On 7 Oct 2003 13:01:30 -0700, in <alt.privacy.spyware>,
cohenmarvin@hotmail.com (Marvin Cohen) wrote:
>
> I'm running a Windows 2000 computer. Usually when I leave my desk for
> a long period, I sign off. Suppose I forget some day, and someone
> installs spyware on the computer. Does that mean he can find out what
> password I use to log on to Windows 2000?
[snip]

Yes. If an attacker manages, by *whatever* means, to plant a trojan on your
system, there is no limit to what that trojan *could* do.

> Also, if subsequently I change my password, would he be able to detect
> that as well?
[snip]

One more time:

If an attacker manages, by *whatever* means, to plant a trojan on your
system, there is no limit to what that trojan *could* do.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -