http://www.aplin.com.au/forum/forum/neos-safekeys-forum Go to www.aplin.com.au/forums for new forum en-US Sun, 05 Feb 2012 19:14:42 +0000 http://bbpress.org/?v=1.0.2 q http://www.aplin.com.au/forum/search.php http://www.aplin.com.au/forum/topic/pandora-charms#post-2777 Wed, 18 Jan 2012 18:04:05 +0000 biscuit15 2777@http://www.aplin.com.au/forum/ <p><a href="http://www.pandora-charms-au.com">pandora charms</a> For you to firmly<br /> requirement <a href="http://www.pandora-charms-au.com">pandora australia</a> excellent goo routinely, the many customized ended up turning into managed Aside from an moderately priced package of the <a href="http://www.pandora-charms-au.com">pandora charms australia</a> pas cher beads cheap it’s also lighting effects and easily available when contemplating purchase <a href="http://www.pandora-charms-au.com">pandora charms online</a> pas cher. The only remainder <a href="http://www.pandora-charms-au.com">pandora australia sale</a> in between a diamond </p> http://www.aplin.com.au/forum/topic/hidden-mouse-mode-with-programs-like-flux#post-2107 Sat, 17 Dec 2011 08:26:22 +0000 neo 2107@http://www.aplin.com.au/forum/ <p>With my testing the mouse pointer does not show on screen captures, but do note that the mouse coordinates can still be known. </p> http://www.aplin.com.au/forum/topic/hidden-mouse-mode-with-programs-like-flux#post-1970 Mon, 12 Dec 2011 09:28:32 +0000 bosou 1970@http://www.aplin.com.au/forum/ <p>But does the mouse pointer show on screen captures? </p> http://www.aplin.com.au/forum/topic/hidden-mouse-mode-with-programs-like-flux#post-1862 Fri, 09 Dec 2011 20:05:04 +0000 neo 1862@http://www.aplin.com.au/forum/ <p>I found out that f.lux works by changing the colour profile of the monitor (which does not affect the mouse). Nothing I can do to assist... </p> http://www.aplin.com.au/forum/topic/deletion-of-account#post-1860 Fri, 09 Dec 2011 19:49:03 +0000 admin 1860@http://www.aplin.com.au/forum/ <p>Your account has been deleted, gtb. </p> http://www.aplin.com.au/forum/topic/forum-being-spammed-this-is-being-investigated#post-1852 Fri, 09 Dec 2011 16:29:34 +0000 admin 1852@http://www.aplin.com.au/forum/ <p>This forum has now been closed and is no longer being updated.</p> <p>For new posts, please visit <a href="http://www.aplin.com.au/forums" rel="nofollow">http://www.aplin.com.au/forums</a>.</p> <p>Neo. </p> http://www.aplin.com.au/forum/topic/deletion-of-account#post-1469 Fri, 25 Nov 2011 00:09:05 +0000 Anonymous 1469@http://www.aplin.com.au/forum/ <p>Hi Neo,</p> <p>Is there a way of deleting an account? I don't need it any more and would like to close it/have it closed.</p> <p>Regards,<br /> gtb </p> http://www.aplin.com.au/forum/topic/hidden-mouse-mode-with-programs-like-flux#post-677 Thu, 27 Oct 2011 19:15:02 +0000 neo 677@http://www.aplin.com.au/forum/ <p>Hi bosou. Thanks for the post. I was unaware of f.lux - looks like a nice little program.</p> <p>However, it does play havoc with the hidden mouse mode, as you've written. I'm not quite sure what it is doing to cause this, though. Hope to have a deeper look over the next few days. I'll keep you posted.</p> <p>Neo. </p> http://www.aplin.com.au/forum/topic/hidden-mouse-mode-with-programs-like-flux#post-628 Fri, 21 Oct 2011 03:39:27 +0000 bosou 628@http://www.aplin.com.au/forum/ <p>Hi Neo,</p> <p>First of all - thank you very much for this wonderful application. Not only does it do its job but it's also easy and dead-simple to use, excellent engineering.<br /> Keep up the good work!</p> <p>I'm writing to report an issue I've encountered while using the hidden mouse mode in conjunction with f.lux.</p> <p>If you're unaware, f.lux (<a href="http://stereopsis.com/flux/" rel="nofollow">http://stereopsis.com/flux/</a>) is a software which shifts the screen's color temperature towards the warmer spectrum in order to avoid eye strain and sleep disorders when working with bright monitors at night.</p> <p>The issue: working in the hidden mouse mode while using f.lux I've noticed that the small gray dot is actually much more visible than usual under all transparency settings.<br /> This happens because the mouse pointer color is unaffected by the changes so is stays 100% white while other whites become more yellowish, and it's very prominent on the buttons.</p> <p>So there might be two opposing possibilities here:</p> <p>1. What is visible to the user is visble to the software - screen capturing might enable to detect the mouse pointer due to the difference in color. This is a possible "breach".</p> <p>2. The changes are either at the monitor level (I'm not sure) or otherwise don't affect the actual screen grabs. This might be a "feature" as the mouse pointer is clearly visible to the user while being undetectable in screen captures. Thus making this (more secure) mode much more user friendly.</p> <p>You might want to take a look at that.</p> <p>Thanks again. </p> http://www.aplin.com.au/forum/topic/is-their-a-benefit-to-using-safekeys-with-a-lastpassubikey-setup#post-428 Mon, 19 Sep 2011 18:05:07 +0000 neo 428@http://www.aplin.com.au/forum/ <p>Hi Bruce. Thanks for the question. I've done a little bit of reading into the Yubikey product. Looks like a neat solution, though all I have seen is their website and this page: <a href="http://helpdesk.lastpass.com/security-options/yubikey-authentication/" rel="nofollow">http://helpdesk.lastpass.com/security-options/yubikey-authentication/</a></p> <p>From what I can tell, this combination eliminates the need to write a password for day-to-day use and password entry. As such I can't see any benefit for Neo's SafeKeys to be put into the equation.</p> <p>...but I think you are correct; for the initial master password setting for YubiKey, Neo's SafeKeys may offer some additional protection. </p> http://www.aplin.com.au/forum/topic/is-their-a-benefit-to-using-safekeys-with-a-lastpassubikey-setup#post-422 Sun, 28 Aug 2011 04:46:18 +0000 bdmeyer 422@http://www.aplin.com.au/forum/ <p>I am thinking perhaps for entering the master password perhaps?<br /> I am very interested in hearing any comments on how Safekeys may augment using LastPass with Ubikeys.</p> <p>Thank you,<br /> --Bruce </p> http://www.aplin.com.au/forum/topic/better-protection#post-313 Fri, 12 Aug 2011 20:30:15 +0000 neo 313@http://www.aplin.com.au/forum/ <p>Hi hes. I did have a randomise feature in the previous version of Neo's SafeKeys, but I disabled it in the latest version. I'll look at reintroducing it in future versions.</p> <p>The second idea is not a bad one, and it could appeal to the more security conscious users. I'll see how hard it is to implement.</p> <p>Thanks for the post! Cheers. </p> http://www.aplin.com.au/forum/topic/better-protection#post-301 Sat, 06 Aug 2011 17:27:41 +0000 hes 301@http://www.aplin.com.au/forum/ <p>Hi,</p> <p>I have some ideas of improving protection against screenlogers. I would like your opinion if they are worth implementing.</p> <p>I think option of resizing keys is not good enough, because only area with keys are propotionaly changed. If screenloger knows size of window, it can still easily calculate which key has been clicked. I would like have option of randomize every key position( in menu or after each application start ). So for example instead of a will be x, instead of b will be h, and so on. It will be total random after each start. Typing password will take little longer, but I think its worth it.</p> <p>Second idea is a bit advanced to implement. If screenloger captures a small area(how small? it can be whole screen) around mouse click he can still see what u clicked. (supposedly it get past your screenloger protection). I would like when I mouse over some key and hold for some short time, application will scramble all keys on keyboard randomly. So when I click that key, screenloger captures random key. Next when I start moving my mouse, it unscramble whole keyboard, so I can see where to go for next key. </p> http://www.aplin.com.au/forum/topic/entering-logins-using-safekeys#post-272 Sun, 19 Jun 2011 20:57:00 +0000 neo 272@http://www.aplin.com.au/forum/ <p>You're right - a screen logger <em>can</em> grab the login after you've pasted it in the browser.<br /> However, Neo's SafeKeys will still help to protect your login from keyloggers.</p> <p>It really comes down to increasing your protection. Not typing your logins means that keyloggers can't get your login <em>or</em> password. It just makes it harder for people to steal your username + password. </p> http://www.aplin.com.au/forum/topic/entering-logins-using-safekeys#post-271 Sun, 19 Jun 2011 18:59:51 +0000 safekeyzuser 271@http://www.aplin.com.au/forum/ <p>I'm sorry if this question has been answered but I couldn't find anything on it. Perhaps it should be obvious to me, but I want to confirm that my understanding is correct. If you use safekeys to enter in a login to something, and the letters show up on the screen in the entry bar, does that negate the usefulness of trying to use NSK to hide that login from a keylogger/logging malware of some kind? </p> <p>IOW, is there a point to using NSK to enter logins? Or is it only useful for protecting passwords alone since they are blacked out? </p> <p>Thanks for anyone that could take the time to clarify for me! </p> http://www.aplin.com.au/forum/topic/open-letter-some-smart-keyloggers#post-269 Wed, 15 Jun 2011 22:07:38 +0000 neo 269@http://www.aplin.com.au/forum/ <p>Thanks for your post, Raymond - it's greatly appreciated.</p> <p>I'm glad the standard drag-drop does defeat the keyloggers you tested. </p> <p>As an aside, the main reason for me developing the 'Injection Mode' was for people to be able to use Neo's SafeKeys with KeePass v1.x, my preferred password manager; I figured the potential risk of rare keylogger picking up the injected master password was worth the benefit in having a secure password manager and an on-screen keyboard with good screenlogger protection (which LastPass doesn't have).</p> <p>Thank you for your honesty and integrity. </p> http://www.aplin.com.au/forum/topic/open-letter-some-smart-keyloggers#post-268 Tue, 14 Jun 2011 14:35:13 +0000 raymond 268@http://www.aplin.com.au/forum/ <p>Neo, thanks for the open letter to the tests which I have conducted.<br /> My apologies for not realizing and for not testing the drag-drop technique which you have maintained is the safest method.</p> <p>I tested the non-inject drag and drop mode on the 3 keyloggers (plus an additional keylogger that installs as driver), none of the keyloggers are able to capture the password.</p> <p>I will update my article to reflect on the latest discovery.</p> <p>Keep up the good work. </p> http://www.aplin.com.au/forum/topic/open-letter-some-smart-keyloggers#post-266 Thu, 02 Jun 2011 23:56:57 +0000 neo 266@http://www.aplin.com.au/forum/ <p>I've been informed that respected security website <a href="http://www.raymond.cc" rel="nofollow">http://www.raymond.cc</a> has reviewed Neo's SafeKeys...and has found three commercially available keyloggers that defeat the 'inject' mode.<br /> <a href="http://www.raymond.cc/blog/archives/2011/06/01/neos-safekeys-v3-on-screen-keyboard-vs-12-keyloggers/" rel="nofollow">http://www.raymond.cc/blog/archives/2011/06/01/neos-safekeys-v3-on-screen-keyboard-vs-12-keyloggers/</a></p> <p>To be clear, I have always maintained in the "How Neo's SafeKeys v3 Works" page that the standard drag-drop was the safest technique.<br /> I have also noted in the terms and conditions on install (and in the "About" part of the program) that there is no 100% way to defeat all keyloggers.<br /> I'm now going to be more explicit about that fact.</p> <p>I haven't had time to do a full test/review of these three keyloggers, but I have updated the website to inform users that there is a potential security risk in using the injection mode. The text in the <a href="http://www.aplin.com.au" rel="nofollow">http://www.aplin.com.au</a> homepage and the "How Neo's SafeKeys v3 Works" page has already been updated. I still have a couple of graphics to update, which I will do as soon as I can.</p> <p>Raymond did not test the standard, non-inject drag-drop mode. I will be doing this over the next few days and will report the results.</p> <p>To Raymond - thank you for your testing and your great site. People like you inspire me to continue to improve Neo's SafeKeys. </p> http://www.aplin.com.au/forum/topic/open-source-vs-proprietary-code#post-265 Mon, 30 May 2011 22:46:33 +0000 neo 265@http://www.aplin.com.au/forum/ <p>Hi Pablo,</p> <p>Thank you for your eloquent posting. You have made me think, once again, about Neo's SafeKeys licensing.</p> <p>You make many good points - most, if not all I agree with myself. </p> <p>I have been thinking hard about this since your post, two weeks ago, and you have initiated me investigating the different licensing options that are available for open sourcing.</p> <p>Which license types do you recommend? </p> http://www.aplin.com.au/forum/topic/keep-keyboard-on-top#post-264 Mon, 30 May 2011 22:40:36 +0000 neo 264@http://www.aplin.com.au/forum/ <p>At the moment, no there is not.</p> <p>I'll look at implementing this feature as an option in the next version. </p> http://www.aplin.com.au/forum/topic/keep-keyboard-on-top#post-263 Sun, 29 May 2011 11:45:50 +0000 Melbourne Pest Control 263@http://www.aplin.com.au/forum/ <p>not too sure.. </p> http://www.aplin.com.au/forum/topic/keep-keyboard-on-top#post-262 Sat, 21 May 2011 12:01:10 +0000 dick 262@http://www.aplin.com.au/forum/ <p>When i type in a field,keyboard minimizes.Is there away to keep keyboard on top? </p> http://www.aplin.com.au/forum/topic/open-source-vs-proprietary-code#post-261 Wed, 11 May 2011 08:21:12 +0000 Pablo Torres 261@http://www.aplin.com.au/forum/ <p>Hi,</p> <p>I understand the concern of people stealing your efforts by appropriating your code. So, you decided to develop it as a proprietary application. I imagine that eventually, if successful you will go commercial, by selling the technology or licensing it.</p> <p>My concern is that at this point you are a small entity, who - since we are talking security here, and your software will be in the drivers seat - you or any other proprietary software provider can fool what we fear most: a software that can capture our password.</p> <p>Open source gives me the peace of mind that your software is open to scrutiny by other minds as sharp as yours (some more experienced). While proprietary software can be reversed engineered, exposing you to the loss of your intellectual property, the open source approach allows for explicit verification of your rights to the intellectual property. Companies with larger resources just need to copy the functionality of your software, so they may even copy your idea without the need and legality behind reverse engineering. Speed, reliability and robustness may define your "exit strategy", or you may burn and sink as (BIG) copy cats rob you of your idea.</p> <p>By reverse engineering, a black hat or criminal may gain insight to a possible weakness and quietly take advantage of it. The more successful your software becomes, the larger the number of exposed users.</p> <p>Often, we go alone because we fear someone may take advantage of our efforts; some time, lifetime efforts, or make-or-break commitments. As in any marriage, choosing partners is most important, but there is strength in numbers ... Speed, energy, creativity, experience, etc. may help take your idea to new levels, faster and more productively. 80%, 50%, or even 20% of a larger pot is a great reward, plus the satisfaction of a more powerful software and perhaps a larger legacy to computer security. An increasingly more important component of today's and future computing.</p> <p>Also, a detail and recommendation, assuming your limited resources, anyone can tap into your website and replace your application with malware too. Upon download many can become victims and you may not even become aware. Suggesting users to download from cNet, Softpedia, or other reputable websites may be advisable.</p> <p>Anyway, my concerns over security actually lead me away from what seems to be nice application. I wish you good luck and hope you consider the open source alternative, even if using a tight licensing approach that gives you the most protection to your intellectual property.</p> <p>Regards,<br /> Pablo </p> http://www.aplin.com.au/forum/topic/neos-safekeys-v3-doesnt-work-on-a-game#post-260 Sat, 30 Apr 2011 15:23:22 +0000 neo 260@http://www.aplin.com.au/forum/ <p>Hi Ombra, Neo's SafeKeys v3 works with Tibia if you drag-drop using the Injection Mode.<br /> To enable injection mode, go to the menu Options -&gt; Injection mode, or the fourth toolbar icon. </p> http://www.aplin.com.au/forum/topic/neos-safekeys-v3-doesnt-work-on-a-game#post-259 Fri, 29 Apr 2011 15:53:44 +0000 Ombra 259@http://www.aplin.com.au/forum/ <p>Hello Neo, i've been trying the program with a game called Tibia, but It doesn't work,I tried all.Could you do something about it please?</p> <p>Official game page:<br /> <a href="http://www.tibia.com" rel="nofollow">http://www.tibia.com</a> </p> http://www.aplin.com.au/forum/topic/no-entries-in-password-field#post-257 Sat, 23 Apr 2011 17:18:54 +0000 neo 257@http://www.aplin.com.au/forum/ <p>Great news! Thanks for letting me know! </p> http://www.aplin.com.au/forum/topic/false-sense-of-security#post-256 Sat, 23 Apr 2011 17:17:13 +0000 neo 256@http://www.aplin.com.au/forum/ <p>Hi bsnottm. I wouldn't say "all" other precautions, but yes, you make a very valid point.</p> <p>As you say, some malware applications will capture everything on a web browser, after the user presses "submit" or "go" and before the browser encrypts the data for sending across the web.</p> <p>However, I don't think that should diminish the importance of other security software like anti malware scanners and Neo's SafeKeys - for the following reasons:</p> <p>These 'capture before the browser encrypts' programs are relatively rare - much rarer than keyloggers, screenloggers and the like.</p> <p>If a keylogger captures your password on entry, then any existence of or protection from these 'capture before the browser encrypts' programs will effectively be a moot point.</p> <p>Good, protective software programs and suites are often task-specific, or specialists on what they do. Good virus scanner suites are often not the best-in-class firewalls etc.. Neo's SafeKeys is great at protecting against keyloggers etc, but doesn't help you fight viruses. And programs that could guard against 'capture before the browser encrypts' attacks may not be very good at protection users from keyloggers. In short, get the products that do the best job for you to cover a range of security needs.</p> <p>I would imagine that it is easier for dodgy Internet cafe owners, overly nosy bosses and overly paranoid and protective boyfriends to find and install a keylogger-style program to capture passwords, than it would be for them to install one of these 'capture before the browser encrypts' programs. That, and Neo's SafeKeys can be used on pretty much any Windows computer without installation, protecting you on Internet cafe computers where you aren't given the rights to install. </p> <p>But hey, you could go crazy trying to protect yourself from every possible threat - known and unknown. Just use what works for you. :) </p> http://www.aplin.com.au/forum/topic/no-entries-in-password-field#post-255 Fri, 22 Apr 2011 05:50:17 +0000 sofarsogood 255@http://www.aplin.com.au/forum/ <p>Hi Neo! Just a quick message to say that after a few trial-and-error attempts NSK is working now with Online Armor. Thanks again... </p> http://www.aplin.com.au/forum/topic/false-sense-of-security#post-254 Thu, 21 Apr 2011 02:15:35 +0000 bsnottm 254@http://www.aplin.com.au/forum/ <p>Whilst I appreciate and applaud what you do, and understand how it keeps us much more secure than we would be without it, isn't it nevertheless true that any undetected malware that monitors the network traffic of a PC (PRIOR to encryption) will automatically render all other security precautions useless ? </p> http://www.aplin.com.au/forum/topic/no-entries-in-password-field#post-253 Tue, 19 Apr 2011 03:30:36 +0000 sofarsogood 253@http://www.aplin.com.au/forum/ <p>Hi Neo and thanks for your prompt response. I have identified the source of the problem: it has to do with my Online Armor Firewall. When I disable it, drag and drop works perfectly. The problem is that I tried to configure it allowing NSK to run and to trust it, but it still doesn't work. Only when I disable it...<br /> Any ideas?<br /> Thanks </p>