Status
Not open for further replies.

Spawn

Administrator
Verified
Staff member
HitmanPro Alert offers Keystroke Encryption for web browsers. However, during my tests with Zemana Simulator and SpyShelter test tools, all keystrokes were captured and clearly displayed as being non-encrypted. This included typed text and links shared to the clipboard.

Does this mean only the Username and Password fields of websites are protected or the whole session?

Below are details from the Surfright website:

Keystroke Encryption
Protects credentials against keyloggers in the browser​

More about HitmanPro Alert: http://www.surfright.nl/en/alert

If by chance my testing procedure was incorrect, if someone is willing to test the keystroke encryption against the test tools or their own, let me know if you produce the same results. Used with Google Chrome 32-bit.
 
Y

yigido

It can crypt my keystrokes in Comodo Dragon, I tested with SpyShelter tool.
HMPA can crypt all keystrokes in your browser not only username and password fields.
I can say this Zemana Antilogger crypts them better and more complex.

I write "aaa" in my browser and in the test tool "euw", HMPA did its job good.
While using Zemana Free Antilogger, the test tool only shows "yyy" for your every stroke, it has more powerful encryption method than HMPA.
This is all I can say about it. Mine works flawlessly
While I am writing this post, it encrypted all. This is all you can see
 

venustus

Level 50
Verified
Trusted
Content Creator
Tested, does not work for me either. Gonna stick with SpyShelter's encryption - it encrypts everything, not just browsers.
What other security software are you running!
There are some known conflicts with the Keystroke Encryption!
 
D

Deleted member 2913

SpyShelter Free doesn't provide keystroke encryption, right?
SS Free is for 32 Bits system only, right?

Zemana AntiLogger Free provides keystroke encryption, right?
Its for 64 Bits system too but installs in program files 86, right?
Under protection modules there are---
Keystroke Encryption - This is set & forget & doesn't require user input, right?
SSL Intrusion Prevention---
Protects SSL (https) data pre-encryption.
Prevents Man-in-the-Browser (MitB) & HTML injection attacks.
Monitors the Trusted Root CA store for fake root certificate installations.
Does any of the 3 protections under SSL Intrusion Prevention require user input?
 

Cats-4_Owners-2

Level 37
Verified
Trusted
It can crypt my keystrokes in Comodo Dragon, I tested with SpyShelter tool.
HMPA can crypt all keystrokes in your browser not only username and password fields.
I can say this Zemana Antilogger crypts them better and more complex.

I write "aaa" in my browser and in the test tool "euw", HMPA did its job good.
While using Zemana Free Antilogger, the test tool only shows "yyy" for your every stroke, it has more powerful encryption method than HMPA.
This is all I can say about it. Mine works flawlessly
While I am writing this post, it encrypted all. This is all you can see
Working well here:

I remember having received Zemana free from @Jack (for 1 year) shortly after joining MalwareTips, and always liked it. Seeing these pictures serve as a reminder how some of us (including :eek:me!) might be missing out on the significant key stroke encryption security I once had too!:rolleyes:
 

Azure

Level 25
Verified
Content Creator
What other security software are you running!
There are some known conflicts with the Keystroke Encryption!
HitmanPro.Alert is design to automatically disable its own encryption if it detects another product with Keystroke Encryption. At least that's what I recall reading in Wilders.

However the Keystroke encryption has had an history of not working correctly for a long time now. Anyone can go to Wilders and see how a lot of the discussion in the HitmanPro.Alert thread revolves around those problems. For some it works, for others it doesn't.
 

chrcoluk

Level 1
I ran this test using hitman pro alert, and all is encrypted that is added to exploit blocker apps I observed, so anything like notepad which the exploit blocker doesnt detect isnt encryption, like windows search box also, but any app you add to protection gets encrypted, this is a problem because hit man pro alert doesnt allow any executable to be added to its exploit blocker, only what it detects. But still its better than nothing just not perfect.



(edited made mistake)
 

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Build 351 (2016-01-19)
  • Added Silent Audit feature.
  • Added dual code signed signatures (Authenticode) on EXE, DLL and SYS files.
  • Improved Webcam Notifier to support Windows Hello.
  • Improved feedback to user when failing to activate a product key.
  • Improved keystroke encryption when BadUSB is disabled.
  • Improved settings upgrade from old version of Alert.
  • Fixed keystroke encryption compatibility with Trusteer Rapport.
  • Fixed race condition when specifying both /install and /lic command line switches.
  • Fixed rare BSOD in hmpnet driver on some Windows 10 computers (build 10586).
  • Changed BadUSB protection default to off for new installs.
  • Updated network component for improved compatibility and performance.
 
Status
Not open for further replies.
Top