Beating keyloggers

Asked by welshmike on 2012-11-27

A friend of mine running a Microsoft Windows operating system had his system compromised by a keylogger, his bank account raided and he suffered other costly problems.
I run Ubuntu to access my bank account and other financial accounts.
If I use Onboard on-screen keyboard, which is nicely provided by default in my Ubuntu distro, will that prevent capture of any characters I click on the Onboard on-screen keyboard being captured in the unlikely event that Ubuntu should become infected with a keylogger?

(edited for better clarity)

Question information

Language:
English Edit question
Status:
Solved
For:
Onboard Edit question
Assignee:
No assignee Edit question
Solved by:
marmuta
Solved:
2012-11-28
Last query:
2012-11-28
Last reply:
2012-11-28
Best marmuta (marmuta) said : #1

Thanks for the question. You'd probably want to talk about this with a kernel expert, so take my thoughts with a grain of salt.

Onboard is meant to be a versatile keyboard, usable in most situations where hardware keyboard input is expected. This requires it to simulate key strokes and send them on a path through the system, similar to the one hardware keystrokes would take. This is what applications understand, but on the other hand, it leaves few obstacles for malicious software either.

As far I can tell, Onboard may be able to protect from certain hardware key-loggers, but I'd expect software-loggers wouldn't be hindered much. A more secure screen keyboard would have to be less compatible by design, and probably be built into its target application to cut the input path short. Pointer events would still be visible to loggers, though.

I think, as you hinted, the best defense on GNU/Linux systems is the (still) low probability for infection and also the ability to run known-good live-images for sensitive activities, like banking.

welshmike (w3lshm1k3) said : #2

I decided to implement a different solution that I believe guarantees that I run my online access to my bank account, etc.
The solution I've posted elsewhere.
Essentially it is to run VirtualBox on my host Ubuntu system, install an Ubuntu guest from an iso downloaded from http://www.ubuntu.com/, immediately save a permanent snapshot of it and subsequently start that snapshot for banking purposes.

miguelator (miguel+angel) said : #3

You can check the operation of onboard easily as follows:
Install Logkey to record keystrokes try keyboard and then try onboard, you will see how to onboard no records.

1-Install Ubuntu Logkeys: Write on the terminal code: sudo apt-get install logkeys
2-Create a file called key.log in / home / your_username / key.log
3-Now Open end and write code:
    touch key.log
    sudo logkeys --start --output key.log

Now Logkeys is running and keeping everything that is typed on the keyboard.
Try both keypads and check the results.

To stop recording and stop the process of writing the application in the terminal code: sudo logkeys --kill
good luck