Evading Keyloggers with a Virtual Keyboard

Are you comfortable using your computer to do your banking and other sensitive business? You shouldn't be. If your personal information should fall into the wrong hands then your bank account could become their bank account and I don't think they would be making deposits when they access it. Have you ever walked away from a public computer after using it and had some second thoughts regarding your personal security and some business you are conducting? You probably have. If you haven't then you are a prime candidate to be victimized by identity or personal information thieves on the Internet.

The problem lies in your keyboard. There is spyware out there that allows people to see every keystroke you make as you use your computer. Right now, as you are reading this, people are having thier personal information hijacked by people using this spyware.

You may think that you're safe because this sort of thing only happens to other people. Right? Maybe not! You may think that this is something for only the rich to worry about. But you must remember that to criminals in far off countries, you are rich.

Your personal information is itself valuable on the black market. Imagine having all your personal information being bartered around some city, half way around the globe.

So what can you do but keep your fingers crossed, Right? Wrong! At vstroke you can use your computer without using your keyboard. It's a totally secure website that allows you to use a virtual keyboard on your computer screen, without actually having to type anything in through the keyboard. Everything is done through the mouse, so it's completely secure. When you log on and use the virtual keyboard, anyone who wants to see what you are typing is left completely in the dark. It's as simple as that. So you can go on taking your chances and keep your fingers crossed or you can use vstroke for free. Remember that on the net, you are responsible for your own security.

Written by Christopher Jones. Protect your web privacy and personal data now with Vstroke. This virtual keyboard is free and easy to use, so why wait?

An Awesome E-mail Keystroke Time Saver: SHIFT_Delete

The great thing about leading programs on time management and personal organization all around the country is that I get to occasionally learn a few really good tips from the people that attend my programs. This is one of the best e-mail keystroke strategies that I have learned in some time. Accordingly, I have to give a big “thanks” to one of my recent course attendees, Nancy from Boston, for this wonderful e-mail suggestion. It is a very simple keystroke command that helps MS Outlook and other popular e-mail program users deal efficiently and ruthlessly with SPAM and junk e-mail in their inboxes.

The tip is a simple tip to use whenever you receive a “junk” or “spam” e-mail in your inbox, especially for those messages that you are suspicious may harbor illicit content, malicious spyware, or possible viruses. Most of us have learned the “Double Delete” strategy (delete suspect messages from your e-mail inbox, then delete again the same items again from your deleted items box also, so the message is knocked completely out of your system and thus cannot infect or harm your system). This tip helps you “shortcut” that process:

Rather than hitting the delete key to delete the message, and then going into your deleted items folder to delete the message again, instead just hit the “Shift” and “Delete” keys simultaneously. This will completely eliminate the message from your e-mail account in one step. (If you are an MS Outlook user, when you do this, Outlook will ask you if you are sure you want to fully delete – just click “Yes” or hit "Enter", and that message is GONE.)

If you are a user of other popular e-mail management tool, such as Lotus Notes or GroupWise, this technique should work for your e-mail system too, but it does not for all of you Mac users, nor does it work of browser-based e-mail programs like Yahoo! or HotMail (sorry!).

Now, you have no more need to “Double Delete” – just blast those junk and SPAM e-mails right out of your box once and for all!

Randy Dean (http://www.randalldean.com) is the "Totally Obsessed" Time Management/PDA Guy and E-mail Sanity Expert. A very popular speaker and trainer, Randy has led programs all around the United States on better time management and e-mail sanity. The author of the book, Major Satisfactors = Major Success, and developer of the popular speaking/training program, "Taming the E-mail Beast: Managing the Mess of E-mail and Information Overload", Randy is working on a new book and related DVD program on how to better manage your productivity and sanity related to e-mail and info overload. Randy also has popular speaking programs for conferences and association meetings, including his "Finding an Extra Hour Every Day" program, "The PDA Power Program", and "(RE)Awakening the Passion and Energy in Your Work and Life", as well as highly rated training programs, including his highlight full-day "Time Management for Busy Managers, Leaders, and Professionals" course. You can learn much more about Randy and his upcoming courses and programs at http://www.randalldean.com

The Truth About Keystroke Loggers

Programs that record data about users' activity in Internet and send them to their developers are called Spyware. Their activity can have different results - from pop-up advertisements to serious violations of OS, including personal data theft, pressed keys record, "back door" installation, etc. Also known as 'drive-by downloads', Spyware-applications use up-to-date methods of intrusion. Many users do not know that most spyware-applications penetrate into their computers when they visits different web-pages, opens archived files, clicks on pop-ups that contain active elements like ActiveX, Java Applet, etc. Spyware-modules can also be bundled with graphic files and sometimes with drivers for new hardware.

Spy Methods
Spyware-applications may function in different ways - it depends on the data they collect. Some of them collect data about user's habits in Internet for marketing purposes, others are more dangerous. Anyway, spyware-applications try to identify data sent over the network by using a unique identifier (cookie for example) which is located on user's PC, or a Global Unique Identifier (GUID). After that spyware sends logs to a remote user or to the server that collects the data. Usually, this data include host's name, IP-address and GUID, as well as logins, passwords, etc.

Types of Keystroke Loggers
Keystroke logger is an application that spies on pressed keyboard buttons and sends this information to the malevolent user. This can be performed by mail or by sending data directly to the server located somewhere in the global network.

Keystroke loggers have been around for a pretty long time. However, the increase of their amount requires new attention nowadays. The reason is easiness of infecting a PC - all a user needs to become infected is to visit a certain web-page.

There are three types of Keystroke Loggers:

- Hardware Keystroke Loggers
These are miniature built-in devices, located between the keyboard and the PC. Due to their tiny size they remain unnoticed for a long time. However, they require physical access to the equipment. These devices can record hundreds of symbols (including mail and bank data) that were typed from the keyboard.
- Application with Intercepting Mechanism
This type uses Windows function called API SetWindowsHookExe that monitors the reports of pressed keyboard buttons. Usually, this spyware-application consists of the exe-file that initiates the function of interception and the dll-file that controls the functions of data recording.
- Kernel/Driver Keystroke Loggers
This type of keystroke loggers locates on the kernel level and receives data directly from the input device (keyboard). It replaces the main software that controls all pressed keys. As the program is launched on the kernel level, it cannot intercept autofill passwords because this information is handed over on the application level.
Detecting and Removing of Keystroke Loggers
With its actions and work spyware-application differs fundamentally from a virus or a worm. That is why many anti-viruses consider it to be a usual program. The thing is that virus signatures differ from spyware signatures.

Firewalls are also helpless against spyware-applications, as spyware are usually bundled with other programs, hidden in the graphical file or perform usual web-traffic on the 80th port.

That is why it is of great importance for a user to make sure that his OS has all the necessary updates. The best way of protection from infection (besides changing the OS on more secure, like Mac OS X) is teaching users not to press everything they come across in the network and install only the most necessary software. Users should be taught to avoid 'free' software and pop-ups. It is also important to make sure that firewall settings are correct and secure, and have at least one program for detecting and removing of spyware. Some examples of such programs are
Microsoft Antispyware, Arovax Antispyware (http://www.arovaxantispyware.com), Ad-Aware.

It should be noted that basically the spyware problem is closely connected with Microsoft Internet Explorer browser. Using more modern and functional browsers like Mozilla Firefox can practically save users from this problem. However, the fact is that some web-sites were developed for being used with Internet Explorer, so browser change may not satisfy all users' needs.

How to Prevent from Pressed Keys Recording
Keystroke loggers, both hardware and software, are developed for intercepting symbols that were typed from a keyboard. Using a virtual keyboard for typing user's name and password is a good way to prevent from interceptions on the web-applications level. Virtual keyboard is a graphical presentation of a usual keyboard. A user types data from it by clicking with his mouse button on the necessary symbols. This solution will not satisfy all users, of course. However, this method can be used when working with important information or certain applications. It also should be noted that using a virtual keyboard does not guarantee full security because some keystroke loggers make pictures of the screen during every pressing a mouse-button. To avoid it, some virtual keyboards are able to enter symbols when a mouse-cursor is directed at them and held on them for some time. Thus, a user can enter information without pressing the mouse-button.

There is another way to avoid interception - program's inquiry to randomly enter password symbols. For example the program can ask a user to enter 1st, 3rd and 5th symbols and then even symbols. However, the order of entering must be different every time, otherwise the original password can be restored by somebody who constantly follows the entered information. The disadvantage of this method is that keystroke loggers record all symbols and a malevolent user can get the password by "playing with" symbol combinations.

How to Counteract Keystroke Loggers
There are two types of applications that counteract keystroke loggers: - Counteraction on the basis of signatures
These applications detect a keystroke logger by the files that it installs and by signatures that it adds to the register. Fighting known keystroke loggers in a good way, they are helpless against those programs that are not included into their database.
- Counteraction on the basis of interception
The process of interception (filtration) of Windows messages uses the function SetWindowsHookEx, the same as keystroke loggers do. This process is used for viewing certain actions but counteracting interception applications forbid control hand over from one function to another. As a result, there is no information in the logs of keystroke loggers. Though this method of counteraction is more effective than the first one we should note that it is not able to fight kernel/driver keystroke loggers.

Conclusions
Because of increased spyware-applications amount in the last time, we can observe rapid growth of websites and malevolent users that benefit from keystroke loggers installation and private data theft.

You have to be aware of the danger and you should be able to define it. The first step in the fight against spyware-applications is using an alternative browser, for example Firefox, Opera, etc. If for some reason this cannot be done, you should take necessary measures in order to maintain preventive diagnostics as well as define and remove keystroke loggers from your PC using latest Antispyware software. It is also wise to use anti-spyware programs that detect and remove spyware applications.

Arovax Company (http://www.arovaxcompany.com), for example, offers a number of effective solutions for solving this issue. Its programs - Arovax Shield (http://www.arovaxshield.com) and Arovax Antispyware (http://www.arovaxantispyware.com) - are developed to help users protect their computers.

Kira Foster is an expert on modern IT technologies and security software. She is also a Project Manager of Arovax Company (http://www.arovaxcompany.com) which is one of the leaders in the field of software development and PC protection. More articles by Kira Foster http://www.arovax.blogspot.com , http://forum.arovaxcompany.com