Drag & Drop / TrueCrypt « Aplin Software Forum

Aplin Software Forum » Neo's SafeKeys Forum

Drag & Drop / TrueCrypt

(4 posts) (3 voices)

Started 1 year ago by paffke
Latest reply from neo

Tags:

paffke
Member

Hello there. First off, thank you for providing the community with your "safe" on-screen-keyboard, it certainly plugs a hole many people aren't even aware of.

Unfortunately, as seems to have been discovered with other programs as well (Opera?), some applications won't work as "recipients" of SafeKeys drag/drop operation, in this case i'm talking about TrueCrypt. This is very unfortunate, as passwords to encrypted filesystems are obviously quite "valuable" and there is really no other option in TrueCrypt than to enter your keyphrase using an inherently unsafe keyboard. Now, i know it's definitely not your fault that the people programming TrueCrypt wrote their software the way they did, but maybe there'd be other ways to send a password to a target application than just drag and drop? A software similar to your's, called "mouse only keyboard" seems to use a sort of locked clipboard that cannot be read by keyloggers monitoring your clipboard, maybe this could be an alternative?

Posted 1 year ago #
neo
Moderator

Hi paffke,

Thanks for the post. Yes, I'm aware that TrueCrypt doesn't allow drag-drop. Same as Opera, World of Warcraft and some other applications.

I have spent a lot of time finding ways to get around this, and to improve Neo's SafeKeys in general. However, in my extensive research and testing, I've found that dragging and dropping is the only safe technique to use.

I use some commercial and freeware keyloggers to test the effectiveness of Neo's SafeKeys, and to test possible new features. I have even written my own keylogging program that does keyboard, clipboard and screenshot logging - for my personal testing purposes only.

I have looked at Mouse only Keyboard. It's not a bad application, and it does defeat programs that only do keylogging. But I know that it isn't very effective against clipboard loggers. My test keylogging application captures Mouse only Keyboard passwords every time.

...and as much as I'd love for Neo's SafeKeys to work with all applications, I don't want to use the clipboard, which is inherently unsafe.

Cheers,

Neo

Posted 1 year ago #
Blake
Member

Hello i just down loaded the Key board and have no idea on how you drag and drop via to get into my email account i am sorry for taking time out of your day to get a petty question answered. Also would copy/pasting the ***** from the key board to notepad then copy/paste it to what you want or is that just as dangerous?.

Posted 11 months ago #
neo
Moderator

Hi Blake,

I've just created a short demonstration video on how to do the dragging and dropping. You'll be able to access it at: http://www.youtube.com/watch?v=honY4H1f_z0 Hope it assists you.

Copy pasting is not recommended at all, as many keyloggers also monitor the clipboard.

Dragging and dropping is the only technique that I know to be safe.

Neo.

Posted 11 months ago #

RSS feed for this topic

Reply

You must log in to post.