Computing devices are subject to ever increasing security risks. To protect against attacks and prevent security breaches, one or more techniques for establishing a level of trust are implemented by computing devices. Typical techniques for establishing a level of trust include prompting a user to confirm that a sensitive operation, such as changing a security setting or installing a new trusted PKI based root certificate, should be performed. Other techniques include prompting a user for credentials, such as user passwords or smartcard PIN number.
Unfortunately, there is no way to distinguish between a legitimate application and a malicious program prompting the user in today's computing platforms. For example, a malicious program may generate a prompt requesting a user to enter their password that appears to have been generated by, and is identical to one of, a legitimate application. In addition, in Windows®, the architecture makes it is possible for a malicious program to monitor Windows messages and user keystrokes for the purpose of intercepting inputs to a legitimate application. Furthermore, it is also possible for that malicious program to programmatically drive a legitimate application, such that the application dismisses user confirmation of sensitive operations. For example, a user may make changes to the security settings of a firewall application. If confirmation is programmatically dismissed the previous security settings are maintained, which may make the computing device vulnerable to attack.