Feature or security bug?

Feature or security bug?

I have been playing a little with Translucent & Shaped Windows & noted1
when making this example that if the opacity was 0/255 you can 'click
through' the window to the desktop. OTOH an opacity of 1/255 (effectively
invisible) was intercepted by the frame.
On Windows at least, using the Oracle 1.7.0_25 JRE.
Does this allow the transparency ability to be used as a key logger, and
if so, is that a security bug?
Note that it would take either 'no security manager' or a 'fully trusted
app.' to do many of the things seen in the source code below (e.g.: use a
Robot, have a translucent frame on-screen with no warning banner..).
The example only attempts to intercept mouse presses and clicks, which it
then emulates using the Robot (after setting the frame momentarily
minimized). I did not want to go to the extent of trying to account for
the mouse buttons 2 & 3, the scroll wheel, or especially key events.
Mostly because I don't intend to help anyone in making a key logger.
Horrid things..
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
public class TranslucentMouseLogger {
JFrame f = new JFrame();
Robot robot;
// Out of 255 possible levels of transparency/opacity.
// Reduce to 1, to 'see' how dangerous this might be.
int minTransparency = 60;
public void doClick(MouseEvent me) {
System.out.println(me);
f.setVisible(false);
if (me.getPoint().getX() < 100
|| me.getPoint().getX() < 100) {
System.exit(0);
} else {
try {
for (int ii = 0; ii < me.getClickCount(); ii++) {
robot.mousePress(InputEvent.BUTTON1_MASK);
robot.mouseRelease(InputEvent.BUTTON1_MASK);
}
} catch (Exception ex) {
ex.printStackTrace();
}
f.setVisible(true);
f.toFront();
f.requestFocus();
}
}
TranslucentMouseLogger() throws AWTException {
robot = new Robot();
f.setUndecorated(true);
f.setAlwaysOnTop(true);
f.setDefaultCloseOperation(JFrame.DO_NOTHING_ON_CLOSE);
f.setExtendedState(JFrame.MAXIMIZED_BOTH);
// first set the frame (mostly) invisible..
f.setBackground(new Color(0, 0, 0, minTransparency));
f.setVisible(true);
MouseListener listener = new MouseAdapter() {
@Override
public void mouseClicked(MouseEvent e) {
doClick(e);
}
@Override
public void mousePressed(MouseEvent e) {
doClick(e);
}
};
f.addMouseListener(listener);
JOptionPane.showMessageDialog(
f, "Click in the upper left of screen to exit");
}
public static void main(String[] args) throws Exception {
// Determine if the GraphicsDevice supports translucency.
GraphicsEnvironment ge =
GraphicsEnvironment.getLocalGraphicsEnvironment();
GraphicsDevice gd = ge.getDefaultScreenDevice();
// If translucent windows aren't supported, exit.
if (!gd.isWindowTranslucencySupported(
GraphicsDevice.WindowTranslucency.TRANSLUCENT)) {
System.err.println(
"Translucency is not supported");
System.exit(1);
}
Runnable r = new Runnable() {
@Override
public void run() {
try {
new TranslucentMouseLogger();
} catch (AWTException ex) {
ex.printStackTrace();
}
}
};
SwingUtilities.invokeLater(r);
}
}