Trusteer Rapport - Opinions?

Please watch the Trusteer Video. It explains its scope is on the 'regular' open doors (allowed access to certain harddisks directories or internal program cimmunication means), not on the 'illegal' means a malware can get access to your data.

The scenario you mention (a young trojan) when not a user mode intrusion, will obtain ring-0 rights and kick-out other driver level security anyway when it is a well written malware. It seems that user mode (young trojans) are able to deselect services for a certain user. So a well designed anti-keylogger should stay on its feet in that scenario and you would benefit of your anti-keylogger after executing a keylogger type of young trojan. Do the maths: what is the chance of you being infected by a zero-day malware, what is the chance you got actually hit such a scarce type of malwar (user mode only attaking processes and services, not able to gain access on driver level). When a trojan tries to acquire ring-0 rights, UAC should kick in and you would be warned before the trojan performed the actual keylogger intrusion.

Still you have a point on which I have to give credits, but to trusteer rapport defense: it is outside its scope of protection and to my defense (when taking general chance into account), I would say "let's agree to disagree"

 

I upgraded my copy of Rapport and all of the key logging methods are now protected. I had a very old copy of Rapport it seems.

I am sure keyloggin protection is "within the scope" of Rapport as its one of the Advanced options you can turn on or off. Also this protection needs to work for Rapport to monitor passwords and other "confidential data" like credit card numbers (which seem to be protected on HTTP sites but not on HTTPS sites obviously).

The only thing that definitely doesn't work is protection against screen copying. I will send an email to support.

Thanks for the info.

 

I agree, that the extra protection Rapport offers may not be necessary if you have UAC turned on and properly configured security. But I have Rapport installed on my Dad's computer who still uses XP (no UAC) with full admin access (Yes, I know, madness but I can't afford to upgrade his computer just yet and its too old to run Vista or Win7).

 

Latest news:

Trusteer rolls out malware forensic tool for banks.