Will the new SpyShelter offer protection against Ring0 - Level Threats?
I would assume, ScreenPhantom was not able to do it, because Multi-Screen Windows was not protected against screenshots by system screenshot tool.
Is something like protected sidechannel or encryption before Ring0 for keystrokes possible?
Thank you for your question.
To everyone reading, I believe in this case Ring 0 means the keylogger would have kernel access, or the highest level of access to the OS.
To avoid giving something Ring 0 access you might focus on protecting your Windows OS system integrity. With the latest SpyShelter we monitor (and can prevent) drivers, system, and registry changes in most cases. Hopefully this can help protect against a Ring 0 type of threat…
But, as far as keyboard encryption preventing a Ring 0 threat, it’s unclear. Keyboard encryption can involve injecting into an app… but if it’s a Ring 0 threat, can it see past the changes made by the injection (by the antikeylogger)? It would depend on many things.
The Ring 0 threat could theoretically just add a driver that sits on top of a physical keyboard and reads raw events…
We will work hard to make SpyShelter protect the Windows System and protect executables from launching, but if you are already infected with a Ring 0 threat the it would depend on how it functions.
It’s not possible to answer your question for sure, but if there is a specific documented Ring 0 threat out there with more details we’d be glad to investigate it while we work on bringing back Antikeylogger capabilities the best way possible.
With many security tools they may work great, then something new will come and they should be improved. We plan to work hard to follow the latest threat trends and improve SpyShelter so it can stay as up to date to help protect your PC.
I hope this helps answer your question a bit and I wish I could be 100% certain, but I think if anyone says they are 100% sure their software will protect 100% from something in every single case, then they are probably lying.