hiding private information from keyloggers Q

Discussion in 'privacy general' started by steve161, Jun 4, 2007.

Thread Status:
Not open for further replies.
  1. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Let's say that a person who is not too concerned about computer security makes a lot of online transactions with a credit card. Is there some a way to protect his personal information against keyloggers other than more security programs. As an example, would using the on-screen keyboard defeat most keyloggers? Or, better yet, a linux live cd?

    Edit: Apparently there is a thread that was started started a day before on this subject. We must have seen the same blog. Moderator, delete at will.
     
    Last edited: Jun 5, 2007
  2. firefox2008

    firefox2008 Registered Member

    Joined:
    May 17, 2007
    Posts:
    125
    If you have Firefox use this add on to encrypt keystrokes:

    https://addons.mozilla.org/en-US/firefox/addon/3383



    KeyScrambler Personal encrypts your keystrokes at the kernel driver level to protect your login information from keyloggers...

    KeyScrambler Personal encrypts your keystrokes at the kernel driver level to protect your login information from keyloggers.

    When you type on your keyboard, the keys travel along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The collected information is then sent to the criminals who will use it to steal from you.

    KeyScrambler defeats keyloggers by encrypting your keystrokes at the keyboard driver level, deep within the operating system. When the encrypted keystrokes reach your browser, KeyScrambler then decrypts them so you see exactly the keys you've typed. Keyloggers can only record the encrypted keys, which are completely indecipherable.

    Unlike anti-virus and anti-spyware programs that depend on recognition to remove keyloggers that they know about, KeyScrambler will protect you from both known and unknown keyloggers. What's more, KeyScrambler provides protection without getting in your way. You don't have anything to learn about the program and you don't have to do anything differently, but with KeyScrambler your important personal information will be a whole lot safer.
     
  3. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Thanks for the info, I do use FF with plug-ins but was not aware of this one.

    Ubuntu on my box.
     
  4. wantsprotection

    wantsprotection Registered Member

    Joined:
    Jun 12, 2007
    Posts:
    35
    HIPS applications such as System Safety Monitor also protect against known and unknown keyloggers by restricting low-level keyboard access to a few trusted programs.
     
  5. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I boot into SLAX off a write protected usb flashdrive when i do my online transactions. Simple, safe and leaves no traces.
     
  6. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Use the free version of AI Roboform.
    It encrypts everything sent to the website. It also allows you to be lazy in all kinds of ways.
     
  7. wantsprotection

    wantsprotection Registered Member

    Joined:
    Jun 12, 2007
    Posts:
    35
    I use RoboForm2Go. It stores all your site passwords on an encrypted flash drive. It generates passwords randomly, and signs in when you visit a site.

    Key Advantages:
    + You won't use the same password on multiple sites
    + You won't use weak passwords
    + You become immune to many key loggers
    + You don't have to remember passwords
    + You login to sites much faster

    Now, specific to the messages above:
    I've tested that RoboForm2Go defeats many key loggers and clipboard recorders. Although, you're vulnerable the first time you create a password.
    RoboForm has nothing to do with encrypting your session. Your web session is encrypted when you see "https" in the URL and unencrypted otherwise. In general, banks and stock trading sites will use https.
     
Loading...
Thread Status:
Not open for further replies.