Vista - Defeating Keystroke Logging Programs ?

06-18-2007

Hello everyone,

I came across someone's idea (printed below) on how to defeat keystroke
logging programs, it seems like a good idea. What do you all think ? Is
there another perhaps better way ? Other than keeping your antivirus and
antispyware up to date, of course.

Also, what about on screen keyboards ? (Ie. type osk.exe in the "run" menu)
Are they effective ? Here, you don't even use the keyboard at all !

*** excerpt of person's idea ***

But thereâ€™s a completely simple way to defeat them, based on the fact that a
keylogger doesnâ€™t know where on the page the focus is when youâ€™re typing â€” it
has no context, it just has what is typed.

So, next time you login from a public internet terminal or somewhere else
you want to make sure your keystrokes arenâ€™t being logged, do this â€”

Put the focus on the password field, and type one character. Then click
somewhere else on the page â€” open Notepad if you have to â€” and type a bunch
of random characters. Then, click back in the password field, and type
another character. Repeat until your password is complete.

Extremely simple, extremely effective. Without the context of where the
focus was when you were typing, the resulting string of characters is useless.

From this report at Alta Vista Security Group. Via Metafilter.

**** end of excerpt ****

06-18-2007

Paul wrote:
> Hello everyone,
>
> I came across someone's idea (printed below) on how to defeat keystroke
> logging programs, it seems like a good idea. What do you all think ? Is
> there another perhaps better way ? Other than keeping your antivirus and
> antispyware up to date, of course.
>
> Also, what about on screen keyboards ? (Ie. type osk.exe in the "run" menu)
> Are they effective ? Here, you don't even use the keyboard at all !

The onscreen keyboard completely emulates keyboard events, and just
looks like a normal keyboard to your programs (good and bad). This means
the key presses will still be captured normally.

> *** excerpt of person's idea ***
>
> But thereâ€™s a completely simple way to defeat them, based on the fact that a
> keylogger doesnâ€™t know where on the page the focus is when youâ€™re typing â€” it
> has no context, it just has what is typed.

Faulty axiom. A keylogger can easily know which control has the focus,
and most keyloggers do track focus changes.

Sorry. Doesn't work :-(

Alun Harford

06-19-2007

I didn't know this. So, if I understand you correctly, the keylogger can
tell which keystrokes are actually used by the application and how they are
used, and which keystrokes are "thrown on the floor".

I order to do this, doesn't the keylogger have to log a picture of the
website as well ?

Paul
____________________________________

"Alun Harford" wrote:

> . . .
> > *** excerpt of person's idea ***
> >
> > But thereâ€™s a completely simple way to defeat them, based on the fact that a
> > keylogger doesnâ€™t know where on the page the focus is when youâ€™re typing â€” it
> > has no context, it just has what is typed.
>
> Faulty axiom. A keylogger can easily know which control has the focus,
> and most keyloggers do track focus changes.
>
> Sorry. Doesn't work :-(
>
> Alun Harford
>
keystroke logging keypress log

06-19-2007

Paul wrote:
> I didn't know this. So, if I understand you correctly, the keylogger can
> tell which keystrokes are actually used by the application and how they are
> used, and which keystrokes are "thrown on the floor".
>
> I order to do this, doesn't the keylogger have to log a picture of the
> website as well ?

No. It just has to log the handle of the windows control that has the
focus when the user types each key.

Alun Harford

06-19-2007

Just a thought, because I don't know anything about keyloggers, but can they
be tricked by typing text into the appropriate field, selecting all (or a
part) of the text via the mouse and just replacing text that way as you go
(the window in question never looses focus)???
Emill

"Alun Harford" <devnull@alunharford.co.uk> wrote in message
news:e63ZbAnsHHA.4916@TK2MSFTNGP05.phx.gbl...
> Paul wrote:
>> I didn't know this. So, if I understand you correctly, the keylogger can
>> tell which keystrokes are actually used by the application and how they
>> are used, and which keystrokes are "thrown on the floor".
>>
>> I order to do this, doesn't the keylogger have to log a picture of the
>> website as well ?
>
> No. It just has to log the handle of the windows control that has the
> focus when the user types each key.
>
> Alun Harford
>

06-19-2007

> "Alun Harford" <devnull@alunharford.co.uk> wrote in message
> news:e63ZbAnsHHA.4916@TK2MSFTNGP05.phx.gbl...
>> Paul wrote:
>>> I didn't know this. So, if I understand you correctly, the keylogger
>>> can tell which keystrokes are actually used by the application and how
>>> they are used, and which keystrokes are "thrown on the floor".
>>>
>>> I order to do this, doesn't the keylogger have to log a picture of the
>>> website as well ?
>>
>> No. It just has to log the handle of the windows control that has the
>> focus when the user types each key.
>>
>> Alun Harford

"Emill" <emill@eunet.yu> wrote in message
news:1D756D69-02D3-4A5F-80D8-8C33B27898D8@microsoft.com...
> Just a thought, because I don't know anything about keyloggers, but can
> they be tricked by typing text into the appropriate field, selecting all
> (or a part) of the text via the mouse and just replacing text that way as
> you go (the window in question never looses focus)???
> Emill

You could get around it by typing the end of the password, clicking to the
start and entering the start of the password. Most keyloggers will record
focus and if the moust was clicked but they generally dont know WHERE the
mouse was clicked. So if my password was 12345 i could type 345 click to
the start, type 23, click to the start and type 1. Or you could just
open character map and choose the letters from that or an on-screen
keyboard.

Copy and pasting from another window that already has the words in is
another workaround.

Knaj · 06-23-2007

You know.. I think that the easiest way to defeat keyloggers is to use anti-keyloggers

None of us know about them as much as specialists do. Can also recommend to visit these two sites:
Keylogger.org - Independent testing, rating and review of monitoring software, Anti-Keylogger.Org - Independent Comparison of Popular Anti-Keyloggers and Anti-Spyware Products

06-18-2007	#1 (permalink)
Paul n/a posts	Defeating Keystroke Logging Programs ? Hello everyone, I came across someone's idea (printed below) on how to defeat keystroke logging programs, it seems like a good idea. What do you all think ? Is there another perhaps better way ? Other than keeping your antivirus and antispyware up to date, of course. Also, what about on screen keyboards ? (Ie. type osk.exe in the "run" menu) Are they effective ? Here, you don't even use the keyboard at all ! * excerpt of person's idea * But thereâ€™s a completely simple way to defeat them, based on the fact that a keylogger doesnâ€™t know where on the page the focus is when youâ€™re typing â€” it has no context, it just has what is typed. So, next time you login from a public internet terminal or somewhere else you want to make sure your keystrokes arenâ€™t being logged, do this â€” Put the focus on the password field, and type one character. Then click somewhere else on the page â€” open Notepad if you have to â€” and type a bunch of random characters. Then, click back in the password field, and type another character. Repeat until your password is complete. Extremely simple, extremely effective. Without the context of where the focus was when you were typing, the resulting string of characters is useless. From this report at Alta Vista Security Group. Via Metafilter. ** end of excerpt **
My System Specs

06-18-2007	#2 (permalink)
Alun Harford n/a posts	Re: Defeating Keystroke Logging Programs ? Paul wrote: > Hello everyone, > > I came across someone's idea (printed below) on how to defeat keystroke > logging programs, it seems like a good idea. What do you all think ? Is > there another perhaps better way ? Other than keeping your antivirus and > antispyware up to date, of course. > > Also, what about on screen keyboards ? (Ie. type osk.exe in the "run" menu) > Are they effective ? Here, you don't even use the keyboard at all ! The onscreen keyboard completely emulates keyboard events, and just looks like a normal keyboard to your programs (good and bad). This means the key presses will still be captured normally. > * excerpt of person's idea * > > But thereâ€™s a completely simple way to defeat them, based on the fact that a > keylogger doesnâ€™t know where on the page the focus is when youâ€™re typing â€” it > has no context, it just has what is typed. Faulty axiom. A keylogger can easily know which control has the focus, and most keyloggers do track focus changes. Sorry. Doesn't work :-( Alun Harford
My System Specs

06-19-2007	#3 (permalink)
Paul n/a posts	Re: Defeating Keystroke Logging Programs ? I didn't know this. So, if I understand you correctly, the keylogger can tell which keystrokes are actually used by the application and how they are used, and which keystrokes are "thrown on the floor". I order to do this, doesn't the keylogger have to log a picture of the website as well ? Paul ____________________________________ "Alun Harford" wrote: > . . . > > * excerpt of person's idea * > > > > But thereâ€™s a completely simple way to defeat them, based on the fact that a > > keylogger doesnâ€™t know where on the page the focus is when youâ€™re typing â€” it > > has no context, it just has what is typed. > > Faulty axiom. A keylogger can easily know which control has the focus, > and most keyloggers do track focus changes. > > Sorry. Doesn't work :-( > > Alun Harford > keystroke logging keypress log
My System Specs

06-19-2007	#4 (permalink)
Alun Harford n/a posts	Re: Defeating Keystroke Logging Programs ? Paul wrote: > I didn't know this. So, if I understand you correctly, the keylogger can > tell which keystrokes are actually used by the application and how they are > used, and which keystrokes are "thrown on the floor". > > I order to do this, doesn't the keylogger have to log a picture of the > website as well ? No. It just has to log the handle of the windows control that has the focus when the user types each key. Alun Harford
My System Specs

06-19-2007	#5 (permalink)
Emill n/a posts	Re: Defeating Keystroke Logging Programs ? Just a thought, because I don't know anything about keyloggers, but can they be tricked by typing text into the appropriate field, selecting all (or a part) of the text via the mouse and just replacing text that way as you go (the window in question never looses focus)??? Emill "Alun Harford" <devnull@alunharford.co.uk> wrote in message news:e63ZbAnsHHA.4916@TK2MSFTNGP05.phx.gbl... > Paul wrote: >> I didn't know this. So, if I understand you correctly, the keylogger can >> tell which keystrokes are actually used by the application and how they >> are used, and which keystrokes are "thrown on the floor". >> >> I order to do this, doesn't the keylogger have to log a picture of the >> website as well ? > > No. It just has to log the handle of the windows control that has the > focus when the user types each key. > > Alun Harford >
My System Specs

06-19-2007	#6 (permalink)
Cy!on n/a posts	Re: Defeating Keystroke Logging Programs ? > "Alun Harford" <devnull@alunharford.co.uk> wrote in message > news:e63ZbAnsHHA.4916@TK2MSFTNGP05.phx.gbl... >> Paul wrote: >>> I didn't know this. So, if I understand you correctly, the keylogger >>> can tell which keystrokes are actually used by the application and how >>> they are used, and which keystrokes are "thrown on the floor". >>> >>> I order to do this, doesn't the keylogger have to log a picture of the >>> website as well ? >> >> No. It just has to log the handle of the windows control that has the >> focus when the user types each key. >> >> Alun Harford "Emill" <emill@eunet.yu> wrote in message news:1D756D69-02D3-4A5F-80D8-8C33B27898D8@microsoft.com... > Just a thought, because I don't know anything about keyloggers, but can > they be tricked by typing text into the appropriate field, selecting all > (or a part) of the text via the mouse and just replacing text that way as > you go (the window in question never looses focus)??? > Emill You could get around it by typing the end of the password, clicking to the start and entering the start of the password. Most keyloggers will record focus and if the moust was clicked but they generally dont know WHERE the mouse was clicked. So if my password was 12345 i could type 345 click to the start, type 23, click to the start and type 1. Or you could just open character map and choose the letters from that or an on-screen keyboard. Copy and pasting from another window that already has the words in is another workaround.
My System Specs

06-23-2007	#7 (permalink)
Knaj XP Pro 1 posts	Re: Defeating Keystroke Logging Programs ? You know.. I think that the easiest way to defeat keyloggers is to use anti-keyloggers None of us know about them as much as specialists do. Can also recommend to visit these two sites: Keylogger.org - Independent testing, rating and review of monitoring software, Anti-Keylogger.Org - Independent Comparison of Popular Anti-Keyloggers and Anti-Spyware Products
My System Specs

Similar Threads
Thread	Forum
All my programs crash when logging in	System Security
Need help - keystroke logger???	System Security
Keystroke Mystery!!!	Vista General
Keystroke commands	Vista General
Article - Malware defeating UAC doesn't appear too hard to do	Vista General