Re: [clipboard] Semi-Trusted Events Alternative

On Jul 26, 2014, at 8:26 AM, Jeffrey Walton <noloader@gmail.com> wrote:

> On Sat, Jul 26, 2014 at 9:19 AM, Perry Smith <pedzsan@gmail.com> wrote:
>> Sorry if this is a lame question but I never understood the dangers of Copy and Paste that the web is trying to avoid.  Can someone explain that to me?
>> 
> Its a point of data egress. You don't want sensitive information from
> one program scraped and egressed by another.
> 
> The first program could be a browser and the second program could be
> malware. In this case, the malware looks for data placed on the
> clipboard by the browser (and hopes to get a username, password,
> sensitive document, etc).
> 
> Or, it could be another program with the browser scraping the data and
> hauling it off to a site.

I thought about that.  So it is not so much the Copy and Paste operations as much as being able to get the content of the clipboard. ?

Received on Saturday, 26 July 2014 13:34:45 UTC