http://www.aplin.com.au/forum/topic/drag-038-drop-truecrypt Discuss Neo's SafeKeys here en-US Thu, 11 Mar 2010 17:57:05 +0000 http://bbpress.org/?v=1.0.2 q http://www.aplin.com.au/forum/search.php http://www.aplin.com.au/forum/topic/drag-038-drop-truecrypt#post-37 Thu, 10 Sep 2009 10:08:27 +0000 neo 37@http://www.aplin.com.au/forum/ <p>Hi Blake,</p> <p>I've just created a short demonstration video on how to do the dragging and dropping. You'll be able to access it at: <a href="http://www.youtube.com/watch?v=honY4H1f_z0" rel="nofollow">http://www.youtube.com/watch?v=honY4H1f_z0</a> Hope it assists you.</p> <p>Copy pasting is not recommended at all, as many keyloggers also monitor the clipboard. </p> <p>Dragging and dropping is the only technique that I know to be safe.</p> <p>Neo. </p> http://www.aplin.com.au/forum/topic/drag-038-drop-truecrypt#post-36 Tue, 08 Sep 2009 18:27:10 +0000 Blake 36@http://www.aplin.com.au/forum/ <p>Hello i just down loaded the Key board and have no idea on how you drag and drop via to get into my email account i am sorry for taking time out of your day to get a petty question answered. Also would copy/pasting the ***** from the key board to notepad then copy/paste it to what you want or is that just as dangerous?. </p> http://www.aplin.com.au/forum/topic/drag-038-drop-truecrypt#post-34 Sun, 23 Aug 2009 09:16:20 +0000 neo 34@http://www.aplin.com.au/forum/ <p>Hi paffke,</p> <p>Thanks for the post. Yes, I'm aware that TrueCrypt doesn't allow drag-drop. Same as Opera, World of Warcraft and some other applications.</p> <p>I have spent a <em>lot</em> of time finding ways to get around this, and to improve Neo's SafeKeys in general. However, in my extensive research and testing, I've found that dragging and dropping is the only safe technique to use.</p> <p>I use some commercial and freeware keyloggers to test the effectiveness of Neo's SafeKeys, and to test possible new features. I have even written my own keylogging program that does keyboard, clipboard and screenshot logging - for my personal testing purposes only. </p> <p>I have looked at Mouse only Keyboard. It's not a bad application, and it does defeat programs that <em>only</em> do keylogging. But I know that it isn't very effective against clipboard loggers. My test keylogging application captures Mouse only Keyboard passwords every time. </p> <p>...and as much as I'd love for Neo's SafeKeys to work with all applications, I don't want to use the clipboard, which is inherently unsafe.</p> <p>Cheers,</p> <p>Neo </p> http://www.aplin.com.au/forum/topic/drag-038-drop-truecrypt#post-29 Mon, 20 Jul 2009 05:13:42 +0000 paffke 29@http://www.aplin.com.au/forum/ <p>Hello there. First off, thank you for providing the community with your "safe" on-screen-keyboard, it certainly plugs a hole many people aren't even aware of. </p> <p>Unfortunately, as seems to have been discovered with other programs as well (Opera?), some applications won't work as "recipients" of SafeKeys drag/drop operation, in this case i'm talking about TrueCrypt. This is very unfortunate, as passwords to encrypted filesystems are obviously quite "valuable" and there is really no other option in TrueCrypt than to enter your keyphrase using an inherently unsafe keyboard. Now, i know it's definitely not your fault that the people programming TrueCrypt wrote their software the way they did, but maybe there'd be other ways to send a password to a target application than just drag and drop? A software similar to your's, called "mouse only keyboard" seems to use a sort of locked clipboard that cannot be read by keyloggers monitoring your clipboard, maybe this could be an alternative? </p>