Full Disclosure mailing list archives
Re: Firefox Addon: KeyScrambler
From: Christian Sciberras <uuf6429 () gmail com>
Date: Thu, 9 Dec 2010 11:26:53 +0100
I tried installing this plugin to Firefox 3.6.12 in a virtualbox XP32(SP3)
environment and it is incompatible.
I may wait for an update to the plugin and analyse its behaviour,
providing my curiosity doesn't wane in the meantime. Alternatively, you can just decompress the XPI (it's in fact a zip) and inspect the js files and/or decompress any binaries. I suppose they are distributing some form of driver, so you'd find IDA/ollydbg useful. Chris. On Thu, Dec 9, 2010 at 11:23 AM, mrx <mrx () propergander org uk> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/12/2010 11:30, Tim Gurney wrote:Hi This seems to contradict itself somewhat. A plugin to firefox should have no way to encrypt things at a driver level within the kernel, that would require installing seperate software at the root level, a plugin should not be able to do this and i would be VERY worried and surprised if it could as it would mean bypassing the security of the OS.I tried installing this plugin to Firefox 3.6.12 in a virtualbox XP32(SP3) environment and it is incompatible. I may wait for an update to the plugin and analyse its behaviour, providing my curiosity doesn't wane in the meantime. I am not a professional, I do this kind of research as a hobby and for educational purposes, when I have some free time.Also if the driver is encrypting the key strokes and the plugin is decrypting, what about all the keystrokes that are not in firefox, like email, word processing, programming, there is nothing to decrypt these so you would end up only ever being able to use firefox on the machine and nothing else every again.The devs do state that it only encrypts keystrokes in Firefox and not other applications, although they do sell a version that supposedly works "in over 160 browsers and applications".personally I would not touch this with a barge pole and I would do a lot more more digging and checking into this.Yes, I am sceptical of claims, hence the post to this list.regards TimThanks for your input Dave.On 08/12/10 11:12, mrx wrote:Hi list,Is anyone familiar with the firefox addon KeyScrambler? According todevelopers this encrypts keystrokes.Quote: "How KeyScrambler Works: When you type on your keyboard, the keys travel along a path within theoperating system before it arrives at your browser. Keyloggers plantthemselves along this path and observe and record your keystrokes. Thecollected information is then sent to the criminals who will use it tosteal from you.KeyScrambler defeats keyloggers by encrypting your keystrokes at thekeyboard driver level, deep within the operating system. When the encryptedkeystrokes reach your browser, KeyScrambler then decrypts them so yousee exactly the keys you've typed. Keyloggers can only record theencrypted keys, which are completely indecipherable."Can this be trusted? As in trusted I mean not bypassed.Input from the professionals on this list would be much appreciated.Thank you regards Dave_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Mankind's systems are white sticks tapping walls. Thanks Roy http://www.propergander.org.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBTQCuDrIvn8UFHWSmAQIgqAf9GJ6zNdmPxhCCsxJ10gmsBl5KixH6Wmi4 oSJs309oRg5sBgBWmuXxTDE7cOlnzeW9BYMf/j2IepKPIKhrO4PO0u001yMlLd0K Jn0dG9wvEyyUiua5zeiHVB8ff1w2Op/AlDA3i3JK5GZrcnBZulh0dn9zpfIcRtW9 RhYNA0DTYLX72840s7uTCItKtLHRqKfuSakPmaX+J+9xci6/SM38YdMCul+d54CU EayoJYjURXYG4GtFUUQA6uOqmn4pbQfSkP2/hAB04kNCghzY0TkDhP2VWQ24/dgj CKqxM3vTcXrjcdM3k13WpRaIMgjZnBiklGJ0ZhE0gxRYACTfPJLolw== =a6QP -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Firefox Addon: KeyScrambler mrx (Dec 08)
- Re: Firefox Addon: KeyScrambler Dan Kaminsky (Dec 08)
- Re: Firefox Addon: KeyScrambler mrx (Dec 08)
- Re: Firefox Addon: KeyScrambler Tim Gurney (Dec 08)
- Re: Firefox Addon: KeyScrambler mrx (Dec 09)
- Re: Firefox Addon: KeyScrambler Christian Sciberras (Dec 09)
- Re: Firefox Addon: KeyScrambler mrx (Dec 09)
- Re: Firefox Addon: KeyScrambler Christian Sciberras (Dec 09)
- Re: Firefox Addon: KeyScrambler Gary Baribault (Dec 09)
- Re: Firefox Addon: KeyScrambler mrx (Dec 09)
- Re: Firefox Addon: KeyScrambler Dan Kaminsky (Dec 08)
- Re: Firefox Addon: KeyScrambler mrx (Dec 09)
- <Possible follow-ups>
- Re: Firefox Addon: KeyScrambler Elazar Broad (Dec 09)
- Re: Firefox Addon: KeyScrambler mrx (Dec 09)