BotHack

BotHack makes getting things done easy and fun. Delving deep into the technoweb, BotHack brings back simple and totally life-altering tips and tricks for managing your information and time. At this wild moment in the development of human-oriented technology, BotHack is your own personal early adopter, here to guide you through the onslaught of the new. The world is full of fascinating problems waiting to be solved: BotHack can help.

Friday, September 02, 2005

Clipboard Security Flaw in IE


Web sites you visit can retrieve data from your clipboard depending on your security settings. Go to this page and see if anything shows up in the box. If you are using Firefox or Opera you probably won’t see anything. However, if you are using Internet Explorer then chances are that whatever you last copied into your clipboard will be displayed.

The site explains:

"It is true, text you last copied for pasting (copy & paste) can be stolen when you visit web sites using a combination of JavaScript and ASP (or PHP, or CGI) to write your possible sensitive data to a database on another server. Hopefully you haven’t copied a credit card number recently before surfing!"

To disable this setting in IE, do the following:

1. Under the Tools menu, select Internet Options

2. Click on the Security tab.

3. In the box labelled, “Security level for this zone”, click on Custom Level

4. Scroll all the way down to the Scripting heading

5. Under “Allow paste operations via script” choose the Disable button.

6. Click OK and confirm that Yes you do want to change security settings for this zone.


Even if you mostly use another browser, as long as you have IE installed you may want to perform the above operation to make sure if you ever use that browser your clipboard contents aren’t compromised.

Retrieving Text from Clipboard [via digg]
Related:
Installing Firefox for All

Die Dulci Fruere

posted by Nitterbog @ 9:20 AM 

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home