VMware
1 Replies Last post: May 17, 2005 11:59 AM by magi  

Keystroke loggers posted: May 17, 2005 4:35 AM

Click to view Cesare's profile Lurker
Cesare
3 posts since
Nov 10, 2004
Hi,

Can VMware ACE be secured against keystroke logging, especially when logging in the GINA of the OS?

ACE can be made very secure as a system in a foreign environment (Fully locked settings and network through Cisco VPN to company). The only thing is that a keystroke logger is able to capture login credentials. This is a showstopper for our company.

Anybody with an idea?

Cesare Auteri

Re: Keystroke loggers

1. May 17, 2005 11:59 AM in response to: Cesare
Click to view magi's profile Master
magi
2,096 posts since
Aug 8, 2003
There's unfortunately nothing (strongly secure) that we can do about this. This isn't supposed to be a cop out answer, there's really no way to accomplish this on current hardware. We talk to the keyboard through the host OS, so if the host OS is compromised and running a keyboard logger, it will see the keystrokes. We could try to combat this by interfacing with the keyboard device at a lower level, but so could the keyboard logger.

This is one of the problems that the various future secure hardware proposals (like NGSCB) try to solve, by giving you a cryptographically secure channel to input/output devices. On current hardware, anything privileged in the system can see everything going on in the system.

Actions

VMware Developer

SDKs, APIs, Videos, Learn and much more in the Developer community.

Learn More

Developer Sample Code

Increase your developer productivity with VMware API sample code.

Learn More

VMworld Sessions & Labs

Online access to the latest VMworld Sessions & Labs and online services.

Learn more

Purchase PSO Credits Online

Purchase credits to redeem training and consulting services online.

Buy Now

Community Hardware Software

View reported configurations or report your own.

Learn More

VMware vSphere

Come witness the next giant leap in virtualization.

Register Today

Communities