The other day I wrote about the clipboard reading code in IE, I found another example that someone else had made that used different code but had the same effect. They also had a fix. I would suggest doing this. It is probably why (e:ajays) computer didn't report anything. But the default is to have it turned on.
1. Under the Tools menu, select Internet Options
2. Click on the Security tab.
3. In the box labelled, "Security level for this zone", click on Custom Level
4. Scroll all the way down to the Scripting heading
5. Under "Allow paste operations via script" choose the Disable button.
6. Click OK and confirm that Yes you do want to change security settings for this zone.
Computer's Journal
My Podcast Link
02/23/2006 22:33 #21548
Disabling the nasty clipboard readerCategory: web
02/17/2006 15:05 #21547
Windows IE security issue with clipboardCategory: security
I just accidentally discovered a major security bug in IE for windows. Copy something into your cliboard from any application and then visit this page 
I created. The data will be alerted and although I am not collecting the data anyone could use this technology to steal and forward whatever information was in your clipboard when you visited their web page. Just think about what you copy into your clipboard when using IE, your passwords, your bank account info, etc. Get firefox
--paul
I created. The data will be alerted and although I am not collecting the data anyone could use this technology to steal and forward whatever information was in your clipboard when you visited their web page. Just think about what you copy into your clipboard when using IE, your passwords, your bank account info, etc. Get firefox --paul
ajay - 02/17/06 20:21
Well, I tried it and the dialog box was empty. I had put stuff in my clipboard. Maybe my machine is patched?
Who cares.. I use Linux anyways (but I do have a Windows box for downloading... documentaries).
Well, I tried it and the dialog box was empty. I had put stuff in my clipboard. Maybe my machine is patched?
Who cares.. I use Linux anyways (but I do have a Windows box for downloading... documentaries).
jenks - 02/17/06 19:51
yet another reason microsoft pisses me off...
yet another reason microsoft pisses me off...
jason - 02/17/06 18:47
See, and Josh constantly bitches about Firefox. He's like, "Damn Jay why do you use that shitty ass browser?"
Someone help him understand why Firefox is so much better! I give up!
See, and Josh constantly bitches about Firefox. He's like, "Damn Jay why do you use that shitty ass browser?"
Someone help him understand why Firefox is so much better! I give up!
kara - 02/17/06 17:07
Paul is totally right. The error pops up in a dialog box/window, and he's able to record what was displayed in that window. This poses a huge security risk - for individuals, businesses - heck, even government agencies. I'm using IE6.
Paul is totally right. The error pops up in a dialog box/window, and he's able to record what was displayed in that window. This poses a huge security risk - for individuals, businesses - heck, even government agencies. I'm using IE6.
computer - 02/17/06 16:23
It works in IE. It is not on a local server and I am sure.
It works in IE. It is not on a local server and I am sure.
ajay - 02/17/06 16:06
Just tried it, got nothing. Are you sure?
Maybe you were loading the files from local disk (which has different permissions than a page from the web)?
Just tried it, got nothing. Are you sure?
Maybe you were loading the files from local disk (which has different permissions than a page from the web)?
02/16/2006 17:47 #21546
Camino 1.0 releasedCategory: browsers
Camino 1.0 brings you a heavily-updated version of the only native Mac OS X browser using Mozilla's Gecko rendering engine. Thousands of bugs were fixed in Gecko 1.8, providing users with improved web page compatibility.
more info:
01/31/2006 15:05 #21545
Microsoft Developer ToolbarCategory: web
Microsoft has finally come out with a developer toolbar like the one firefox has. It could have saved me thousands of hours had they realeased this before but at least it is a step iun the right direction.
like the one firefox has. It could have saved me thousands of hours had they realeased this before but at least it is a step iun the right direction.
01/31/2006 00:05 #21544
face the nationWorks for me! Thanks.
Does anyone else get nostalgic for "vintage" [inlink]twisted,296[/inlink] computer memorabilia? I wish I had screenshots of some of my old desktops.
Does anyone else get nostalgic for "vintage" [inlink]twisted,296[/inlink] computer memorabilia? I wish I had screenshots of some of my old desktops.
Paul once you are done collecting your poetry fodder, maybe you can popup a warning for the user if s/he doesn't have this security fix in place.
Thanks! Its been taken care of on my end.