Having just read an article in the Financial Times about viruses, I?m starting to doubt as to whether Tiny Keycounter is what it seems.

The newpaper states that 'One of the newest threats comes from so-called "Keylogging" programmes which secretly lodge themselves on an unsuspecting user?s computer and record what is typed into the machine, such as the number and passwords for online bank accounts.' Doesn?t Tiny Keycounter record the keys that are pressed, in order to calculate the amount of keystrokes? Doesn?t the programme have to know what?s being pressed is a key and what key it is in order to count it as a key? I?m almost certain that it can tell which exact key [numbers and all] we are pressing.

So, I did a little test. Those of you who have it should know that when you press a key a little green dot flashes in the icon in the system tray. Now, for some reason, when you press Ctrl/Alt/Fn, it doesn?t. Now why is this? Could it be that those keys are no use to 'them'? I think this shows that it can tell a key apart from another. The question I?m asking myself is; Are we, when we submit our statistics? just handing crooks our bank/ISP account details on a silver platter? Is the TKC-Administrator, in fact, not my friend at all?

Even though this may not be the case, could our little friend indirectly assist hackers who seek to plant keylogging programmes on to our Computers? I may be completely wrong, but until someone shows me incontrovertible proof that it doesn?t, I?m not submitting another statistic.

I think you may be on to something there Hitman! Good thing I never bothered with any bull[:-censored] programs like that.

http://keycount.piqsoftware.com/myaccount/policy.php

notice the bottom disclaimer: Content subject to change without notice.

quote: Email addresses, passwords, and individual preferences are considered private and confidential and will not be disclosed to any persons outside of PiQ Software, LLC. No information collected by PiQ Software, LLC (account name, email address, password, IP address, and applicable preferences) will be used for any purpose except to notify users of important updates to the TKC service.They're not denying that they can collect that information. Note how they say it will not be disclosed to any persons outside of PiQ Software. How do you know the people working for them can be trusted? The whole point I'm trying to make is their ability to collect this info.

I dont know why you would install a program like that on your comp. Whats the purpose??! And it is obvious it is going to collect info from your comp. I mean its up to you, but i would not download any crap progs like that.

Well, I was hoping to raise my level of coolness to yours but I obviously...failed.

i heard of certain spyware/virus that logs all your keys and allows the one who "made it" see everything you pressed, from hate mail to microsoft to passwords and bank accounts.
now you have to think, if by having the TKC your in danger of being totaly fuked.
and what does the TKC team get by giving you their services, coz obviously they dont do that because they are good citizens of the internet kingdom, they need to get something out of it...

im not saying anything, just think what you download before you download it.

quote:Originally posted by BMF
I dont know why you would install a program like that on your comp. Whats the purpose??! And it is obvious it is going to collect info from your comp. I mean its up to you, but i would not download any crap progs like that.


I totally agree! (wtf? this is the first time I have the same opinion as BMF...)

Indeed, now link that to the fact that is the only non-automatized account activator. dunno how does it work but check if it does any connection to internet, if it does...

No, it's just when you submit your stats, that's when it connects..

At least, that's what they WANT you to think :P

How much data does it submit?

Finally.. Hitman didn't want me to reply to his topic, but here we go..

quote:Originally posted by Hitman
The newpaper states that 'One of the newest threats comes from so-called "Keylogging" programmes which secretly lodge themselves on an unsuspecting user?s computer and record what is typed into the machine, such as the number and passwords for online bank accounts.'

Keyloggers have existed for a long time and some of them indeed are malicious, kinda acting like a trojan and there's the kind of tool you install to check what other users do on your computer (for example finding out whether your small brother d/ls porn or not).
quote:Doesn?t Tiny Keycounter record the keys that are pressed, in order to calculate the amount of keystrokes?
Doesn?t the programme have to know what?s being pressed is a key and what key it is in order to count it as a key?
It simply saves the info that a key has been pressed, but not which one.
quote:I?m almost certain that it can tell which exact key [numbers and all] we are pressing.
So, I did a little test. Those of you who have it should know that when you press a key a little green dot flashes in the icon in the system tray. Now, for some reason, when you press Ctrl/Alt/Fn, it doesn?t.
Now why is this? Could it be that those keys are no use to 'them'? I think this shows that it can tell a key apart from another.
Yes, it can tell the keys apart and it does this because it would be pointless to log Ctrl/Alt etc. since they're controls and do not belong to the statistics imho.
quote:Even though this may not be the case, could our little friend indirectly assist hackers who seek to plant keylogging programmes on to our Computers?

Hitman: What about my point about it assisting them?
me: assisting?
Hitman: yeah
Hitman: Might make it easier for the hackers...
me: example?
Hitman: Errm *Scratchs head* errm...*Looks around* errmm.....*Runs away!*
me: yeah good point :P
(...)
Hitman: Gah, when you do post you're going to make me look like a right idiot

quote:Originally posted by Hitman
quote: Email addresses, passwords, and individual preferences are considered private and confidential and will not be disclosed to any persons outside of PiQ Software, LLC. No information collected by PiQ Software, LLC (account name, email address, password, IP address, and applicable preferences) will be used for any purpose except to notify users of important updates to the TKC service.They're not denying that they can collect that information. Note how they say it will not be disclosed to any persons outside of PiQ Software. How do you know the people working for them can be trusted? The whole point I'm trying to make is their ability to collect this info.

So? They're not claiming it either.
Email addresses, passwords, and individual preferences that's what they're talking about? They're not even saying "All data collected by ..."
No information ... will be used.
Their ability to collect this info? They would have to save a [:-censored] load of information.
Even Project Dolphin (similiar to his, but it only counted key strokes) died because of the server load / traffic and they were open-source iirc, I'm not sure. i.e. they simply couldn't collect the TEXT typed by you, because everybody could check the source-code and it still died.

quote:Originally posted by Weed
and what does the TKC team get by giving you their services, coz obviously they dont do that because they are good citizens of the internet kingdom, they need to get something out of it...

What is styx getting out of hosting 2 Soldat servers and a forum where's hosting lots of data (text, images etc.)?
Maybe he's using our usernames/passwords to login somewhere else? Better go and change your password.

quote:Originally posted by Alamo
quote:Originally posted by BMF
I dont know why you would install a program like that on your comp. Whats the purpose??! And it is obvious it is going to collect info from your comp. I mean its up to you, but i would not download any crap progs like that.


I totally agree! (wtf? this is the first time I have the same opinion as BMF...)

...but you have a signature showing the currently playing song. Maybe you transfer more than just infos about the song?
What about the host sending the RIAA infos about you? omg crap, run.

quote:Originally posted by palloco
Indeed, now link that to the fact that is the only non-automatized account activator. dunno how does it work but check if it does any connection to internet, if it does...

Hitman used a hotmail account to sign up and some services simply don't like those free mail providers, because you can register as many accounts as you want.
I think they let Hitman wait in order to find out whether he simply wanted a normal account or mass-register with lots of fake accounts.

I just submittes this score:
68,971 keys 16,769 clicks 11,647 scrolls
and I used the "stopwatch" from DUmeter and during the 6 seconds I measured I uploaded 1,4kb.
68971 letters. 1 byte = 1 character
68971 bytes are about 67kb

btw, the memory used by keycount.exe stays the same, when you type. only when you access the settings or start it up.
I guess we all learned something today.
fap fap

hmm
boosta, maybe styx gets a part of the registration lisences money for hosting the forums and servers...
notice the maybe there, but its an option...
i just dont think do stuff for free anymore ;)

... b00sta infrared radiation is there although you can't see it. so the data sent could be there withouth you seeing it...

(yes i AM paranoid)

Fap..

quote:Originally posted by Alamo
... b00sta infrared radiation is there although you can't see it. so the data sent could be there withouth you seeing it...

(yes i AM paranoid)

R U PROTECTED?
[IMAGE]

Reminds me of the film Signs..

lol@bOOsta :)

It's true, the program secretly contacts its creator and a stealth mini-aircraft is dispatched with a payload of nanobots. It finds an entry point to your house and nano-lathes a small attachment inside your computer. This attachment gathers all kinds of data and sends it back to the creator via zero-point electromagnetic pseudo-plasma timespace fluctuating modulation waves.

(PS if you don't know what nano-lathing is, I'm terribly sorry that you have never played TA)

*Slaps BManx*

Hahaha, that protection cant do anythign against my magnetoquantic radar