by christianbryant on 7/8/18, 8:08 AM with 3 comments
by christianbryant on 7/9/18, 3:15 PM
In the paper they note as "a pre-IME design, IM-Visor always recognizes and isolates sensitive keystrokes before the IMEs could access them. To achieve this, whenever a user intends to type in a soft keyboard, the STIE will be initialized to intercept touch events and analyze whether it is a sensitive keystroke."
This model is one that begs a matching and reversed exploration of "sensitive keystroke" emulation and whether such pre-IME analysis can be fooled.
by olliej on 7/9/18, 9:40 PM
Basically an OS should be able to easily identify when you’re using a platform password field for instance and not interact with the IM (although that causes problems with assistive technologies). But the OS can’t really handle every third party reimplementation of password fields. Presumably a 3rd party solution would be able to rev faster and stay more up to date than the OS. (The risk balance when the OS is involved is higher than for just the IM as if it does break you can always remove the “visor”, but doing so in the os is harder.