Why not deploy the numpad fix to everyone?

  • 31 January 2013
  • 2 replies

Userlevel 7
Badge +6
Could someone break down the exact technical reason that the numpad registry key shouldn't be deployed to every computer? I haven't seen an explanation of the exact cause of computers ignoring numpad input other than its the Identity Shield. Or what I lose by applying the key to a computer.


Best answer by JimM 7 February 2013, 01:10

View original

2 replies

Userlevel 7
By default, WSA puts the numpad into an "on" state in order to protect the numbers from being keylogged by any unknown-flagged keylogger that potentially exists on your system.  This is a secondary layer of protection in addition to the standard blacklisting actions we would take on any discovered keyloggers, which would prevent them from running at all.  In the event we hadn't yet determined a keylogger in our threat database, and if it was present on your system, the Identity Shield can still block the keylogging actions.  Where it's possible to run into an issue is if you want to use the num-pad for the arrows and other functions that already exist on other keys on a standard desktop keyboard.  Windows does not properly report the status of the num-pad, which can cause the Identity Shield to misinterpret the state of the num-pad if it was programmed to look for a specific state.  It's also not feasible to have it ask the hardware itself if the num-pad light is on for instance.  Therefore we cannot always reliably know what state the num-pad is in. Thus, we created the registry patch to turn off keylogger protection on the num-pad for customers who must use the secondary num-pad functions.  This does limit the secondary layer of protection to some extent, insofar as the num-pad is not protected in that specific way once the patch is applied.  We have not pushed out the patch to customers wholesale for the same reason the software was designed to turn on the num-pad by default - doing it this way provides more protection.  It's important to stress that, either way, you're still protected, but more so when both methods are in place to combat a keylogger.  We are looking into other ways of dealing with num-pad nuances, but at the moment, we can resolve this kind of issue for any customer reporting it on an as-needed basis.
Userlevel 2
Badge +3
It would be sufficient for us if WSA let us/users switch back to functionkeys and does not sticking the numbers on the pad. Actually only numbers are available even when you switching back to arrowkeys - the light is off but the functionality is as before - numbers.
Any plans to fix that?