Keyscrambler and WSA

Discussion in 'Prevx Betas' started by Motherroad, Feb 3, 2012.

Thread Status:
Not open for further replies.
  1. Motherroad

    Motherroad Registered Member

    Joined:
    Feb 13, 2006
    Posts:
    234
    Location:
    Florida
    I just reinstalled the latest WSA and notice that Keyscrambler does not work with Firefox. Seems to work OK with IE. Anyone else have this issue?
     
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Not really sure why you need keyscrambler with WSA. Maybe someone else can inform us both.
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I agree with trjam - I'd imagine they would conflict if you're using WSA Essentials or Complete. If you're on AV-only, however, that could be due to an incompatibility.

    If you could let me know what product you have installed and what OS you're using, I'll take a look :)
     
  4. Motherroad

    Motherroad Registered Member

    Joined:
    Feb 13, 2006
    Posts:
    234
    Location:
    Florida
    Found that WSA was blocking it in the protected applications list so I moved it to allow and all is good. As a side note I use Keyscrambler for realtime encryption of keystrokes. Thanks for the help.
     
  5. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    No conflicts at all here with Keyscrambler, WSA AV (only) and Firefox.
     
  6. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    speaking of keyscrambler and wsa.....keyscrambler encrypts any keyboard input in browser(free ks for example) and wsa identity shield protects any information entered in the app listed in 'Protected Applications(Advanced)' ......now firefox is listed in wsa and ks also encrypts it.....so how does wsa protect the information entered in ff if ks encrypts that information in realtime?...........I mean ks encrypts so that apps in the pc like malware are unable to read the information entered......if wsa which is an app in that same pc cannot read the information how can it protect it.....right?........

    so do wsa and keyscrambler not in effect conflict?......
     
    Last edited: Feb 4, 2012
  7. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Both are jamming the keyboard, so keyscrabler is fully redundant with WSA (essential and complete)
     
  8. Motherroad

    Motherroad Registered Member

    Joined:
    Feb 13, 2006
    Posts:
    234
    Location:
    Florida
    Not to sure about that as Keyscrambler encrypts the keysrokes in realtime. WSA more or less protects the user space.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    No, WSA does the same with encrypting keystrokes from kernel mode in realtime, although it goes a step above just encrypting to completely drop the keystrokes from the OS after zeroing them out to prevent any snooping.
     
  10. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    well then keyscrambler is definitely not needed since wsa does it's job.....

    but if ks is present in a system with wsa, is it possible that the duo double encrypts keystrokes?.....because I've seen ks showing encrypting keystrokes in it's bar even when wsa shows it's identity shield padlock.......
     
  11. Motherroad

    Motherroad Registered Member

    Joined:
    Feb 13, 2006
    Posts:
    234
    Location:
    Florida
    Thanks for the answer. Does WSA protect the keystrokes on websites with no padalock also?
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Yes, WSA in general (signature/bahaviour detection and firewall) will protect your system from keyloggers and malware components trying to connect out.
    However, the specific module "Identity Shield" will be functional only with padlock.

    Padlock should normally always be visible when you are on https websites or on protected applications. If not, you have problems there or changed its configuration.

    You can configure WSA to protect whatever website or application:

    Websites: http://www.webrootanywhere.com/sah_Identity_Protection.asp?n=Managing_protected_websites
    Applications: http://www.webrootanywhere.com/sah_Identity_Protection.asp?n=Managing_protected_applications
     
    Last edited: Feb 12, 2012
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
  14. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Last edited: Feb 12, 2012
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
  16. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    As any applications I guess its just a matter to identify the executables responsible for that function in the system and add it to the protected applications... :) As said already, KeyScrambler looks really redundant to me on a WSA framework. May be a sandbox could be a complement... but a jamming tool doesn't look like adding much to what already is there (and the key/screen logging protection in WSA is one of the best if not the best out there).

    But if you are keen to run it anyway then I am sure its fine also! Sometimes its more important how you feel confident on your security setup than the actual protection that setup is providing you.
     
    Last edited: Feb 12, 2012
  17. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Hi fax
    I'm just trying to participate in finding out if these two programs are redundant, as has been stated. Not to be flip, but I'm not keen to run WSA. Not at this time, anyway. But I enjoy keeping my eye on what is going on over here in the Prevx forum.
    And I agree with your thoughts about the importance of feeling confident with your setup.
    Thanks for the responses. ;)
     
  18. Motherroad

    Motherroad Registered Member

    Joined:
    Feb 13, 2006
    Posts:
    234
    Location:
    Florida
    Thanks for the input on this. I have decided to keep both WSA and Keyscrambler for now. They seem to get along ok. Mabey later I will decide that Keyscrambler is not needed.
     
  19. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    I think the question we need answered by Joe is whether the encrypting of keystrokes happens in -all- cases full time, or whether it only occurs for applications protected by the I&P module.

    If it happens full time in all situations, then WSA makes KS completely obsolete, because it does the same thing And More™. If it only does it for things that are covered by the I&P module, then trying to protect UAC and Login would be a pain.

    My -guess-, based on other information, is that it does it all the time at the kernel level for the entire system, I&P module not needed to get the key scrambling from WSA. Then the I&P module also blocks Other Interesting Things™ (like Clipboard, screen capture, data access, etc). Mind you this is my guess. Feedback from Joe would be best here.
     
  20. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Yep. KeyScrambler Premium protects Windows Logon, Domain Logon, and Vista UAC prompts. I'd like to hear from José too. ;)
     
  21. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    WSA will encrypt/protect keystrokes for the configured applications in the Protected Applications list (browsers by default, but other applications can be added). You should be able to add LogonUI.exe to the list to protect its keystrokes as well. We don't protect every keystroke every time just because of the potential for stray issues - some applications do require their keystrokes to be read (i.e. Synergy, which shares keystrokes across PCs).

    WSA will of course block known keyloggers with the antimalware protection so you're only ever exposed to unknown keyloggers running on your PC.
     
  22. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    'Realtime encryption of your keystroke stream is displayed live in the unobtrusive interface so you know how and when KeyScrambler is working.' 'As you type Keyscrambler encrypts your credentials.'

    'Encrypts usernames, passwords and credit card numbers'- for only complete users.

    so wsa essentials and av users do need Keyscrambler, right?
     
  23. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    No, only WSA without the identity shield may need keyscrambler (i.e. WSA antivirus). WSA essential and complete come already with the identity shield.
     
  24. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    as I've already mentioned 'Encrypts usernames, passwords and credit card numbers' is only for complete users......and ks does that......so essentials users also need ks........
     
  25. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Last edited: Feb 17, 2012
Thread Status:
Not open for further replies.