Remember the movies in which
a detective would spy a note pad on a desk, hold it up to the light, and read
the faint impression of a message that had been written and then torn off that
pad? There is a computer counterpart of that tactic, too.
First, recognize that there
is not a direct path between a key you press on your keyboard and the program
(let's say a word processor) that handles that keystroke. When you press A, it
activates a switch that generates a signal that is received by a device driver,
converted and analyzed and passed along, until finally your word processor
receives the A; there is still more conversion, analysis, and transmission
until the A appears on your screen. Many programs cooperate in this chain. At
several points along the way you could change a program so that A would appear
on the screen when you pressed W if you wanted.
If all programs work as
intended, they receive and send characters efficiently and discard each
character as soon as it is sent and another arrives. A malicious program called
a keystroke logger retains a
surreptitious copy of all keys pressed. Most keystrokes are uninteresting, but
we may want to protect the privacy of identification numbers, authentication
strings, and love notes.
A keystroke logger can be
independent (retaining a log of every key pressed) or it can be tied to a
certain program, retaining data only when a particular program (such as a
banking application) runs.