Improvement requests :
K-Meleon Web Browser Forum
I have been searching for a fast light browser specifically for high security usage for online banking & shopping sites. K-Meleon is the best I have found & it is completely compatible with 'Sandboxie' virtual protection, but it lacks 2 requirements for my purposes:
1. It does not work with Keyscrambler (qfxsoftware.com) which encrypts browser keystrokes against keyloggers. I had hoped the FireFox plugin might work but it does not. It is compatible with KeyloggerHunter, but you need both for proactive protection against keyloggers.
2. It lacks a phishing site filter to protect against forged sites. I have no idea how IE7 & FireFox do this. I assume they are checking the IP against a database (maybe Google hosted?).
I will probably keep K-Meleon for general purpose browsing because it is a great piece of work. I still have to get used to the nomenclature for 'new window' & 'new layer' which I find confusing. Unlike some posts, I actually like the way the search function works. It's clean & unobtrusive.
Thanks, Dan
1. Reading this, I wouldn't expect too much from such 'proactive protection'. Keyloggers could still log the typed keys before they are encrypted and after they've been decrypted again. Such a program may make you feel better, but the degree of protection is doubtful - especially when you're surfing the web with administrative privileges...
2. Well, I wouldn't say that phishing filters are useless, but - again - I wouldn't expect too much. The best protection against fishing is the one sitting in front of the screen. Turn on your brain before clicking any links in any e-mails. Use only bookmarks/favorites to access your online banking site etc.
Whatever browser and/or utilities you're using: Stay alert!
(The reason why I personally don't like such 'proactive protection' is that it makes unexperienced users think that they're safe. And then they're turning their brains off...)
2.) No phishing filter but an page assesment extension by alain is at testing phase.
It will fetch info about the page (on clicking a button).
We will see whether it is good enough ( I quite like it ).
btw. 1.) is IMHO best done with mouse on a virtual keyboard.
Excellent!
Software keyloggers most commonly are either hook based keyloggers or kernel based keyloggers. For example, they often attach to the keyboard API DLL. This is at the kernel level. The MS on-screen keyboard feeds through this DLL. Therefore on screen virtual keyboards are only good for hardware keyloggers (which are quite rare). This is why I use Keylogger Hunter in combination with Keyscrambler as each targets a different type. I agree that these can be defeated, but so far keyloggers in the wild which can do so are very rare.
Use this forum to talk about a feature you're missing.
Keyscrambler & Phishing Filter
Posted by:
Dan_G
Date: August 23, 2007 10:43AM
I have been searching for a fast light browser specifically for high security usage for online banking & shopping sites. K-Meleon is the best I have found & it is completely compatible with 'Sandboxie' virtual protection, but it lacks 2 requirements for my purposes:
1. It does not work with Keyscrambler (qfxsoftware.com) which encrypts browser keystrokes against keyloggers. I had hoped the FireFox plugin might work but it does not. It is compatible with KeyloggerHunter, but you need both for proactive protection against keyloggers.
2. It lacks a phishing site filter to protect against forged sites. I have no idea how IE7 & FireFox do this. I assume they are checking the IP against a database (maybe Google hosted?).
I will probably keep K-Meleon for general purpose browsing because it is a great piece of work. I still have to get used to the nomenclature for 'new window' & 'new layer' which I find confusing. Unlike some posts, I actually like the way the search function works. It's clean & unobtrusive.
Thanks, Dan
Re: Keyscrambler & Phishing Filter
Posted by:
kko
Date: August 23, 2007 04:09PM
1. Reading this, I wouldn't expect too much from such 'proactive protection'. Keyloggers could still log the typed keys before they are encrypted and after they've been decrypted again. Such a program may make you feel better, but the degree of protection is doubtful - especially when you're surfing the web with administrative privileges...
2. Well, I wouldn't say that phishing filters are useless, but - again - I wouldn't expect too much. The best protection against fishing is the one sitting in front of the screen. Turn on your brain before clicking any links in any e-mails. Use only bookmarks/favorites to access your online banking site etc.
Whatever browser and/or utilities you're using: Stay alert!
(The reason why I personally don't like such 'proactive protection' is that it makes unexperienced users think that they're safe. And then they're turning their brains off...)
Re: Keyscrambler & Phishing Filter
Posted by:
guenter
Date: August 23, 2007 08:36PM
2.) No phishing filter but an page assesment extension by alain is at testing phase.
It will fetch info about the page (on clicking a button).
We will see whether it is good enough ( I quite like it ).
btw. 1.) is IMHO best done with mouse on a virtual keyboard.
Re: Keyscrambler & Phishing Filter
Posted by:
Dan_G
Date: August 23, 2007 11:24PM
Quote
guenter
2.) No phishing filter but an page assesment extension by alain is at testing phase.
It will fetch info about the page (on clicking a button).
We will see whether it is good enough ( I quite like it ).
Excellent!
Quote
guenter
btw. 1.) is IMHO best done with mouse on a virtual keyboard.
Software keyloggers most commonly are either hook based keyloggers or kernel based keyloggers. For example, they often attach to the keyboard API DLL. This is at the kernel level. The MS on-screen keyboard feeds through this DLL. Therefore on screen virtual keyboards are only good for hardware keyloggers (which are quite rare). This is why I use Keylogger Hunter in combination with Keyscrambler as each targets a different type. I agree that these can be defeated, but so far keyloggers in the wild which can do so are very rare.
English