank account numbers, private passphrases for encrypted files, financial records, email and so on.

Keyloggers are widely available online but are also easy to write, making them a real threat to personal security and an easy tool for the growing problem of identity theft. At this time there is no sure-fire way to protect yourself against all forms of keyloggers, but there are steps you can take to minimize risk.

Install top-notch anti-virus and anti-spyware on your system, preferably programs that help to prevent keyloggers and watch for keylogging activities. This doesn’t guarantee you won’t get a keylogger, but it helps by recognizing and removing known keylogger signatures.

Regularly check the processes running on your system looking for anything that doesn’t belong. In Windows® systems you can use Task Manager to view running processes. Third party applications are also available that will not only show you which processes are running, but will provide a direct link to information online regarding the nature of the process. If you are unfamiliar with running processes, this is a good place to start to familiarize yourself with what you should expect to see in your system, and what you shouldn’t.

A firewall commonly does not provide keylogger protection but can alert you if a program is trying to send information out to the Internet. By stopping this action you can prevent a thief from retrieving a log, and be alerted to the possible presence of a keylogger.

Other methods to ‘confuse’ a keylogger include typing extra letters or numbers when entering secure information, then highlighting the characters that don’t belong and entering a legitimate character to replace them. You can also use a browser with a form-filler function that will keep usernames and passwords securely on your system, and fill them in automatically when you enter a site, without forcing you to use the mouse or keyboard. Additionally, there are programs that scan for keyloggers, but they can detect legitimate processes as well, making it difficult for the average person to make real use of these tools.