Let's get some perspective on this first: no security product is 100% secure and just because there may be an obscure way round a product doesn't mean you shouldn't use it and that it won't protect you against a lot of attacks. How secure is your Anti-Virus (AV) product? Certainly not 100%, so we need layers of security. Rapport is another layer of security and could help protect your machine.
I have said in my previous post about this issue how well Trusteer dealt with me. So, now to the method of keylogging Trusteer. It's quite simple really, but requires a special setup. Rapport hooks onto the keyboard driver to prevent keylogging. However, if you invoke the remote desktop feature in Windows then a different keyboard driver is invoked, which Rapport cannot hook onto. So, if you're using a remote desktop connection into your machine then Rapport will not be giving you the full protection (it still has other layers of protection that work in this scenario).
Is this such a special case that you don't need to worry about it? Well not necessarily. There are a plethora of remote access software solutions available to users who are increasingly using them to access their machines at home or at work. There is also another technology that can be leveraged to cause this effect whilst the user is at the actual machine. Microsoft have introduced RemoteApps to the Windows desktop environment to allow for legacy applications to appear to run seamlessly on Windows 7. This is done via Virtual PC running another OS and the RAIL QFE update to allow applications to be exposed from a desktop machine as RemoteApps. However, we can use this technique to look back at the machine and expose the web browser as a RemoteApp, which the user should not notice.
As I say, it's a special case and not one a user would normally encounter, but it is possible. There are other issues with Trusteer as well, being able to capture the screen of protected websites and information leakage as highlighted on ReviewMyLife.co.uk here. It doesn't mean you shouldn't use Rapport though, just know and trust the machine that you're using. Basically, don't ever connect to any secure site or service from an untrusted machine, no matter what's installed on it.