Is it possible to have a C# Winform with in-built Anti-Keylogger?

views:

234

answers:

+2 Q:

Is it possible to have a C# Winform with in-built Anti-Keylogger?

Every security systems have its limits. I understand that hardware key logger cannot be beaten as it is connected to the hardware itself. Also it is not a concern at this point as most of the time it is used by programmers and ethical hackers to log themselves, on top of which most of the time cautious users will be able to visually identify any unwanted hardware (forget gov. agencies).

But as a developer it is often a concern to protect the user! So is it possible for me, as a programmer to integrate a layer of security in my windows form that will be able disable any active key logger/s (i.e. Software based) on user’s system, by implementing some kind of anti hooking trick? Plus most of the software key loggers now days support “Screen shots” is there any way to escape it?

It is possible, but the heuristics to detect one would not be worth the time. It would be appropriate to allow the PC to have a good anti-virus/malware. If you are really paranoid, you could code an on-screen keyboard that inputs through the mouse for your application, very similar to what ING Direct has for PIN input.

Daniel A. White 2009-11-21 23:38:44

The logger can take a screenshot and log mouse clicks.

Martinho Fernandes 2009-11-21 23:42:25

Seriously, if you are very paranoid, you shouldn't.

Martinho Fernandes 2009-11-21 23:44:23

It is harder to track those things.

Daniel A. White 2009-11-22 00:27:54

Short answer: possibly, but probably not worth the effort.

o.k.w 2009-11-21 23:39:14

+1 A:

I presume you are worried about users entering their credentials and them being captured.

If this is the case then you need to establish a method of ensuring any captured details are not of use.

A method employed by many banks, and even World of Warcraft now, is the use of a portable token generator. The user then enters their username, password, and typically a PIN displayed on the token generator. These PINs exist for only a few seconds and never repeat. This means the nefarious user who intercepts the credentials can not authenticate with them.

I have never used them, and have no idea how you would source them, but you can read about them here:

http://en.wikipedia.org/wiki/Security%5Ftoken

It seems to me this is a better method than trying to stop a keylogger from attacking your application.

Martin 2009-11-21 23:51:51

Even two form factor authentication (which is what this is) is not safe, it is susceptible to man-in-the-middle attacks.

slugster 2009-11-21 23:59:14

How so slugster? Not doubting, just interested.

Martin 2009-11-22 00:41:07

the concept of OTP is good alternative. thanks

Neel 2009-11-22 08:55:20

+2 A:

Even shorter answer: not from c#. For reason's i'm not even going to go in to. Even though you could traverse all the modules that have inserted a keyboard hook, how would you determine whether it is a keylogger, and not something legitimate?

slugster 2009-11-21 23:57:00

well i am clear now that its not very practical but just for the sake of curiosity, say it can be done will it matter if its legitimate or not if its implemented on the log in form?

Neel 2009-11-22 08:50:19

The adversary has admin rights on the machine. You've already lost.

If you want to protect the user against such attacks best practice would be to run the application on a 'red' network and restrict the software going onto that network. And prevent data from the 'red' network ever being taken away. Even the security agencies are starting to get fed up with the cost and inconvenience of that.

Alun Harford 2009-11-22 00:46:49

ansaurus

tags:

views:

answers:

Is it possible to have a C# Winform with in-built Anti-Keylogger?

related questions