undefined | Better HN

0 pointsimiric3y ago0 comments

> Are there "clipboard snoopers" out there?

I haven't run into any (that I know of), but it's trivial to write such a program.

> are there clipboard snoopers that access sensitive data they couldn't also access in any other way?

There's no such thing as a 100% secure system, but removing one of the most vulnerable attack vectors is a huge improvement in and of itself.

> It seems to me that if you can access the system clipboard you have enough access to do all sorts of stuff.

Not quite. Currently all applications have unrestricted access to the clipboard. Accessing decrypted credentials in a password manager is only possible by the authorized user, and this can be restricted in a number of ways. Maybe we need a stricter permission system for clipboard access, but I would argue we need to stop using the clipboard for exchanging sensitive data between applications.

0 comments

Beltalowda3y ago

It's indeed trivial to write such a thing, and given that none seem to exist it doesn't seem like it's really a practical security issue IMHO.

I think a permission system for the clipboard would be pretty awkward UX, and not really worth the effort for the (hypothetical) problem it's solving.

j / k navigate · click thread line to collapse

0 comments

Beltalowda3y ago

It's indeed trivial to write such a thing, and given that none seem to exist it doesn't seem like it's really a practical security issue IMHO.

I think a permission system for the clipboard would be pretty awkward UX, and not really worth the effort for the (hypothetical) problem it's solving.

j / k navigate · click thread line to collapse