Photolab 3 keylogger?

Hi,
I downloaded PL3 for Mac (Catalina) yesterday and I got a warning during installation that Photolab wants to log my keystrokes, including those in other apps. I did not give permission of course, but why does PL want to monitor my keystrokes? Does PL contain malware?

See the screenshot of the security settings which shows that PL has requested to monitor input from the keyboard (sorry it’s in Dutch)

We are running PL3 on both High Sierra and Mojave and don’t get this. It may be something Catalina has done automatically, but you can always simply, not only disable it by unticking it, you can also delete the item totally

Hi Joanna, thanks for your reply. I have deleted the item as you suggested. But that still leaves the question why PL wants to monitor keystrokes in the first place (which sounds malware-ish to me)

I just had a quick furtle around in my machine and couldn’t find anything untoward, even in the bowels of the PhotoLab executable package. I’m wondering if this was something to do with the installer that maybe didn’t get cleaned up? It would be interesting if someone else with Catalina could check this out.

I had PL3 installed before the Catalina upgrade and have no such entry in my system settings. If in doubt disable it, but remember it if you find anything not working about the software. I can’t imagine why PL3 should require this.

Sandboxing in Catalina got more controlled and this is new to us users and developers. I wouldn’t worry too much: In earlier versions of the systems the installed software could just do about anything without user consent. If you install something you don’t trust you are in trouble anyway.

PS: I just discovered that my installation of FP5 has “Accessibility” rights. When I start FP5 after I removed the access then it asks me again to add it.

Apple introduced a role based model of granting access rights for applications and devices in Catalina. That’s why you will be asked for granting access while installing software or using new devices.

I couldn’t find any more detailed explanation of the roles but that’s the reason why. :slight_smile:

I would uncheck the item but I can think of at least one good reason for them wanting a record of your keystrokes. It makes debugging issues a lot easier if they can capture a complete record of exactly what you did before the hang/crash/reboot/etc. I am not suggesting you should allow that, but it does make some sense if that is what they want to do.

Of course that is a guess, but being a retired software engineer that does make some sense to me. Still, you should keep your system secure and not allow it.

Happy to help! Thanks for leaving a comment.

Rest assured we have absolutely nothing that would request this in PhotoLab. It’s good that you denied it nonetheless, and it won’t impact your usage of PhotoLab in any way.

Do you have other software asking for this? I remember the case of one software (don’t remember the name unfortunately) that would bring dictionaries and specific auto-correction in other applications by injecting itself directly into the app, thus modifying their behaviour, so it could bring this kind of behavior.

It is better if you identify the cause of this problem and remove it as they affect reputation of the software. The only other app that I got this request is the one I piratedly downloaded (how shame, but I deleted that already). Getting this request made me check twice I downloaded from the correct website and not the phishing one.

We finally managed to reproduce that, as it was happening only in a single case: when dragging a palette around… We were using an API to watch for the mouse click release for the palette, which is also an API used to watch for all keystrokes across the system (which we didn’t realize back when it was written, some years ago).
We managed to remove that, so next versions shouldn’t prompt for that anymore, and if you deny it, it shouldn’t make much difference.

Thanks for reporting it, and thanks to Chayuth for taking some time to try and reproduce it for us!

1 Like