Security and keyboard drivers

Paracas
Paracas
Community Member

Hello,

In your documentation, it is written that 1Password uses secure input fields to prevent keyloggers for example. However, many mechanical keyboards (and others) are relying on additional drivers for improved functionalities. These drivers have direct access to the keyboard inputs and could, in theory, capture many confidential information (example, Logitech G Hub). Should we be confident in the security model of these drivers? Or is it better to avoid or uninstall them altogether?

Many thanks


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • DanielP
    DanielP
    1Password Alumni

    @Paracas:

    These drivers have direct access to the keyboard inputs and could, in theory, capture many confidential information (example, Logitech G Hub).

    From a technical point of view, if these drivers can have direct access to keystrokes, then they have the possibility to capture all your typing information, despite protections put in place by applications installed on this machine. 1Password adds several layers of protection against various types of attacks (keyloggers included), but they cannot perform miracles on a compromised machine [1].

    Therefore, anything you do to lower your attack surface is beneficial to your overall security posture. Not to mention that access to information stack layers below the one 1Password works at can be difficult to handle (or even detect) at the application layer (as is typically the case with drivers).

    Should we be confident in the security model of these drivers? Or is it better to avoid or uninstall them altogether?

    This is a judgement call that only you can make: do you trust the issuer of the drivers, and the security model of the drivers? And even if you do consider the drivers trustworthy right now(perhaps because you trust the company behind them, or perhaps because you have investigated the code yourself), they still are another potential avenue of attack, as they could still get compromised in the future: the fact that they have access to this information in the first place is what makes them risky. Only you can decide whether the benefit these additional features bring you overweigh the security risk.

    ===
    Daniel
    1Password Security Team


    [1] From a security perspective, having access to keystroke information is equivalent to having a keylogger installed, so in that sense 1Password must consider that system compromised.

This discussion has been closed.