The article states the software users external endpoints, whether encrypted or not. The CCP already has the ability to obtain all of this information from those endpoints. The article identified poor software design choices that may expose user keyboard data to anybody on the network..