From reports published by West Coast Labs, it's a purely software-only solution that consists of some sort of (Win9x/Win2K/XP only) low-level keyboard driver interface that bypasses the standard Windows user-level interface and sends keystrokes directly to the application, in the same way
http://www.bluegemsecurity.com/ claims that they can encrypt data from the keyboard to the web browser, bypassing trojans and sniffers, however the web pages are completely lacking in any detail on what they're actually doing. that a number of OTFE packages directly access the keyboard driver to try and evade sniffers. The West Coast Labs tests report that they successfully evade all known sniffers, which doesn't actually mean much since all it proves is that LocalSSL is sufficiently 0-day that none of the sniffers target it yet. The use of SSL to get the keystrokes from the driver to the target app seems somewhat silly, if sniffers don't know about LocalSSL then there's no need to encrypt the data, and once they do know about it then the encryption won't help, they'll just dive in before the encryption happens. Anyone else have any additional information/comments about this? Peter.