A general query. In Windows XP using the built in osk is useless when entering passwords etc.
because it uses the same system API as the keyboard input.

What about Ubuntu's OnBoard on screen keyboard - would it provide at least
a modicum of protection against keyloggers ? Or am I paranoid as keyloggers
would require root password in order to execute ?

Hello,
You can check. Use strace to trace an application that requires a keyboard. Like some login or something. Do it once while using the real keyboard and once using the virtual one and see if there's any difference in system calls :)
Mrk

-{ Quote: "Hello,
You can check. Use strace to trace an application that requires a keyboard. Like some login or something. Do it once while using the real keyboard and once using the virtual one and see if there's any difference in system calls :)
Mrk" }-
Never used strace - I think to interpret the output would need something
like your LPIC-1. I tried with gedit, simply entering strace gedit in the
terminal and then using first onboard to enter some numbers, and then
the normal keybrd. This is about 1% of the output (onboard first).

close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib/libtasn1.so.3", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\21"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=61596, ...}) = 0
mmap2(NULL, 64900, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb6bb3000
mmap2(0xb6bc2000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe) = 0xb6bc2000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/libgcrypt.so.11", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0PD\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=310956, ...}) = 0
mmap2(NULL, 314504, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb6b66000

ETC..ETC
***********

access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib/libtasn1.so.3", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\21"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=61596, ...}) = 0
mmap2(NULL, 64900, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb6c67000
mmap2(0xb6c76000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe) = 0xb6c76000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/libgcrypt.so.11", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0PD\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=310956, ...}) = 0
mmap2(NULL, 314504, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb6c1a000

ETC..ETC

What am I doing wrong here ?

Save the two to files (-o output-file).
Then use diff to compare. See if anything comes up.

And reading strace takes more than lpic ... :) it takes knowing the kernel and interpretting the calls and such.

Mrk

-{ Quote: "Save the two to files (-o output-file).
Then use diff to compare. See if anything comes up.Mrk" }-

~$ diff -q strace.output strace.output2
Files strace.output and strace.output2 differ
~$

Thank you Mrk. I saw there is a '-q' option to diff, so I used that
rather than going through all the lines to find differences. (I did notice
mmap2 codes for instance that differed).

Anyway seeing that there are different system calls when using onboard virtual
keyboard and the normal keyboard, would you say that using onboard might
be a little 'safer' against keyloggers - or could keyloggers not run unless
executed by entering the root password ?

Regards.

Hi,

system call = kernel = root password.

Therefore, a keylogger cannot work in the user space and hook the keyboard. So as long as you do not intentionally install badware, there's no reason for you to fear your keyboard.

And the best part, you've learned the power of strace :) At least, you've whetted your appetite for true linux fun ... the beginning thereof.

Mrk

Many thanks for the lesson ! Great to have you here @ Wilders !