Discussion in 'other security issues & news' started by TairikuOkami, Jan 13, 2007.
A lot of.
But isn´t it true that a keylogger will also have to bypass the firewall? Not that I think this is difficult to do though. And I must say that new tools like KeyScrambler look very interesting.
There's a million ways it can accomplish that without being seen.
For me, it doesn't even capture any keys in the methods. Tried logging into poker clients etc. no captured keys. Running NOD32 and Outpost latest
I don't know if anyone mentioned this, but what about using KeyScrambler with SandboxIE? The perfect marriage?
SandboxIE won't prevent "Windows Message Key-Loggers", but KeyScrambler would, if it's that good.
What's the deal about KeyScrambler? It's a Firefox "extension" that promises to prevent keylogging of what's typed in the browser yet (obviously) doesn't even prevent the most basic form of keylogging feature (http POST capture). Am I missing something here?
Still not seeing the "obviously" part - and KS isn't just a FF extension, since it works on IE, also.
I'm seeing a lot of claims that keyloggers can be planted and communicate out by a lot of different mysterious mechanisms (supposedly).
Unfortunately, I'm not seeing any proof whatsoever to back those claims up (at least not in an understandable form).
Feel free to enlighten us. Pete
This has become an interesting thread
: few security apps seem to detect the keylogger tests with any assurance
:there is info presented about screencapture malware
: there are the usual disclaimers about "not real malware", only nutters would run an untrusted exe etc
Congrats to gkweb for starting this off with his evil little test app.
I have had some messages about BoClean adding detection of the ALKTexe which I agree with gkweb "shortcircuits" the testing angle per se.
PrevX warned once about "unknown exe" which I suppose discharges its' responsibility, but then no other detections function
CH as noted with CH NOT the active window seems to pick up 2/5
Running in a sandbox is of course useless unless there is a "guaranteed" outbound blocker which may not be possible if I read some other posts correctly
A little better
HAve to agree that there seems to be scope for these capture apps and some hidden malware. ?!?
Yeah well, too bad. Watch my video I took and you'll see why it's obvious (as it wasn't obvious before). I repeat this, this software offers NOTHING worthwhile in terms of protecting against many existing real-life keyloggers.
If you think you're safe against all keylogger activity in the browser with it, go ahead and "feel safe" (even though you're not).
There's no need to be a nasty asshole about it, dude. Chill why don't you? Pete
Since i don't know keyscrambler, just read about it, that was the reason i asked.
If it covers the only thing (well, for illustration purposes) SandboxIE doesn't, it's logical to ask.
If it isn't that good, i ask what would help SandboxIE in that task? Theoretically nothing will pass it, but while inside the sandbox, some things can be done. So what is SandboxIE's best friend?
Ok, sorry about that.
NP. I appreciate your bringing out the clip so I can see what the developer has to say about it.
Hey - if I'm wrong, I'm wrong (it wouldn't be the first time).
What's "Interceptor", BTW?
*NM, I'm reading up on it now.
** Related thread (with developers' response) : https://www.wilderssecurity.com/showthread.php?t=147469
to come back to the main question:
Is there an Anti-Keylogger app. or an other app. that prevent
keylogger from snooping?
It would really help everybody here when we get serious expert advise on that.
And not just keylogging either. lol.
SnoopFree does block your second screenshot method on my w2k system, it just opens a blank image. It also blocks the GetAsyncKeyState keylogging method.
Jetico V1 - Blocks the DirectX keylogging method
Somehow, that's not very informative (nor is it a source of concern here).
The thought of having to worry about "things that go bump in the night" is really pretty laughable if you have any kind of decent security set up at all and half a brain. (Trust me, I know ).
There's absolutely no other explanation here for having remained un-infected by anything for this long. Pete
When I said "the software SnoopFree has anti-screenshot features, which unfortunately is not able to block the two AKLT's test.", I didn't mean that SnoopFree was failing both leaktests, but that it wasn't passing both, sorry if I was unclear (I mean it was passing one, kind of bizarre french like sentence I guess).
Also, for information, I've tested AKLT on Vista :
- under a standard user account, with medium (default) integritylevel, it is fully working (not being admin still does not help).
- under a standard user account, with a low integritylevel, the 3 keylogging methods are not working.
To give more explanations, the Vista's UIPI feature isolates processes with different integritylevels (IL), and by default all running processes have a medium IL (except Windows services). AKLT having been set to a lower IL than the others, it cannot capture input from them. However, it can from other apps running at the same IL. Thus, AKLT was only able to catch keys typed into IE (as it is running by default with low IL).
Outpost too ;-)
Concerning Keyscrambler, I wrote this in the thread:
Can anyone confirm whether this is true?
2nd is true. The comunications is about as good (safe) as it gets, i think. But if you're infected with keyloggers and such... If you're clean, the connection is safe.
Actually checked Virtual PC2007 and threads showed this:
with our knowledge of AKL it gets a totally new point of view, what do ya think about? Usual or not?
Separate names with a comma.