this post was submitted on 14 Sep 2024
1641 points (99.0% liked)

Technology

59658 readers
3035 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
L4s
enu
1641
Be careful. (feddit.org)
submitted 2 months ago by [email protected] to c/technology
174 comments fedilink hide all child comments
 

Source.

you are viewing a single comment's thread
view the rest of the comments
[–] lando55 23 points 2 months ago* (last edited 2 months ago) (8 children)

Why isn't the default behavior for browsers to not allow access to the clipboard? Similar to how it prompts you for access to camera/microphone

Edit: On a per-site basis, like if you use the Zoom website it asks you for access to the webcam, would something like this work for clipboard as well or would it break stuff?

[–] madcaesar 11 points 2 months ago (5 children)

The browser can't access your clipboard contents without permission, but it can place text into the clipboard.

The problem is people the talking the copied text and pasting it into the command prompt.

[–] lando55 3 points 2 months ago (1 children)

Yeah that's what I'm curious about; I'm used to copying code snippets or codes from websites by clicking a button (presumably through some browser API?), but am just now realizing that this in itself has security implications.

Using noscript or some such JS blocker would prevent this but break a lot of other things in the process. That's why I'm wondering why the API isn't locked down via some user prompt.

[–] zaemz 3 points 2 months ago

In Firefox, you can disable the clipboard events. I've done this for the rare case of me copy+pasting a password and forgetting to clear the clipboard after.

On Android, I've noticed that it's possible for apps to read from the clipboard, to read OTP tokens for example. Since I noticed that a while back, I've always been wary of the clipboard on any device I've used.

load more comments (3 replies)
load more comments (5 replies)