if "someone" has found a way to hijack the grafic system of your machine ================= Also a network firewall on LINUX-based LAN router can be used to prevent from accessing virus's remote desktop servers (to view/grab GUI windows) on infected win-32 machines and sending stolen data from them.
2011/12/5, Sieghard <s_c_...@arcor.de>: > Hallo IvankoB, > > Du schriebst am Sun, 4 Dec 2011 19:15:54 +0500: > >> How about an option to draw virtual keyboard (with related chars) at >> password entry widget ? >> It will greatly protect encrypted RSA keys,.. >> Sure not in an OS window otherwise it can be intercepted by hacked API. > > You cannot avoid that, not with reasonable effort, at least. To really > safely avoid an interception through the grafic system, you would have to > read the keyboard through your own code, and not show anything on the > screen. Everything else would _need_ to use system (API) functions which > could be eavesdropped by an aggressor. > > Additionally, if "someone" has found a way to hijack the grafic system of > your machine, he will also be able to access your keys directly, even your > applications and all data - no further "phishing" neccessary. > Such precautions are only neccessary for access to ressources from external > sources, which may have been manipulated beforehand, like web browsers, or > client requests over the network. > Or, maybe, on a badly administrated Windows machine. ];-> > (Well, a badly administrated Linux machine might not be safer, indeed;) > > -- > (Weitergabe von Adressdaten, Telefonnummern u.ä. ohne Zustimmung > nicht gestattet, ebenso Zusendung von Werbung oder ähnlichem) > ----------------------------------------------------------- > Mit freundlichen Grüßen, S. Schicktanz > ----------------------------------------------------------- > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a definitive record of customers, application performance, > security threats, fraudulent activity, and more. Splunk takes this > data and makes sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-novd2d > _______________________________________________ > mseide-msegui-talk mailing list > mseide-msegui-talk@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/mseide-msegui-talk > ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ mseide-msegui-talk mailing list mseide-msegui-talk@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mseide-msegui-talk