快猫短视频

Fake pointers on your screen foil ‘shoulder surfers’

Identity thieves sneaking a peek at your password will be foiled when there's a blizzard of pointers on the screen
I know what you're doing
I know what you鈥檙e doing
(Image: Ahmad Halabisaz/Eyevine)

EVER suspected somebody is stealing a glance at your screen as you log in to secure services like online banking in a public place? A blizzard of fake mouse pointers could foil such 鈥渟houlder surfers鈥.

Many online banking websites ask you to log in using your mouse and an on-screen keyboard, as these fool most keylogger viruses. The trouble is that a snooper can see exactly what buttons you press to enter your password. Alexander de Luca and colleagues at the University of Munich, Germany, decided to find a way to throw an attacker off the scent.

Their answer is to allow a user to call up an array of 16 different mouse pointers when the on-screen keyboard is active. Only one pointer is the one that you are actually controlling; the others appear to press keys at random to distract the snooper, says team member Emanuel von Zezschwitz.

In tests with 39 volunteers, they found a shoulder surfer was able to steal a password 90 per cent of the time without the fake pointers turned on. But when they used them, attackers succeeded only 5 per cent of the time with 16 and 35 per cent with eight pointers. The work will be presented at a conference on in Paris in April.

Topics: Computer crime