How safe is the on-screen keyboard?

  • Thread starter Thread starter Mike Henley
  • Start date Start date
M

Mike Henley

Hi, I'm wondering about the safety of the on-screen keyboard, I'm
considering its use it to type in my passwords instead of using the
ackeyboard in case there is a keylogger on my system.

Thanks.
 
Then you should be worried in general. All computers emit RF. Encoded in that RF carrier
is the computer binary information. There are specialty RF Digital Sniffers that can
intercept all computer I/O. If you're that worried, you need to do computing in a Faraday
room.

The chances are so slight that your keystrokes will be intercepted using an on-screen
keyboard that its not a worry.

Please note this is NOT a virus related question and should have been posted in a Security
related News Groups such as..

alt.computer.security

Dave




| Hi, I'm wondering about the safety of the on-screen keyboard, I'm
| considering its use it to type in my passwords instead of using the
| ackeyboard in case there is a keylogger on my system.
|
| Thanks.
 
I was interested in your reply, David, which I wouldn't have read if the
post had appeared elsewhere.
As Diallers are often referred to here, I thought the question was relevant
 
|
|The chances are so slight that your keystrokes will be intercepted using an on-screen
|keyboard that its not a worry.

Consider the type of on-screen keyboard. A system-wide one (as
opposed to one built into a program) may stuff its characters into
windows in a way that a keylogger will see it.

Phil
 
A key-logger was not his question. Then any form of input would be captured and sent to a
third party. The OP's question was quite specific about an on-screen keyboard.

Dave




|
| |
| |The chances are so slight that your keystrokes will be intercepted using an on-screen
| |keyboard that its not a worry.
|
| Consider the type of on-screen keyboard. A system-wide one (as
| opposed to one built into a program) may stuff its characters into
| windows in a way that a keylogger will see it.
|
| Phil
 
Mike said:
Hi, I'm wondering about the safety of the on-screen keyboard, I'm
considering its use it to type in my passwords instead of using the
ackeyboard in case there is a keylogger on my system.
Click to expand...

a keylogger may or may not be able to capture input from the on-screen
keyboard, but there are other types of malware that definitely can
capture this data so the use of the on-screen keyboard as a security
measure is specious at best...
 
David H. Lipman wrote:
[snip]
Please note this is NOT a virus related question and should have been posted in a Security
related News Groups such as..
Click to expand...

actually it's a malware related question and this is as good a place
for malware related questions as any...
 
kurt wismer said:
a keylogger may or may not be able to capture input from the on-screen
keyboard, but there are other types of malware that definitely can
capture this data so the use of the on-screen keyboard as a security
measure is specious at best...
Click to expand...

Well it's a home computer so i'm not concerned about hardware
keyloggers, it's more the malware keyloggers that worry me. So if the
onscreen keylogger from windows xp is not that good, what alternative
is there?

thanks
 
Mike said:
Well it's a home computer so i'm not concerned about hardware
keyloggers, it's more the malware keyloggers that worry me. So if the
onscreen keylogger from windows xp is not that good, what alternative
is there?
Click to expand...

the only real alternative is to prevent security compromising malware
from getting onto the system in the first place... once the system has
been compromised, there's no measure you can take to enter you secret
data while the malware remains and still expect your secret data to
remain secret..
 
|A key-logger was not his question. Then any form of input would be captured and sent to a
|third party. The OP's question was quite specific about an on-screen keyboard.


I think you miss my point. If a keylogger is hooked into the windows
message stream (as opposed to looking at the hardware port for the
keyboard), and the on-screen keyboard uses the windows mesage stream
to pass virtual keystrokes to windows, the key-logger would see (and
steal) the output from the on-screen keyboard. This is what the OP is
trying to avoid.

Phil
 
Back
Top