Stealing Clipboard Info
Have you ever copied information to your clipboard, then later went online? If the info you copied was of a sensitive nature, then this is gonna scare ya like Bigfoot jumping out of your bathroom closet.
Did you know that a website can easily snatch the info on your clipboard with about one line of Javascript? Yup, it’s true. Not all browsers are susceptible to this, but Internet Explorer is (surprise, surprise). Copy any line of this article and head to the page below:
http://www.worldstart.com/clipboardtest
Go on, I’ll wait here. Take your time.
If it showed up on that page, then you’re probably feeling a little anxious right about now. I mean, just imagine if that info had been a password, credit card number, or bank account info! I could have just as easily put the info on your clipboard into a database as shown it to you. Don’t worry, I didn’t – really, I didn’t!
Want to know how to disable this “feature”? It’s easy as fallin’ off a digital log:
1. Open Internet Explorer and click the Tools menu, Internet Options.
2. Click the Security tab, then press the “Custom Level” button.
3. OK, grab your shovel, it’s time to do some digging. Under the “Scripting” section, hunt for an entry called “Allow paste operations via script”. Set to disable (or at lest prompt).
4. Hit OK until you’re back to Explorer.
5. That’s it. Now try the page above and see what happens. With any luck, you should find that your clipboard is no longer accessible. Cool huh?
Special Note:
If you want to tell your friends about this little potential security problem, we’ve set up a special page at:
http://www.worldstart.com/clipboardtest
Send ’em there and they’ll see how this whole thing works. Of course, you can forward them this newsletter too 🙂
Have a great day,
Steve