Keyloggers for OS X – Why you should install one and which one to choose: Spellcatcher, BackTrack, logKext

Everyone who works on the web should have a keylogger. Browsers crash often enough when you are writing into a form or browsers have hot keys (especially forward or back) which will reload the page on you at an unexpected time, just when you are in the middle of a very long post.

apple os x keylogger for mac
 If you value your time, the question is not whether to use a keylogger
but which keylogger for Mac OS X to choose. Photo jgarber.

I've heard all the privacy arguments against keyloggers but I'm not sold. If you are typing into a computer, particularly one which is near constantly connected to the Internet, you need to accept that there is very limited privacy. For very private writing, it should be done on paper or on an old computer which is no longer capable of being hooked up to the Internet easily or at all (i.e. missing a network card and wifi and/or automatic DHCP).

Better to remove the floppy drive as well and unplug the USB connectors. You can do your backup to a zip drive for which you keep track of all the media (people don't carry around zip disks anymore, so if you have someone determined enough to come after your writing computer with an extra zip disk, nothing will protect you). You could also encrypt the disk on which your secrets are written, but my own experience with encrypted disk space is that the person who will suffer is you.

Even unencrypted hard drive storage is relatively unreliable. Once you bring encryption into the process, even with the slightest corruption no disk utility will ever be able to help you restore lost data. You just need a single bit to go wrong in your 20 GB of private space and au revoir your memoirs. No thanks.

Not prepared to take such measures? Then self-installed keyloggers are the least of your privacy concern. If you are using an encrypted disk, then you can and should store your keylogger files in the encrypted disk or folder.

Despite my relative lack of concern about privacy issues, the ideal keylogger would not log passwords.

So returning to the keylogger – the keylogger will save your backside at least a few times a month (sometimes in a week) when you think you've lost all your work (usually about a half hour or so). That means a keylogger is worth about 25 hours/year of your time. Your best time when the creative and intellectual juices are really flowing. I think there's about three to five such hours in any given day. That makes a good keylogger worth nearly a week's work (premium hours remember) per year. I.e. a good keylogger is worth between 4000 in most Western countries. If your week is worth much more than $4K, you are probably dictating and your assistant would be transcribing so you wouldn't get the same value out of a keylogger, but your assistant would.

What are the options on Mac OS X (we'll deal with Leopard and above at this point)?

Keyloggers for OS X: Candidates

Spell Catcher X, 10.3.3. $40.

A comprehensive spell checking suite with a feature called GhostWriter. I installed, bought and used Spell Catcher for about a month and then had it lurking around for a few months. Spell Catcher interferes with your input menus, is always turning itself on and off. GhostWriter was unreliable in my testing. Sometimes it was running, sometimes it wasn't. Having a browser crash and then learning that your typing wasn't not saved is extremely irritating.

Spellcatcher is one of the more invasive and troublesome apps I've had the displeasure of having on my computer.

Update 20100326: Spell Catcher rose from the dead recently when I just plugged in an old hard drive. I was totally unable to type in Open Office or TextEdit due to a "Alert: Couldn't Contact Spell Checker". It took another hour of chasing around info on forums and a full cache delete via TinkerTool System 2 to get rid of the Spell Catcher zombie. Even more annoying is Spell Catcher developer Evan Gross's aggressive attitude that this is Apple's fault and user error. I was on deadline for an article rewrite for press. Not fun.

Verdict: Avoid like the plague.

SpellCatcher X GhostWriter
Spell Catcher X GhostWriter Preferences
 

BackTrack, 5.1.1. $10.

Nice concept. BackTrack is the only keylogger which actually separates your typing by document and keeps it cleaned up. Seems to work. It does install an exta MySQL lite database which runs constantly so you are looking at some overhead.

But what I really object to and why I won't install or use BackTrack is that there is a daemon running constantly stealing processor cycles and pinging your whole network looking for other copies of BackTrack. Bill is effectively stealing your processor time in perpetuity. Not acceptable.

BackTrack textlog
BackTrack textlog

Bill wants to stop people from running BackTrack on their own laptop and desktop at the same time. As many people, including me, have up to 3 Macs which are their own (although only two in the same place at any given time), per computer licensing is a bit annoying. I could live with a family pack. The pricing is right at $10.

A real pity as I would buy BackTrack in a minute for my own computer and for the 5 Macs in my company if Bill would remove the processor and network stealing background processes.

Update: The background process I didn't like is actually the logging daemon. The test Bill does against other copies of BackTrack in use is done once at startup, according to Bill. If anyone has other information let me know, but as far as I can tell that's how it works.

I use BackTrack myself on my primary computer where I do most of my writing. I like it as it's easier to recapture missing text than any other solution. BackTrack is clever software well-executed and fairly priced.

Verdict: Highly Recommended.

logKext, 2.3. Free.

Really and truly free open source software. I think I remember running into occasional CPU issues and that the log format is very messy. A deep system hack. Not supported, as the programmer has abandoned the project (although D. Springfield left it with a functioning Google code page, very responsible. Trvia: D. Springfield also created the first SafariBlock adblock port from Firefox). Has some issues with stopping logging as well, but logKext is working in Snow Leopard so has at least a couple of years of life in it.

Uninstaller is partially broken. Logs come with all the delete gibberish and no date or time or applications stamping. But definitely priced right. Software is looking for a new owner. Perhaps Foliovision could pick this one up and make it work. We're bit too busy and don't have the right expertise in-house yet.

Verdict: Strongly Recommended if you can handle the command line and write your own grep parser to clean up the logs.

Keyword Spy 4.0, $20.

From a very strange and mysterious developer. The logs are also dirty with delete and backspace characters, although apparently application changes are noted. At $20, the nod has to go to either BackTrack or logKext, depending on one's own fluency. Verdict: Not recommended.

Aobo Mac OS X Keylogger, 3.0.1. $80 and $150.

Nasty expensive spyware which is supposed to send screenshots via email and ftp as well. Not tested, but clearly in the category of spyware rather than a keylogger. Website full of keyword stuffing as well. Even if I wanted this sort of software, I would be very careful before sending these jokers that kind of money. Seem like the sort of people who might even spy on their own clients. They seem especially obsessed with people spying on their own children. Verdict: Avoid like the plague.

Perfect Keylogger, 1.78. $34.

More of the same, arguably worse. Especially focused on the cheating spouses category. Primarily a Windows developer. Verdict: Avoid like the plague.

KeystrokeRecorder, 3.4.1. $29.

Used to be much ?more expensive before Camp Software came to their heads and/or competition came on the scene. In development since 2002, with lots of issues along the way. KeystrokeRecorder prides itself on making it easy to spy on people:

Use a good name, like "iTunes Optimizer", "Disk Speedup", "QuickTime Control", or "MP3 Accelerator" with the thought that if it looks useful or it makes the computer run better, people won't delete it. Please remember that changing the name of KeystrokeRecorder will create a new preferences file based on the name you provide.

At least now they do provide an address where you can find them and some names to blame when you buy their software. Verdict: Avoid like Chickenpox. ?

Obsolete: MonitorerX, 1.5.1. $12.

Last updated in 2003. The price is right but Monitorer doesn't work, runs up the CPU and is PPC. Verdict: RIP.

Out of business: Typeagent. Website is down.

It was lousy expensive software. Good riddance. If you got burned on Typeagent and it won't run on Snow Leopard, let me suggest logKext. You won't lose any money this time around.?

Out of Business: TypeRecorder X, $50.

TypeRecorder X was always one of the worst keyloggers for Mac, with a reputation for being expensive and unreliable. Incredibly enough Rampellsoftware managed to sell Typerecorder X to an even more macabre outfit, SpectorSoft who are flogging TypeRecorder X as overfeatured ?spyware for $170.

Install Spector Pro and start recording EVERYTHING your children or employees do on the computer and Internet.

This is what user Mickel Mackin has to say about his experiences:

This thing calls home in a very stealth manner LittleSnitch does not pickit up. I have two drives on my computer, but I only use one drive at a time. Apparently this makes them think I have installed the software on two different computers. They threatened to shut off my software. So if I sell this computer and get another one are they going to demand payment? Hard to say but my guess is yes.

These SpectorSoft people spy on you too!

Run do not walk. Verdict:? Avoid like HIV.

Recommendation

So what keylogger am I using? Alas, it must remain a secret. There's hidden functionality in one of my favorite applications which I sussed out. Unfortunately the developer is not yet prepared to release the keylogging functionality to the public. I am working on persuading him to change his mind and enhance the keylogging functionality a little bit. I'm glad I figured this out as it saves me having two utilities monitoring all my keystrokes, thereby keeping my OS leaner and faster. BackTrack. BackTrack provides great safety and ease of use. The little bit of CPU and memory it costs me is worth it for the moment as with BackTrack restoring text is a pleasure rather than a chore. I wouldn't install or use it on a computer dedicated to heavy duty video editing or rendering though, as you want to keep such a rig as clean as possible. Normally one doesn't do much typing on such a rig. BackTrack is for people who write a fair amount.

In the meantime, I recommend either BackTrack or logKext depending on your level of technical expertise. As a free alternative, logKext is excellent but logKext requires substantially more technical expertise to install and troubleshoot.

This entry was posted in IT and tagged , , . Bookmark the permalink.

43 Responses to Keyloggers for OS X – Why you should install one and which one to choose: Spellcatcher, BackTrack, logKext

  1. Larry

    Thanks for the article – good info.
    I’m also looking for just the opposite – a keystroke encrypter. Seems to be plenty for the PC, but I’ve not found one for the Mac. Do you know of one?
    Thanks for any info.
    Larry Harrison

  2. Mike

    I wouldn’t install a keylogger on my machine. That would keep me from discovering that a keylogger has been installed on my machine!

  3. prak

    This wins the award for most useless article of the week. You completely sidestep the issues where multiple people may use the same computer. Then you completely fail to provide sufficient justification for using a keylogger instead of just decent backup software. Even Time Machine seems like it would work for this, and it would take me 2 minutes to restore a lost document. Instead, you have to go through keystrokes and cut and paste and reconstruct. (If you don’t, you haven’t made it clear.) Finally, after all of that nonsense, you conclude that the best keylogger is… A SECRET!!!

    Seriously? Er.. Thanks for the review? I’ll grant that the brief overviews of the other bits of software were useful. But as a whole, this article lacks pretty much anything readers would hope to gain from it.

    :-(

  4. Hello Prak,

    It seems to me you are missing the point completely.

    If you write exclusively in one or two applications with good autosave you don’t need a keylogger.

    On the other hand, if you write a lot of longer comments on the web or heavens forbid weblog posts, your writing is constantly at risk.

    One solution is to do all the writing inside of a separate application with autosave. That’s a bit of a hack as well. With a good keylogger, you can write into web browsers with confidence as well.

    Sure putting the text for a longer article back together is a bit of a nuisance, but for medium length articles or comments, a keylogger gives you the frame on which to quickly rewrite your article.

    Given the amount of work I do in web applications (hence via browsers), a keylogger is essential for me.

    Sorry you didn’t like the article. May I suggest that if you’re not interested in keyloggers, then you shouldn’t click through to articles about keyloggers.

  5. prak

    Hm… you’re quite correct: I managed to miss the point. I do often (or at least often enough to be irritated) find a web page that will eat my carefully crafted post. I’ve gotten into the habit of automatically copying my posts to the clipboard, but given the number of browser tabs I tend to run, even that isn’t foolproof. A keylogger does still make me nervous, though. As the above poster said, if I install a keylogger, how will I discover if a keylogger has been installed.

    That said, I AM interested in keyloggers, I just thought you were trying to use them as a substitute for a backup system. Nevertheless, I stand by my other point: it seems kind of heartless to review all these apps and point out their various flaws, and then not be able to reveal the best solution you’ve found!

    Thanks for your sober and thoughtful clarification. I happily retract most of my criticisms as noted above!

  6. Hi Prak and Mike,

    I don’t understand how now having a keylogger installed will help you prevent someone else from installing a keylogger on your machine.

    If you don’t want a keylogger on your machine, you need to go into top (in terminal) or Activity Monitor and look for any process you don’t recognize. Then you need to research all the unknown processes and make sure all of them are legitimate. Then you have to make sure that all of those processes are in fact what they say they are. I.e. the unknown keylogger in question isn’t spoofing a normal process name. There might be some clues in Console in the System Log as well. But perhaps not.

    Basically if someone can get physical access to your computer or remote access to your computer with an admin password, there could be anything running on it. A standard spy procedure these days is slipping into someone’s apartment and slipping these sorts of hidden programs onto the suspect’s computer.

    But none of that has anything to do with a keylogger which is safely logging into your own admin account (as BackTrack does) or which is encoded (as logKext does). As long as the keylogger logs to your own account and not to the root of the hard drive, you’re safe (at least as safe as all your other documents are).

    As to which to choose, go with logKext if you’re techy and BackTrack if you’re not. I’m sorry I can’t reveal my own choice yet, but I’m doing my best to persuade the developer in question to go public with the feature. For the moment, he’s said no. logKext will work just fine though in the meantime. In output, it is very similar to what I use.

    BackTrack has much nicer output if you expect to need your logs very often (crashy sites or applications).

    Good luck!

  7. Mike

    My comment about not having a keylogger on my machine for the reason of not being able to tell when someone else also put one on the machine was a Jest. Keyloggers can be an extra hardware component that is attached to the inside of the keyboard, you would never know unless you cracked open the keyboard or laptop case. Or have a transparent computer.

    I don’t think you’re really looking for a keylogger, I think you’re looking for a sensible editor. If the web site you’re typing at somehow loses the submission, its the editor’s job to keep a sensible copy of the work around. The keylogger sounds like a least common denominator workaround.

    In many development environments, the IDEs will let you select what editor you use, and the more sensible editors are designed to work with various IDEs. That’s not the case regarding browsers and web pages, there’s a variety of things that web pages do about selecting whichever editor you should be using. But I haven’t really considered forcing web sites to use the editor of your choosing. Have you?

    -Mike

  8. Hi Mike,

    Good point about external hardware keyloggers. There’s probably more keylogging being done in software these days than hardware though.

    I have sensible editors. About fifteen of them, of which I use four or five.

    My issue is that I do a lot of writing on the web (this comment for instance). At any given time I have six browsers open, of which two or three are site specific. I could be writing in any one of thoes browsers.

    Within those browsers I have between five and fifty tabs open, sometimes with info which has to be moved from one research tab to a writing tab.

    At any time if I make a mistake with forward or back keys or reopen a link from Mail or if a browser crashes, I’ll be out my text.

    The only thing which guarantees that I won’t lose my work is a keylogger. Ironically, my keylogger saved me once already today on a lost comment, albeit a short one. I was certainly glad not to have to rethink those two paragraphs.

    Forcing a web site to use a certain editor: can’t be done as the browser is a separate environment. It could probably be hacked with Firefox at great trouble. Certainly not for Safari, Fluid and Omniweb.

    So the modern solution to not losing your written work is, at the end of the day, a keylogger. It’s just a single small app to maintain and you are protected everywhere. Even in one’s autosave text editors (you never know when you’ll get a bad save).

    Highly recommend choosing one and adding it to your workflow. My log file is now always just a single click away.

  9. Mike

    I don’t think I would be as forgiving. Yes, I deal with a variety of text and graphics editors, but to work with 15 different editors on a daily basis means dancing to the tunes of too many other people who are operating entirely at their own convenience, following a path of least resistance, accommodating others to a fault without expecting much in return, forever dooooomed to lose one’s own efficiencies because of having to work in so many similar tools but never able to master none.

    Heck, I’d charge a whole lot extra for trying to make my day extra inefficient. You know computers are for making life easier. Coupled with lame layout, such as providing a 1/2″ x 1 1/2″ text editing field (that used to be a joke!), and an integrated editor that falls way short of full service, and you can understand why I do most of my edits in one real, known-to-be vetted editor under my control, and copy and paste the results in whatever gosh-for-saken excuse for an editor the web site provides.

    Don’t edit body text directly in a web browser. The browser environment is too flakey to trust, you get mystery meat for code. That text edit field looks inviting in that forum page, doesn’t it? That field is good only for one operation: PASTE.

    -Mike

  10. Mike

    Another beef of mine about web: part of the thrill of reading the work after you post is sometimes you can’t spot fix after posting. That should be “able to master none,” not “never able to master none.” It’s just better to defer putting content on the web as long as possible because the UI is so unevenly implemented.

  11. Hi Mike,

    We build web applications. It would be a little bit foolish for us not to use them.

    I don’t think putting the genie back in the bottle is a real possibility. Successfully training the world to write everything in a plain text editor before pasting into the browser is unlikely.

    But if you are prepared to do that and have the discipline, then your plain text editor effectively becomes your keylogger. It will work.

  12. John

    Hi there,

    first thanks for this nice article, much appreciated.
    I was searching on the net and came immediately across SpectorSoft Pro, REFOG and various others. Is there a reason why you don’t mention those? Has anyone any comments on those?

    Thanks a lot!
    John

  13. Hi John,

    SpectorSoft is mentioned, under TypeRecorderX. Mickel Makin found that SpectorSoft Pro was sending data about him back to homebase.

    If that doesn’t put you off SpectorSoft Pro, I don’t know what will.

    I didn’t know about REFOG.

  14. Stephen

    There’s no reason to say that people connected to the internet have little privacy so you should install a keylogger. Isn’t it more important to say that it’s ok if the person installing a keylogger on your computer is YOU?

  15. Hi Stephen,

    Yes, that is the point. A keylogger which you install yourself is not a security risk (unless of course it is recording your passwords in plain text, in which case someone who knows where the keylogger file is would have access to many of your otherwise secure passwords). On the other hand, my passwords are usually pasted in via 1password so that is not such an issue. And presumably someone who has access to your keylogger log file has enough access to the rest of your life for the log file to be a small concern.

    That said, Total Commander on Windows always leaves FTP passwords in the same place and many Windows trojans grab that file and send it out to their masters. So it might be a good idea to put a password on your log file (a feature of logKext( and to keep it in a non-standard place.

  16. Ben

    I do appreciate the effort you put, but I also feel jipped that all the keyloggers you reviewed you say to avoid, and the one that you recommend is hidden from us. I hate to say it, but I won’t be returning here.

  17. Hi Ben,

    I would love to tell you what solution I am using but the developer won’t allow me to reveal it yet. As he had to send me a special file in order to enable this mode, I must respect his confidence. I have written to him three times, asking him to come out of the closet so to speak. So far the answer is no.

    Had I not come up with this solution, I would go with logKext.

    If BackTrack didn’t do all this internal network pinging looking for copies of itself, I would choose BackTrack.

    So I’ve offered two good solutions and helped you avoid the piranhas out there in the Mac keylogger world. I’m giving the best that I can.

  18. ADK

    Very poor review, the author actually did not test most software himself. I have Perfect Keylogger for Mac from BlazingTools software and it works great for me

  19. Actually I did test most of the software myself. I see you are a shill for another one of the scam keyloggers (like Aobo Keylogger who are sending home private information about their clients).

    Watch out, if you are considering using a keylogger. If you value your own privacy, make very sure it’s not Aobo or Perfect Keylogger from BlazingTools.

  20. J

    When you say “In the meantime, I recommend either Backtype or logKext depending on your level of technical expertis” …You do mean backtrack, don’t you.

    I bought backtrack and used it for about 6 months. I found it a complete hog on memory. The more time went on then the more it “chocked” when trying to retrieve text/screen captures held by backtrack. In the end i could wait for 15mins (spinning coloured wheel). At first i thought the program was crahing, but then i realised that it became unuseable after a period of time. verdict: I would NOT recommend backtrack

  21. Hi J,

    I did mean BackTrack. I’ll fix that.

    I’m surprised about your experience. Right now BackTrack Assistant is using 25 MB of real memory along with the standard 1 GB of virtual memory that most OS X applications seem to take.

    If I open BackTrack itself the application takes 13.85 MB of real memory, along with the normal single GB of virtual memory. It takes no CPU when the application is running. Are you sure you had set the purge setting correctly? Perhaps you had turned purge off and the database size spiralled out of control?

    BackTrack purge preferences
    BackTrack purge preferences

    I find your comment about screen captures very strange as BackTrack doesn’t try to do screen captures. Unlike the rest of the rubbish in this sector of Mac software, BackTrack is not attempting to be spyware but rather provide a service to users seeking to restore lost text after an application or system crash. I’m using version 4.1.5 with Leopard. Version 5 for Snow Leopard rather recklessly includes screen captures which is the last thing I want from my keylogger. Screen capture is for spyware.

    I find it very useful with browser editing. Browsers are fragile and do strange things with back buttons. If BackTrack is running one loses a limited amount.

    Perhaps you were using another program and not BackTrack?

  22. J

    What about Keybag (protemac.com)

    its Leopard/snow leopard compatible

    whats your verdict?

    Particularly the problems raised above (i.e. sending home private information about their clients)

    I posted this on there forums: I really can’t see this app being useful to me as everytime i start a new line then keybag creates a new entry. To piece together a long facebook entry would be very time consuming. If you can address this then it may become a worthwhile product

    But after 5 days I’m strting to think that its Not bad…reliable….. and I suppose Useable. The Trial has a 4 hour limit…but for me it Timed out once then seemed to just work permanently after that (so its working FREE for me)

    nice!

  23. Thanks for stopping by J.

    Keybag looks like overpriced and poorly coded rubbish to me, based on protemac’s application portfolio and price list.

    No way I’m leaving $10/seat BackTrack for $50 Keymac.

  24. J

    I noticed today that one of the apps that ive used for many years has keylogging capabilities. The APP is”TextExpander” (smileonmymac).

    “While TextExpander does indeed log keystrokes, these keystrokes are never saved or sent anywhere. Moreover, TextExpander empties its cache whenever you type the spacebar. Thus, TextExpander hardly ever remembers more than 20 characters of what you most recently typed. Using TextExpander does not compromise your privacy” (quote from FAQ)

    I read the above & checked-out the Apps preferences. Unfortunately there seems no way to set it to “hold” onto keylogged information, but i’m not a programmer!

    Do you think the textexpander product has the capabilities to be adapted into a keylogger ? I.e is it worth a “feature request” email to them.

  25. Hi J,

    You are very close to my original solution. I recommend Typinator as a far more bug free and reliable text expansion solution (I own licenses to both and started on TextExpander).

    That said, what I am using now is BackTrack. It’s worth it to me in order to get really clean and well separated logs. If I ever run into performance issues with BackTrack I do have a backup solution in place.

  26. Brandon

    Hi,
    I’d be really interested in learning more about the uninstall issue with Logkext. Is the program something you currently can’t remove on Snow Leapord. I really want to use it but don’t want it on forever. please advice.

  27. Mike

    As a security professional, installing a keylogger on your machine in order to guard against data loss, even for real-time protection in a web form, is just a straight-up bad idea. Malware/spyware these days is as cagey as it is sophisticated; there exists plenty of malware that will run through every file on a hard drive looking for credit card numbers, passwords, SSNs, gather them up, encrypt the data and send it out to who knows where — keylogging yourself (and, as such, all the above info) and keeping that data on your machine is just asking for trouble.

  28. Mike

    If your goal is to save webform data upon browser crashing, a quick Goog search turns up this FF addon: https://addons.mozilla.org/en-US/firefox/addon/6984/

  29. Hi Mike,

    Thanks for your comments. In my case, all my passwords, etc. go via copy and paste, i.e. the clipboard (and hidden at that) rather than typing.

    Having webforms in Firefox is irrelevant for live typing into comment fields and online writing tools.

    I still think physical security of the machine is the most important aspect of security. If any malware or hacker has access to your machine, you are really not safe no matter what you do (even if you take the risk of an encrypted drive: encryption seriously complicates and compromises backup and often performance).

    So while I understand why you think so, I have to disagree and insist that a good keylogger is an essential tool of the modern internet warrior.

  30. J

    At last I have found a key logger that i’m happy with…Its called Digital Sentry by koingo software.
    Try it yourself..

    After install go to preferences>logging>enable save all keystrokes to a file..

    Then do some typing and find the saved keystokes in library>logs

    Works beautiffully

    What do others think?

  31. J

    I’m from UK so I wouldnt know anybody from there. Digital sentry was the daily deal on maczot on 14th August 2010. That’s where It was brought into my sights

  32. Hi J,

    I don’t care much for Kango software. It’s almost always copycat and usually inferior to the original. Plus Kango use all kinds of strong arm marketing tactics. Actually, it sounds like you might work there or know the guys there pretty well.

    I’d still recommend BackTrack but Digital Sentry couldn’t be worse than a lot of the other entries in this space from thieves like SpectorSoft and Aobo.

  33. Cool. Keep us posted about how you like it over time.

  34. Iroh

    I have tried a number of keyloggers and I’ve found that logkext really is amazingly useful. I can imagine someone might find logkext confusing if they are not used to interacting with an application in that way, but if they’re willing to get past that I think many keylogger users would find it ideal.

    Some people here are questioning the usefulness of keylogging on the grounds that there are alternatives ways of saving written data. And if you are a really careful person then you might prefer to save every single thing you ever write to a text document before sending it on. Personally though I wouldn’t go to such lengths as I believe keylogging is a much easier way to capture written work from every source, including those sources which might not have native or practical saving options available.
    Alec has already given examples of such occasions by explaining how it can save data lost as a result of accidentally clicking a link or pressing the back button, but for me it is even better because it makes a complete record of everything I have written since I last cleared the logs. If you have ever lost or deleted a text document, had a gmail/msn/ichat/facebook/irc chat with someone, or posted in a place like this then the undeniable use of keyloggers is apparent. For example, if in a month I wanted to see a record of what I wrote here, then by doing a search for strings of text I remember using – in this case something like “keylogger” which is unique to this entry – I could almost immediately retrieve this exact post. And all this is in one file, which is encrypted by default and which can have the location and name of the output changed to avoid malware and trojany things searching for logged data.

    I have been saved numerous times where there is no practical alternative way to save or where saving might not have seemed necessary at the time, or simply when I accidentally deleted a text file by mistake.

    Given the usefulness of this application over the others I have tried, I would be willing to agree with Alec’s review of the logger applications available. If you are like me, then sooner or later it’s sure to save your backside.

  35. Thanks for the thorough review! I’ve been using logKext for a couple years now on Leopard, and just upgraded to Snow Leopard and it stopped working. I’m still trying to work through the issue, but thought in the meantime I’d drop my two cents on the idea of running a key logger in the first place.

    There have been several times that I’ve searched for something on the internet, or found a good site but my browser history didn’t go that far back. Even searching for where I might have typed about a certain topic (email, chat convo, forum, etc.) can be a good use for a key logger.

    Sure, I could extend my browser history, centralize all my conversations, or grow a larger memory sector of my brain instead of installing a key logger. But the reality is that there is a legitimate use for one on a personal computer. It might not be the most secure thing to do, but for the most part, I’ve been very glad I have it.

  36. Thanks for stopping by Case.

    Give BackTrack a try, Case, if you don’t feel like contending with the logKext internals. BackTrack is very nice and offers already clean text sorted by application/window. Luxury version. I haven’t had issues when running BackTrack (albeit it mostly under Leopard 10.5.8).

  37. vanilla

    Since keystroke loggers are a major tool in cyber-crime, I don’t think I’d really trust one unless it was fully-vouched-for open-source. My wishlist would include a hotkey to turn it on and off, and obvious indicator whether it was on or off, like a red “recording” light icon in toolbar (similar to the binoculars that appear when screen sharing).

    Longterm better solution would be firefox plugin so that keystroke recording took place only when using firefox.

  38. vanilla

    Oh… should mention the downside of opensource: it does some of the work for the bad-guys who don’t need to start from scratch to write nasty malware, such as the malware that Apple now silently looks for since 10.6.4

    Maybe it would need to be code-signed. Source code is still available for logkext though no longer developed.

  39. I’m not sure Vanilla. There’s a fair number of vendors I’d trust with keylogging software. If any reputable vendor with a real business put spyware into his or her software, the noise about it would destroy their business. There were a couple of similar incidents with very intrusive licensing and most companies were forced to back down and still see their reputation ruined.

    I certainly wouldn’t be buying keyloggers from Aobo et al. and expect not to be spied on though. A pity about logkext.

  40. James Katt

    Thanks for the review.

    My Filemaker Database got corrupted today when a USB 2.0 switch box caused a Kernal Crash – freezing the entire Macbook Pro. I had to do a hard restart.

    All the work I did the past hour was completely lost when I rebuilt the database.

    I wish I had Spell Catcher X still but I deinstalled it since the author died.

    I wish I had a keylogger to capture the text I typed in the past hour in Filemaker Pro.

    Databases are fairly unstable beasts and can get corrupted at a moment’s notice. A keylogger is the only way to save the past hour’s work. Time Machine wouldn’t have saved me since the Mac crashed before it had a chance to do the hourly backup.

  41. wonderfullyrich

    Alec,

    You might want to update your link to backtrack. The link in the article is leading to something in icloud, where as it should be going to http://www.modesittsoftware.com/BackTrack/BackTrack_For_Mac/Main.html

  42. Link updated. BackTrack remains great software and a phenomenal value. There appear to be issues for those with Microsoft applications installed. When have there not been?

    Is Microsoft logging all your keystrokes themselves to send to their own server? Windows is the original spyware.

Leave a Reply