I came across the XecureCK tool in Brien Posey’s recent SearchWindowsSecurity.com article. It’s an application-specific program that’s downloaded as an ActiveX control that must be installed on the user’s browser (sort of ironic, eh?). It essentially creates an encrypted link between the Windows keyboard driver and the Web site to keep the user’s credentials safe and secure…at least the credentials for that one Web site.
Thinking back to my days of assembly language programming, I suspect that there’s a way for malware to hook into the keyboard interrupt to override this. Essentially sit “above” the driver and still grab the input from the keyboard. We’ll see…
Still a pretty neat app that benefits the Web site owner as much as it does the user. Good way to stay out of trouble and minimize liabilities.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”