I came across the XecureCK tool in Brien Posey’s recent SearchWindowsSecurity.com article. It’s an application-specific program that’s downloaded as an ActiveX control that must be installed on the user’s browser (sort of ironic, eh?). It essentially creates an encrypted link between the Windows keyboard driver and the Web site to keep the user’s credentials safe and secure…at least the credentials for that one Web site.
Thinking back to my days of assembly language programming, I suspect that there’s a way for malware to hook into the keyboard interrupt to override this. Essentially sit “above” the driver and still grab the input from the keyboard. We’ll see…
Still a pretty neat app that benefits the Web site owner as much as it does the user. Good way to stay out of trouble and minimize liabilities.