The Norwegian security police PST want keyloggers to fight terrorism.
The security risk from radicalized (Norwegian) Muslims fighting in Syria is the given reason.
There is clearly a danger, but PST fail to say why Norwegian Muslims should be worse than Muslims in other European countries.
Maybe all other European countries have it already?
The one thing that is for sure is that the security polices in any country will not stop in demanding new and improved technologies to improve surveillance.
It is equally certain that the terrorists will find ways to avoid them - so new technology must be made available etc...
The crooks avoid it; leaving innocent you and me victim of a massive surveillance.
The PST need to log the keystrokes for mails that are not sent but written on the local computer. This is dangerously close to what Pink Floyd refers to as "thoughts control" .
If you have any thoughts like that you better not express them or write them down - so much for freedom of expression. And how can we (democratically) fight and counter thoughts that cannot be expressed?
And really PST why stop there?
If you have all this wonderful potential you could log bad taxpayers and offenders of digital rights - in fact it would be discriminating to only log Muslims - you must log everybody to make it fair - right?
What we need is a thoughts police and a mind control department to evaluate citizens and punish thoughtcrimes.
In any case let us have a look at the technology behind this:
We can divide keyloggers in Hardware and Software loggers.
Software loggers like Blue pill are virtual machines living under the OS and phoning home.
Then we have the kernel-based loggers who can identify themselves as keyboard drivers etc,
These are often rootkits and should be able to avoid.
The API based loggers are part of a program like the Windows programs; GetAsyncKeyState(), GetForegroundWindow().
The Hardware loggers are more nasty:
They can hide inside the usb plug of your keyboard connection, but most likely; this is the way to do it:
Firmware-based: BIOS-level firmware that handles keyboard events can be modified to record these events as they are processed. Physical and/or root-level access is required to the machine, and the software loaded into the BIOS needs to be created for the specific hardware that it will be running on.
Yup that sounds like UEFI Microsoft certified secure boot it can only be altered by the OEM when properly certified by Microsoft.
On other PC's UEFI secure boot can be turned of - if that is to late or not, is hard to say.
So to avoid these "attacks" you need to install rootkit software like rkhunter as the first thing you do; right after you - and no one else - have installed the OS.
Naturally the install medium could be infected so open source is a must.
Here is an overview of the keyloogers
)