"They note that the attack isn't operating-system specific"
So that means that all operating systems have a "virtual on-screen keyboard" ?
I just checked and it is indicated that Linux has a few that are downloadable, but it does not state that there is any installed by default. I did find that Ubuntu has one by default, so there may well be other distros that have one as well, but apparently it is not certain.
Windows, of course, is the golden goose for this attack since the virtual keyboard is integrated into the kernel and there are very few ways outside of editing the Registry which will not disable it - and you won't go doing that without intent.
Biting the hand that feeds IT
