Replies to post #123122 on Zerify Inc (ZRFY)

[Knewb]

Nobody ever said that encrypting keystrokes will 100% prevent a network breach.

"So yeah, I think StrikeForce's products can help prevent any breach."

Reading comprehension 101.

http://www.esecurityplanet.com/network-security/22-percent-of-data-breaches-are-caused-by-compromised-credentials.html

Drop mic....now.

SFOR

[WBCTrader]

It administrator here.


I work in the financial district. If an attacker is logging your keystrokes you are already compromised to some extent. It means he made it thru your firewall (a breach in the companies "layered security" approach).
Now, keystroke encryption software would be very good to have in that scenario, but it would not protect you fully, because you already have someone on the inside of your network. There are other ways to steal credentials than "logging keystrokes". Printers, copiers, routers, switches, etc... to some extent all have credentials on them also. credentials can also be stolen using a LLMNR/NBT-NS poisoning attack which will capture user network hashes. You can then use limited hardware resurces to gain access to the domain.

In my experience with penetration testing, networking within my peers in the industry, and my own personal experiences. Poisoning attacks on a network, shoddy network domain configuration exploitation, and The lesser known devices like printers (that are networked) and copiers (again networked) are much easier to "hack" and steal some sort of network credentials from, than logging keystrokes on a computer.