Keylogger Risk

shipdriver

We'd all like simple answers to very complex problems. But we know that's not reality.

Using a computing system as safety as possible is not a simple problem, nor is there a simple solution. It is a multi-layered problem that involves technology, human factors, a required level of knowledge, and a level of risk assessment (that is nearly impossible for most of us, so most punt). So, we all make certain trade-offs, and often convenience and impatience wins.

All you can do is your best, and accept that there is some amount of risk, always. And there will always be someone smarter, more sophisticated, and more determined than you and me. We will never beat the Three-card Monte wizard, and we will never beat the black-hat sufficiently motivated to own us or our secrets. We have to build and defend our fortress; the attacker just has to find a single weakness to exploit.

But it is probably safe to say that the more you understand these complex systems, the more you avoid higher-risk behaviors, the more you understand the attack vectors, the more you allow experts to help make your computing environment safer, the more you follow the best security advice available, the better your chances are of avoiding malware or being tricked into revealing secrets.

Consider your own assessment that Kaspersky is "good virus protection", but you also say "I'll always have one running". You may or may not be aware that Windows comes with excellent anti-malware built-in. Is Kaspersky "better" or "worse" or sufficiently similar - that's a very difficult assessment. The need to purchase 3rd party antivirus software has been essentially eliminated from Windows and macOS, but users feel safer if they spend money on these products.

So, no, there is no 100% good enough answer, and there never will be. Reject any such statements of certainty, unless the topic is death or taxes.