Discussion in 'privacy technology' started by gismo999, Sep 19, 2006.
Hi Pete (spy1),
thanks, I will try it again.
Hi Pete (spy1),
I tried the entire process again but failed. Downloading and installation was o.k. but on all the pages the same message:
"This page is not
Encryption module error"
All the same problems to write a post here with WIN Dr. Watson Debugger and shut down the browser when I touched
my keyboard and started typing.
anyways...thanks for your advise
How hard is it for a trojan defeat keyscrambler? Apparently, not very hard.
A lot of trojans, even old (Haxdoor, Metafisher, Goldun) already do this (capture http post), and I doubt this extension has much to offer against kernel-level keyloggers as well.
You can download a brief video of just how much "anything you enter in the Web browser is protected against keyloggers" here: http://www.megaupload.com/?d=ZJEVNRE9
This was done through a simple application that doesn't even need to install kernel-level hooks of any kind. Hell, you don't even need to install it.
My thoughts? KeyScrambler is useless and certainly doesn't do what it claims to do.
TNT - What was the link supposed to do (or what was I supposed to have done when I got there)?
On the wonderful little page that came up about the Art Institute I started typing in a fictious name and KeyScrambler went right ahead and encrypted the keystrokes - was that what I was supposed to have tried, or what? Pete
What the hell are you talking about? Art Institute?
IN IE last night, I got a completely different page than I got just now in FireFox (it included a pop-up advertisement for the school I was telling you about in the other post).
Very interesting clip. I'll email it to the developer and see what he has to say about it. Thank you. Pete
Oh yeah Megaupload does that sometimes.
In regard to some comments in this thread:
I got the following response from KeyScramblers' developer (email re-printed in full with his permission) :
The poster "TNT" appears to use HTTP Interceptor to record the http
traffic from his browser. HTTP Interceptor is a pseudo-proxy which
requires setting up your browser to use a local proxy, in effect sending
all your data to HTTP Interceptor. It should not be surprising that it
is then able to record that data. Just as if you went to a phishing
website and entered your password, KeyScrambler can do nothing to
prevent that site from capturing your password. There are other more
appropriate tools for such threats.
Please keep in mind that KeyScrambler is designed to defeat just
keyloggers. It is not a comprehensive security suite or a silver-bullet
against all forms of data capturing and we have never claimed it to be.
What it does is provide an extra layer of protection against a specific
threat. We have thus far not heard of anyone coming up with a keylogger
that KeyScrambler cannot defeat. And if we ever do, you can be sure
that we will address it appropriately and promptly.
QFX Software Corporation
As I am in here way over my head, I'll simply leave it at that. Pete
There are trojans that do this, so this is not just related to phishing sites.
Well, it does say that it prevents all data sent through a browser to be captured, doesn't it?
As I said in the PM, KeyScrambler probably defeats some keyloggers, but to think this is a strong protection against all forms of data capture used by real-life password-logging threats is wrong. There are known and widespread "PSW" trojans for which this utility can't do anything. And yes, those trojans work on web pages logins.
I believe what Qian's saying is that the software you've got on your computer is by-passing what KS does due to the way it's set up there, thus skewing your perception of what would be happening in a real environment on someone else's computer who was using KS.
Is there any way that can be checked? Pete
Well, if he's saying that, he's wrong. Haxdoor, to name one, does http post capture.
TNT - I think one of the main communication problems we're having here is that you're basing everything you're saying on the scenario where someone's already infected with something like Haxdoor.
I'm basing my viewpoint from the perspective of someone who is not already infected with anything (there are those of us who aren't, you know).
So - lacking a pre-existing infection of some sort (which would enable that malware to by-pass KS's protection), are you maintaining that KS would not protect someone's computer?
If so, why? And please provide me with a direct link to somewhere that I can actually prove it for myself. Thank you. Pete
If you're not infected with anything, you don't have to worry about malicious software logging your keystrokes or your login forms. In that case, the only way one can snoop on your communication is if he sits in a channel between your computer and the remote server. Since KeyScrambler doesn't encrypt this channel (and it simply can't, since the encryption scheme has to be supported on both ends -- meaning both on your computer and the remote server, and KeyScrambler only is on your computer), the presence of KeyScrambler makes no difference: if someone is logging your traffic, he will still be able to, if there's nobody logging your traffic (or if it is already encrypted), then you're safe.
What protects you from such methods? I think there is no antikeylogger that could past this basic method primative has it is. That's the whole irony of it...
I don't see the solution to this either, other than "keep the malware from infecting your computer".
regarding anti-keylogger and reliability:
What do you make out of this:
PRIVACYKEYBOARD - Anti Keylogger for workstations, small offices and home computers
Is that ALL commercial bla bla or something that may be is
As you said; there is no such thing as a protecting anti-keylogger because of the need that both sides encryption (sender / receiver).
TNT, what I'm looking for is privacy protection as many other peoples out there. Would this software as prom missing help
Thanks in advance for your opinion.
Would a SSL encrypted connection (https), which most web sites requiring security would/should use, not prevent any http capturing?
Or is the capturing (by a trojan f.ex.) done before the SSL encryption part?
Found the following document reviewing some anti-keyloggers including KeyScrambler:
Please don't link to red-flagged sites by McAfee Site Advisor.
@ Someguy, thanks for the link, looks like a nice review.
Btw, GuardedID is now available for download so perhaps y´all want to check it out. It didn´t work on my virtual machine though, might be a compatibility problem.