Does windows clipboard store copied Strings locally, or, as with files, does it only deal with pointers?
If it does, is it possible to modify the clipboard to make a logfile of all Strings that are routed through it?
I would imagine this could be a dangerous tool against people who hide high entropy passwords somewhere deep in their system (maybe encrypted) and then just copy paste them where needed.
It's certainly possible -- there are plenty of commercial keyloggers (this one, for example) that can log text copied to the clipboard.
You're absolutely right that this is a security risk.
Yes, it looks like you can actually log everything that goes through the clipboard with the AddClipboardFormatListener API call: relevant SO question here. Simply pass the handle of your window in as the only parameter. The SetClipboardViewer function will also work for older versions of Windows.
This is certainly a security risk.
This Microsoft forum suggests that the clipboard is stored entirely in memory, and this part of MSDN talks about receiving a global memory handle on the clipboard.
Related
I'm using Tampermonkey to collect data from pages I visit and store it locally and persistently across browser sessions. This is working fine. However, I'm limited to using the script on the same computer. I'd like to be able to use the same script on another computer and update the same collected data file.
I'd like to use the simplest method possible to read, edit, and store a single text file from multiple computers.
An actual functioning "Hello world!" script would be fantastic. I've mucked around with the pastebin API, but all the help applies to php code and there seems to be a lot of somewhat confusing overhead. I don't need to examine the contents of the pasted data in a useful editor. The data is never to be interpreted as code or html. I don't need an SQL database. This is just a project for fun, so I don't need to worry about privacy issues or elegant, modular code.
I just need a place to stash some bytes, and change them frequently.
What's the simplest solution?
My embedded linux gets its data files from an external source (sd card). As this media is easily detachable I'd like to protect it in a certain way.
First idea that comes in mind is to do encryption. I'm afraid though this would take too much processing power. My files are not deeply sensitive, but I don't want that people can put the card into their desktop and see/copy my files. I assume these people know how to mount a standard ext4 drive.
Content is initially loaded on to the disk via a desktop linux box, so the process should be
I wouldn't care too much if the solution is not hack-proof. Basically I want to avoid to have my content copied by the general copycat.
I'm not looking for a turn-key solution, but like to get some pointers into the right direction.
A simple XOR Cipher requires very little processing. The security is limited in the sense that if someone has a both the encrypted and plain-text data, by XOR'ing the two the encryption key is revealed. However so long as you can avoid someone being knowingly in possession of both, and the key itself remains confidential, it may meet your requirements of simplicity and security.
Obviously you need a longer key that the simple 8 bit one in the example in the link. The key itself can be arbitrarily long with no impact on performance.
I saw allot of companies offering exe wrappers , but is there any in pdf side security programmatically ?
Well, you can encrypt the PDF. You can also use custom encryption handler and thus make your file unreadable with stock Acrobat or Reader (one will need to install your decryption plugin to Acrobat or Reader to make them understand your encryption). The problem is acrobat's DRM SDK (the one that allow you create encryption plugins) once had enormous cost (smth. like $25K to start). I don't know if this is still the case, though.
Another not-so-bad option is render everything to graphics - this makes text copying harder (though one can print everything and OCR it back).
The short answer is no. When you give someone the ciphertext, key, and cipher they will always be able to reproduce the plaintext. DRM fails universally for just this reason.
The long answer is that you can sometimes try little gimmicky tricks to prevent copying in some circumstances which may "work" if your audience doesn't try breaking it, but not in the general case. You can't really call something secure which is "safe as long as nobody tries to break it".
The PDF format itself has an "owner password" which allows the author to disallow readers from printing the document, modifying it, etc... Of course there's not actually any mechanism for preventing anyone from doing so. If you are trying to prevent the guys in the marketing department from printing it off or something, then maybe. But if you're releasing it out into the Internet, just assume that it can and will be copied however users see fit.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 12 years ago.
Improve this question
Can the contents of the clipboard be encrypted?
For example, say that to circumvent keyloggers, users copy and paste passwords from an encrypted file, but now the password lives unencrypted in the clipboard. Is there a way to prevent this behavior without breaking copy/paste, or running some script function that scrambles the clipboard information.
If you need to supply the unencrypted password to a textfield in order to sign in, then nothing you do before that step can stop malicious users from reading the contents of that textbox. Since there needs to be a point in time where that plaintext string is sent to the textbox.
I think if you have a keylogger you have more important problems than encrypting passwords
To answer your question: It should be possible, but you'd need to dig quite deep into the Windows API for that.
To catch COPY events and encrypt the contents, you could use SetClipboardViewer to get notified of changed to the clipboard. Here is an example on how to do this with C#.
To catch PASTE events and decrypt the contents, you might need to globally hook to WM_PASTE messages.
As a side note: Once a keylogger/trojan/etc. managed to run on your system, it is no longer your system. Encrypting the clipboard or similar techniques don't protect your system, they might just raise the bar for the malware developer to get the information he wants (see Jean-Bernard's answer). Preventing evil code from running on your system in the first place is a much better approach.
If the clipboard information is persisted to the drive then whole disk encryption would do the trick (it sounds like that's the kind of stuff you want to do already anyway based on the question).
But encrypting what's in RAM isn't really an option. At some point the OS and applications read that memory and need to know what to do with it. It has to be unencrypted somewhere in the active hardware of the machine in order to be used.
You could certainly encrypt the data, copy it to the clipboard, and then in another instance of your app, paste it, decrypt it. But this is only useful if the source/destination agree on the encryption. i.e. written by the same guy. In that case, you'd be better off NOT using the clipboard, and setting up some sort of private data channel instead.
So while you can do it, it's not practical.
You could do that by encrypting your data for your application before the copy, but it really depends on the language you would use.
And decrypt on the paste, but again on your application. You can't do that for all your system; it would mean modifications on your OS...
I'm writing an application which implements copy-and-paste: therefore I use a system API to read data from the clipboard.
If I can't read unencrypted data then copy-and-paste is broken, but if I can then so could any other installed program (including a keylogger).
If someone has privileges to install a keylogger that has clipboard access, he most likely has privileges to get the decryption key of the clipboard as well. Cryptography is not a substitute for access control.
Does my question make sense? Using either Vim or Emacs, you come to understand that the interface exposes the code's representation of the state of the file you are editing in the buffer, the file is the on-disk storage you can fill a buffer from or write a buffer to. All these things a programmer would know, but when just editing text, why is it exposed? Any newer editor just tells you "Here is a file. Edit it."
Yes, I understand the technical meanings, but that isn't my question. This is a question not even about if it is a good idea to do it or not. Vim and Emacs are our two oldest editors in common use today, and they share this behavior. I know of no new editor that does the same. When did editors stop doing this and why?
For starters, Emacs uses plenty of buffers that aren't associated with any file. Any time you open a directory, read your mail, open a terminal, compile a program, launch an interactive Python session, or connect to a database, you get a buffer. Hence, Emacs's basic unit of work is a buffer and not a file, and the same logic holds for Vim.
New applications that only edit files make no distinction because every screen or window or tab directly represents a file. More capable applications like Emacs and Vim are a lot more flexible in that respect.
OK, here's my weird philosophical answer :
because late binding between the buffer in the editor and the actual concrete thing you're working on, gives the editing environment more flexibility and power.
Think this is out of date? One place where the idea is back with a vengeance is in the browser, where you don't have 1-1 correspondence between tabs and web-pages. Instead, inside each tab you can navigate forwards and backwards between multiple pages. No-one would try to make an MDI type interface to the web, where each page had it's own inner window. It would be impossibly fiddly to use. It just wouldn't scale.
Personally, I think IDEs are getting way too complicated these days, and the static binding between documents and buffers is one reason for this. I expect at some point there'll be a breakthrough as they move to the browser-like tabbed-buffer model where :
a) you'll be able to hyperlink between multiple files within the same buffer/tab (and there'll be a back-button etc.)
b) the generic buffers will be able to hold any type of data : source-code, command-line, dynamically generated graphic output, project outline etc.
In other words, much of the Vim / Emacs model, except tweaked to be more in-line with discoveries that browsers are making.
Because several buffers can show you different view of the same file. I do not know of other editors but this is true of Emacs. And what do you mean exactly with Old?
When applications started becoming used heavily by non-geeks who didn't want to trouble themselves with irrelevant detail.
I think the new editors quit doing it for the reasons you stated, that it is an abstraction that just gets in the way. Also most modern editors have unlimited undo, so the idea of the "buffer" is sort of implicit.
I guess I'm just an old fogey (in the die-hard vim camp), but the other editing packages I use, such as MS Word or Open Office, preserve the distinction between the copy of the file that I'm editing and the last saved version. That is utterly invaluable -- I don't want the editor to trample over my last good version until I'm ready for it to do so. Indeed, there's a decent chance (say one in a thousand) that I'll create a new file with the buffer I'm editing on.
On the other hand, the ability to create a file image by reading multiple files (either several copies of the same file, or copies of several different files) is also useful. There are faintly similar facilities in other documents.
So, I could be missing the point - I don't know which editors you are referring to as removing the distinction. But I think that all editors preserve the distinction between the copy of the file that you're editing and the last version saved to disk.
Because developers of those editors didn't care to hide implementation details from users.