The attack we propose aims at keystroke eavesdrop- ping. However, the privacy implication of disclosing the ESP/EIP information of other users’ process can be much more significant. With our techniques, such information can be conveniently converted to a system-call sequence that describes the behavior of the process, and some- times, the data it works on and the activities of its users. As a result, sensitive information within the process can be inferred under some circumstances: for example, it is possible to monitor a key-generation program to deduce the secret key it creates for another user, because the key is computed based on random activities within a system, such as mouse moves, keystrokes.