Here is an update on this situation. The makers of PestPatrol have acknowledged that PestPatrol's report about pipnss.dll (seen earlier in this thread) was a false alarm, and claim they have fixed it in the current update to that product. See http://pestpatrol.com/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=12;t=000067 for the official statement.
Previously, someone conjectured in this thread that the alarm was caused by the way mozilla uses keystrokes for the generation of random numbers. PestPatrol apparently found some set of bytes in pipnss.dll that made it conclude pipnss.dll was actually the phantom keystroke logger. But we have no knowledge of what part of pipnss caused that false match. We have no evidence that the matching bytes were in code that makes random numbers from keystrokes. The matching bytes might have come out of XUL code for the GUI, or the RSA encryption code, or any other portion of pipnss.dll. Now that the alarm has been declared false by its maker, I think that conjecture is moot. One more point: AFAIK, Mozilla does not "gather" or "sniff" or "intercept" keystrokes that belong to other programs. Mozilla just receives the ordinary keystrokes that are typed into its own visible windows. When a user types keystrokes into a window, the OS (or X server) sends those keystrokes to the application associated with that window. Any normal windows program receives the keystrokes that get typed into its own windows. That's what mozilla does. A keystroke sniffer attempts to collect all the keystrokes on the system, or the keystrokes for windows that belong to specific other programs, not just those that go into its own windows. Usually, a keystroke sniffer tries to hide the fact that it is running. Mozilla doesn't do that. -- Nelson Bolyard Disclaimer: I speak for myself, not for Netscape
