Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

A computer without COBOL and Fortran is like a piece of chocolate cake without ketchup and mustard.


computers / alt.comp.os.windows-10 / Re: New Windows 10 Clipboard Security

SubjectAuthor
* New Windows 10 Clipboard Securityknuttle
+- Re: New Windows 10 Clipboard SecurityChris
+* Re: New Windows 10 Clipboard SecurityVanguardLH
|+* Re: New Windows 10 Clipboard SecurityHerbert Kleebauer
||+* Re: New Windows 10 Clipboard Securityknuttle
|||`* Re: New Windows 10 Clipboard SecurityVanguardLH
||| +- Re: New Windows 10 Clipboard SecurityChris
||| `- Re: New Windows 10 Clipboard SecurityVanguardLH
||`* Re: New Windows 10 Clipboard SecurityVanguardLH
|| `* Re: New Windows 10 Clipboard SecurityHerbert Kleebauer
||  `* Re: New Windows 10 Clipboard SecurityVanguardLH
||   `* Re: New Windows 10 Clipboard SecurityHerbert Kleebauer
||    `* Re: New Windows 10 Clipboard SecurityVanguardLH
||     `- Re: New Windows 10 Clipboard SecurityBucky Breeder
|`* Re: New Windows 10 Clipboard SecurityZaidy036
| +- Re: New Windows 10 Clipboard SecurityVanguardLH
| `- Re: New Windows 10 Clipboard SecurityZaidy036
`* Re: New Windows 10 Clipboard SecurityStan Brown
 `- Re: New Windows 10 Clipboard SecurityKen Blake

1
New Windows 10 Clipboard Security

<t5dk8d$jfc$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62386&group=alt.comp.os.windows-10#62386

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: keith_nu...@sbcglobal.net (knuttle)
Newsgroups: alt.comp.os.windows-10
Subject: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 08:02:19 -0400
Organization: A noiseless patient Spider
Lines: 18
Message-ID: <t5dk8d$jfc$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 10 May 2022 12:02:21 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="1ea0f122f77e4ef1007ce8851c020567";
logging-data="19948"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX188Ui1NMvbfFkQ6FUARC9L4"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.9.0
Cancel-Lock: sha1:Cs8LN27Ldpfj/avtYlK5svNagqk=
Content-Language: en-US
 by: knuttle - Tue, 10 May 2022 12:02 UTC

I just learned about the new W10 Clipboard, and could see several uses
for it, especially the ability to pin items to it.

One that came to mind was to pin passwords to it so you did not have to
type them all of the time.

As part of a volunteer job I use another computer periodically. There
are several passwords needed for that computer, that would be nice to
put into the clipboard.

I have never used multiple accounts and was wondering if I would create
a new account on the volunteered computer and then pin the passwords to
the clipboard in that new account; would they be available only to me or
can any account access the data in the clipboard.

OR are the contents of the new clipboard unique to the account where
they were created, or are they available to all accounts on the computer.

Re: New Windows 10 Clipboard Security

<t5e3g8$eho$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62396&group=alt.comp.os.windows-10#62396

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: ithink...@gmail.com (Chris)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 17:22:30 +0100
Organization: A noiseless patient Spider
Lines: 31
Message-ID: <t5e3g8$eho$1@dont-email.me>
References: <t5dk8d$jfc$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 10 May 2022 16:22:32 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="cddf8a77d14fa679e152283b7bd82901";
logging-data="14904"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX193bNKq1unlxek3QNvsrJSRFlQuhM/6PTw="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.8.1
Cancel-Lock: sha1:GFocVwwMLuktlCjk9d5+SU2Ir60=
In-Reply-To: <t5dk8d$jfc$1@dont-email.me>
Content-Language: en-GB
 by: Chris - Tue, 10 May 2022 16:22 UTC

On 10/05/2022 13:02, knuttle wrote:
>
> I just learned about the new W10 Clipboard, and could see several uses
> for it, especially the ability to pin items to it.
>
> One that came to mind was to pin passwords to it so you did not have to
> type them all of the time.
>
> As part of a volunteer job I use another computer periodically.  There
> are several passwords needed for that computer, that would be nice to
> put into the clipboard.

That's a worse idea than a Post-It on your monitor. Any app running has
access to the clipboard so any rogue app could scrape the clipboard and
compromise your system(s).

> I have never used multiple accounts and was wondering if I would create
> a new account on the volunteered computer and then pin the passwords to
> the clipboard in that new account; would they be available only to me or
> can any account access the data in the clipboard.
>
> OR are the contents of the new clipboard unique to the account where
> they were created, or are they available to all accounts on the computer.

In theory it should be limited to the current user, however, the
clipboard has no security requirements whatsoever so there are no
guarantees.

I would strongly recommend a password manager for your use-case. They
use the clipboard, but scrub it after a short period of inactivity, for
exactly the reasons above.

Re: New Windows 10 Clipboard Security

<17aya2k309t7h.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62398&group=alt.comp.os.windows-10#62398

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 11:42:26 -0500
Organization: Usenet Elder
Lines: 60
Message-ID: <17aya2k309t7h.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net DVjsQfP/JUerY8026o13lAUDz+/otBFfmY+Lkpp1unssSLHnmj
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:8LFWR/p7LLsl02TBTdz6bmPSGVU=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 10 May 2022 16:42 UTC

knuttle wrote:

> I just learned about the new W10 Clipboard, and could see several uses
> for it, especially the ability to pin items to it.
>
> One that came to mind was to pin passwords to it so you did not have to
> type them all of the time.
>
> As part of a volunteer job I use another computer periodically. There
> are several passwords needed for that computer, that would be nice to
> put into the clipboard.
>
> I have never used multiple accounts and was wondering if I would create
> a new account on the volunteered computer and then pin the passwords to
> the clipboard in that new account; would they be available only to me or
> can any account access the data in the clipboard.
>
> OR are the contents of the new clipboard unique to the account where
> they were created, or are they available to all accounts on the computer.

There are lots of utilities that clear the clipboard along with lots of
other cleanup. As a test, I saved several clips which then showed in
the clipboard history. I pinned 2 of the clips. I ran CCleaner, and
the clipboard history got cleared except for the pinned entries. I
saved a few clips again, and ran the Disk Cleanup included in Windows
(and which has a scheduled event to periodically do that cleanup), but
the clips survived. Whether the clips survive depends on how the user
does the cleanup, and I cannot attest to the survivability of pinned
clipboard history entries for other cleaners.

Any software can programmatically manage the Windows clipboard. That's
how all the clipboard managers work. I use one called ClipMate. Since
the clipboard is accessible via API, any software can access the
clipboard, including malware.

https://docs.microsoft.com/en-us/windows/win32/dataxchg/clipboard
https://docs.microsoft.com/en-us/dotnet/api/system.windows.clipboard?view=windowsdesktop-6.0

There have been reports by users that a huge clipboard history cache
slows down Windows, and the cure was to clear the clipboard history. It
is also the user'll the clipboard managers work. I use one called
ClipMate. Since the clipboard is accessbut pinned entries survive.
However, disabling the clipboard history wipes all entries.

Some articles claim the clipboard history can be disabled from the
command line by running:

echo off | clip

That pipes the "off" string into clip.exe. However, that didn't work
for me even in an elevated command shell. When I run "clip /?", "off"
is not a valid parameter. When I run "clip off", that doesn't work,
either (get "Invalid argument"). Maybe it worked once in an older
build, but not in mine (21H2).

Saving passwords into the clipboard history is not a secure method of
storing passwords. Any program can programmatically access the
clipboard's entries. Saving passwords into the clipboard history is
equivalent to saving them in an unprotected .txt file. There is nothing
secret for data stored in the clipboard history.

Re: New Windows 10 Clipboard Security

<MPG.3ce43871928cb1c998ff2c@news.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62399&group=alt.comp.os.windows-10#62399

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: the_stan...@fastmail.fm (Stan Brown)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 09:53:37 -0700
Organization: Oak Road Systems
Lines: 34
Message-ID: <MPG.3ce43871928cb1c998ff2c@news.individual.net>
References: <t5dk8d$jfc$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net FDP1ZLj83wkxE/mI0Hn2HAEB1kp6SvEBDe7JtF5QVxy4LDH6pE
Cancel-Lock: sha1:pYVr/jhzGxRam5wBEsKhmgoVKbY=
User-Agent: MicroPlanet-Gravity/3.0.11 (GRC)
 by: Stan Brown - Tue, 10 May 2022 16:53 UTC

On Tue, 10 May 2022 08:02:19 -0400, knuttle wrote:
>
> I just learned about the new W10 Clipboard, and could see several uses
> for it, especially the ability to pin items to it.
>
> One that came to mind was to pin passwords to it so you did not have to
> type them all of the time.
>
> As part of a volunteer job I use another computer periodically. There
> are several passwords needed for that computer, that would be nice to
> put into the clipboard.

As Chris suggests, I also think that's a terribly insecure idea.
Much, much, MUCH better to use a password manager.

There are many options for password managers. LastPass seems quite
popular, but I'm a fan of KeePass, partly _because_ it has no cloud
facility. (To share a passwords with different devices, copy the
database, which is encrypted.) I also like that I don't have to
synchronize passwords between my browsers on one PC; I have browser
password managers all turned off.

https://keepass.info/

Usually you will sign on to websites via KeePass Auto-Play. (Click
into the website's Username box and press a user-configurable
hotkey.) However, you can also open the database, right-click an
entry and select Copy Username or Copy Password, then Ctrl+V in the
site's Web browser window. KeePass somehow know how to delete the
copies item from the clipboard in 10 seconds.

--
Stan Brown, Tehachapi, California, USA https://BrownMath.com/
Shikata ga nai...

Re: New Windows 10 Clipboard Security

<9q6l7hp8olfro0r70d3auk6hcfg5bkcqce@4ax.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62401&group=alt.comp.os.windows-10#62401

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!news.freedyn.de!newsreader4.netcologne.de!news.netcologne.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Ken...@invalid.news.com (Ken Blake)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 10:10:23 -0700
Lines: 39
Message-ID: <9q6l7hp8olfro0r70d3auk6hcfg5bkcqce@4ax.com>
References: <t5dk8d$jfc$1@dont-email.me> <MPG.3ce43871928cb1c998ff2c@news.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
X-Trace: individual.net f1gHCPOnC3GP48+lehhdtgStny6GewaHngaK1RJnki4cJNnpwV
Cancel-Lock: sha1:Uv81wWdWg1CoTpruu59BGCkzXQ8=
X-Newsreader: Forte Agent 6.00/32.1186
 by: Ken Blake - Tue, 10 May 2022 17:10 UTC

On Tue, 10 May 2022 09:53:37 -0700, Stan Brown
<the_stan_brown@fastmail.fm> wrote:

>On Tue, 10 May 2022 08:02:19 -0400, knuttle wrote:
>>
>> I just learned about the new W10 Clipboard, and could see several uses
>> for it, especially the ability to pin items to it.
>>
>> One that came to mind was to pin passwords to it so you did not have to
>> type them all of the time.
>>
>> As part of a volunteer job I use another computer periodically. There
>> are several passwords needed for that computer, that would be nice to
>> put into the clipboard.
>
>As Chris suggests, I also think that's a terribly insecure idea.

Yes.

>Much, much, MUCH better to use a password manager.
>
>There are many options for password managers. LastPass seems quite
>popular, but I'm a fan of KeePass, partly _because_ it has no cloud
>facility.

I use two password managers:

1. Enpass, which I like better than LastPass (despite its popularity),
and which I have integrated with Firefox.

2. KeyPass, as my secondary password manager, for two reasons:

a. Backup to EnPass
b. For programs rather than web sites that need passwords.

Re: New Windows 10 Clipboard Security

<t5e83u$8ok$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62403&group=alt.comp.os.windows-10#62403

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!aioe.org!mhJC5eVwxLTyv7CmmOH6dw.user.46.165.242.91.POSTED!not-for-mail
From: kle...@unibwm.de (Herbert Kleebauer)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 19:41:18 +0200
Organization: Aioe.org NNTP Server
Message-ID: <t5e83u$8ok$1@gioia.aioe.org>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="8980"; posting-host="mhJC5eVwxLTyv7CmmOH6dw.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.9.0
Content-Language: en-US
X-Notice: Filtered by postfilter v. 0.9.2
 by: Herbert Kleebauer - Tue, 10 May 2022 17:41 UTC

On 10.05.2022 18:42, VanguardLH wrote:

> Some articles claim the clipboard history can be disabled from the
> command line by running:
>
> echo off | clip

That only clears the last entry but there are 25, so you have to use:

for /l %i in (1,1,25) do (echo %i|clip&timeout 1)

from the command line. Double the % if used in a batch file.

Re: New Windows 10 Clipboard Security

<t5e8s7$3d5$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62404&group=alt.comp.os.windows-10#62404

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: keith_nu...@sbcglobal.net (knuttle)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 13:54:13 -0400
Organization: A noiseless patient Spider
Lines: 12
Message-ID: <t5e8s7$3d5$1@dont-email.me>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh>
<t5e83u$8ok$1@gioia.aioe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
Injection-Date: Tue, 10 May 2022 17:54:15 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="1ea0f122f77e4ef1007ce8851c020567";
logging-data="3493"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+H5Nx2Ek08oGtX1I93yZ+d"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.9.0
Cancel-Lock: sha1:Y6pGitoHV7Yhf8mWJlhbtofI+tc=
In-Reply-To: <t5e83u$8ok$1@gioia.aioe.org>
Content-Language: en-US
 by: knuttle - Tue, 10 May 2022 17:54 UTC

On 5/10/2022 1:41 PM, Herbert Kleebauer wrote:
> On 10.05.2022 18:42, VanguardLH wrote:
>
>> Some articles claim the clipboard history can be disabled from the
>> command line by running:
>>
>>    echo off | clip
>
> That only clears the last entry but there are 25, so you have to use:
>
> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)
>
> from the command line. Double the % if used in a batch file.
>
OP: Since I just discovered the new clipboard, have never used it in a
production setting.
I thought that that the Account security could probably be over ridden.
SO I don't think I will pursue that Idea.

Re: New Windows 10 Clipboard Security

<t5e9bk$e73$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62405&group=alt.comp.os.windows-10#62405

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: Eri...@Bloch.com (Zaidy036)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 14:02:27 -0400
Organization: A noiseless patient Spider
Lines: 63
Message-ID: <t5e9bk$e73$1@dont-email.me>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh>
Reply-To: Zaidy036@air.isp.spam
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 10 May 2022 18:02:28 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="337f9352add488fbfc12b421165650df";
logging-data="14563"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/oHrL4Br4jWd+DCYyLoM6Rn6cXdFj0DVs="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.8.1
Cancel-Lock: sha1:fXpHwKVihw+cclpxl7WtPAGaRLc=
In-Reply-To: <17aya2k309t7h.dlg@v.nguard.lh>
Content-Language: en-US
 by: Zaidy036 - Tue, 10 May 2022 18:02 UTC

On 5/10/2022 12:42 PM, VanguardLH wrote:
> knuttle wrote:
>
>> I just learned about the new W10 Clipboard, and could see several uses
>> for it, especially the ability to pin items to it.
>>
>> One that came to mind was to pin passwords to it so you did not have to
>> type them all of the time.
>>
>> As part of a volunteer job I use another computer periodically. There
>> are several passwords needed for that computer, that would be nice to
>> put into the clipboard.
>>
>> I have never used multiple accounts and was wondering if I would create
>> a new account on the volunteered computer and then pin the passwords to
>> the clipboard in that new account; would they be available only to me or
>> can any account access the data in the clipboard.
>>
>> OR are the contents of the new clipboard unique to the account where
>> they were created, or are they available to all accounts on the computer.
>
> There are lots of utilities that clear the clipboard along with lots of
> other cleanup. As a test, I saved several clips which then showed in
> the clipboard history. I pinned 2 of the clips. I ran CCleaner, and
> the clipboard history got cleared except for the pinned entries. I
> saved a few clips again, and ran the Disk Cleanup included in Windows
> (and which has a scheduled event to periodically do that cleanup), but
> the clips survived. Whether the clips survive depends on how the user
> does the cleanup, and I cannot attest to the survivability of pinned
> clipboard history entries for other cleaners.
>
> Any software can programmatically manage the Windows clipboard. That's
> how all the clipboard managers work. I use one called ClipMate. Since
> the clipboard is accessible via API, any software can access the
> clipboard, including malware.
>
> https://docs.microsoft.com/en-us/windows/win32/dataxchg/clipboard
> https://docs.microsoft.com/en-us/dotnet/api/system.windows.clipboard?view=windowsdesktop-6.0
>
> There have been reports by users that a huge clipboard history cache
> slows down Windows, and the cure was to clear the clipboard history. It
> is also the user'll the clipboard managers work. I use one called
> ClipMate. Since the clipboard is accessbut pinned entries survive.
> However, disabling the clipboard history wipes all entries.
>
> Some articles claim the clipboard history can be disabled from the
> command line by running:
>
> echo off | clip
>
> That pipes the "off" string into clip.exe. However, that didn't work
> for me even in an elevated command shell. When I run "clip /?", "off"
> is not a valid parameter. When I run "clip off", that doesn't work,
> either (get "Invalid argument"). Maybe it worked once in an older
> build, but not in mine (21H2).
>
> Saving passwords into the clipboard history is not a secure method of
> storing passwords. Any program can programmatically access the
> clipboard's entries. Saving passwords into the clipboard history is
> equivalent to saving them in an unprotected .txt file. There is nothing
> secret for data stored in the clipboard history.

look at <https://nircmd.nirsoft.net/clipboard.html>

Re: New Windows 10 Clipboard Security

<bf5z1bvr11e5.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62412&group=alt.comp.os.windows-10#62412

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 14:13:19 -0500
Organization: Usenet Elder
Lines: 24
Message-ID: <bf5z1bvr11e5.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e83u$8ok$1@gioia.aioe.org>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net LSQvKIJQieMCM4CeoKUO3A9aojzAwFhGRcAg/iFnyCo/yt7cDf
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:h72qovG3/lgDLCNCCpqCJM5MrRQ=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 10 May 2022 19:13 UTC

Herbert Kleebauer wrote:

> VanguardLH wrote:
>
>> Some articles claim the clipboard history can be disabled from the
>> command line by running:
>>
>> echo off | clip
>
> That only clears the last entry but there are 25, so you have to use:
>
> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)
>
> from the command line. Double the % if used in a batch file.

Since "off" is an invalid argument to the clip.exe program, I don't see
the command line suggestion will work.

What I do see is "echo off | clip" will result in ADDING another entry
to the clip history that is blank, because "echo off" is a command to
disable echoing, not to output the "off" string. There is no stdout
when turning off or on the echoing feature. I don't end up clearing out
any entries from the clip history. I end up adding another clip which
is blank to the clip history.

Re: New Windows 10 Clipboard Security

<162ix0srkatwx$.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62413&group=alt.comp.os.windows-10#62413

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 14:15:47 -0500
Organization: Usenet Elder
Lines: 10
Message-ID: <162ix0srkatwx$.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e9bk$e73$1@dont-email.me>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net xcF5PczU7EjcVPiz+a+bOAyO6V6FxIYwGjMRnml4nUOmQIcK9I
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:wEmauPkZGcMEWk6a+eLKViWIkMk=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 10 May 2022 19:15 UTC

Zaidy036 wrote:

> look at <https://nircmd.nirsoft.net/clipboard.html>

Probably not even needed. Click on the 3-dot menu for any entry shown
in the clip history (Win+V), and select Clear. All non-pinned entries
get flushed from the cache.

Does Nirsoft's clipboard tool flush both pinned and non-pinned entries
from the clip history?

Re: New Windows 10 Clipboard Security

<nkh9qb4uem08.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62414&group=alt.comp.os.windows-10#62414

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 14:20:52 -0500
Organization: Usenet Elder
Lines: 17
Message-ID: <nkh9qb4uem08.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e83u$8ok$1@gioia.aioe.org> <t5e8s7$3d5$1@dont-email.me>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net kCIcFER+lUtQGazVrx+lIg+tuPd2e7SsCTom/ZYxRuWo+LMi/T
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:15+Q13NOjupCc35Hy2OSXRttSoo=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 10 May 2022 19:20 UTC

knuttle wrote:

> OP: Since I just discovered the new clipboard, have never used it in a
> production setting.

Same clipboard function (same API calls). Just a new cache (history)
feature got added.

> I thought that that the Account security could probably be over ridden.
> SO I don't think I will pursue that Idea.

https://www.startpage.com/do/metasearch.pl

Lots of info on how data can get leaked from the clipboard. Didn't
bother to check if remote access was addressed. Anyone or any program
you grant to have remote access to your computer can look at your
clipboard. The clipboard is no more secure than using a .txt file.

Re: New Windows 10 Clipboard Security

<t5ee8u$mr6$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62416&group=alt.comp.os.windows-10#62416

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: ithink...@gmail.com (Chris)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 19:26:22 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 22
Message-ID: <t5ee8u$mr6$1@dont-email.me>
References: <t5dk8d$jfc$1@dont-email.me>
<17aya2k309t7h.dlg@v.nguard.lh>
<t5e83u$8ok$1@gioia.aioe.org>
<t5e8s7$3d5$1@dont-email.me>
<nkh9qb4uem08.dlg@v.nguard.lh>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 10 May 2022 19:26:22 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="cddf8a77d14fa679e152283b7bd82901";
logging-data="23398"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18rHB688rNCEQNqU7fNcGlwEBR0B1Ieqe4="
User-Agent: NewsTap/5.5 (iPhone/iPod Touch)
Cancel-Lock: sha1:y/GERAt81/NBRshJB/VyjH02iac=
sha1:CQXjf8JQ8ZPOu2UVdjTG7DidTAA=
 by: Chris - Tue, 10 May 2022 19:26 UTC

VanguardLH <V@nguard.LH> wrote:
> knuttle wrote:
>
>> OP: Since I just discovered the new clipboard, have never used it in a
>> production setting.
>
> Same clipboard function (same API calls). Just a new cache (history)
> feature got added.
>
>> I thought that that the Account security could probably be over ridden.
>> SO I don't think I will pursue that Idea.
>
> https://www.startpage.com/do/metasearch.pl
>
> Lots of info on how data can get leaked from the clipboard. Didn't
> bother to check if remote access was addressed. Anyone or any program
> you grant to have remote access to your computer can look at your
> clipboard. The clipboard is no more secure than using a .txt file.

I'd say it's less secure. You need to know the name of the txt file whereas
the clipboard is globally accessible.

Re: New Windows 10 Clipboard Security

<t5ekgn$1jbl$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62428&group=alt.comp.os.windows-10#62428

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!aioe.org!mhJC5eVwxLTyv7CmmOH6dw.user.46.165.242.91.POSTED!not-for-mail
From: kle...@unibwm.de (Herbert Kleebauer)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 23:12:54 +0200
Organization: Aioe.org NNTP Server
Message-ID: <t5ekgn$1jbl$1@gioia.aioe.org>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh>
<t5e83u$8ok$1@gioia.aioe.org> <bf5z1bvr11e5.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="52597"; posting-host="mhJC5eVwxLTyv7CmmOH6dw.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.9.0
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-US
 by: Herbert Kleebauer - Tue, 10 May 2022 21:12 UTC

On 10.05.2022 21:13, VanguardLH wrote:
> Herbert Kleebauer wrote:
>
>> VanguardLH wrote:
>>
>>> Some articles claim the clipboard history can be disabled from the
>>> command line by running:
>>>
>>> echo off | clip
>>
>> That only clears the last entry but there are 25, so you have to use:
>>
>> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)
>>
>> from the command line. Double the % if used in a batch file.
>
> Since "off" is an invalid argument to the clip.exe program, I don't see
> the command line suggestion will work.
>
> What I do see is "echo off | clip" will result in ADDING another entry
> to the clip history that is blank, because "echo off" is a command to
> disable echoing, not to output the "off" string. There is no stdout
> when turning off or on the echoing feature. I don't end up clearing out
> any entries from the clip history. I end up adding another clip which
> is blank to the clip history.

Before Win10 Version 1809 there was only one clipboard entry. So

echo off | clip

cleared this entry. Now there are 25 entries and the above command
only clears one of the 25 entries (by adding a new, empty one and
therefore shifting out the last one in the history). To clear all
25 entries you now have to add 25 new one which can be done by:

for /l %i in (1,1,25) do (echo %i|clip&timeout 1)

Re: New Windows 10 Clipboard Security

<1xb7f6yf4rh5r.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62429&group=alt.comp.os.windows-10#62429

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 17:00:28 -0500
Organization: Usenet Elder
Lines: 154
Message-ID: <1xb7f6yf4rh5r.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e83u$8ok$1@gioia.aioe.org> <t5e8s7$3d5$1@dont-email.me> <nkh9qb4uem08.dlg@v.nguard.lh>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 1qwAVx6S7RpmceNZD+VcMQ9rJ59XdA62FIziE+NjxfRH2Yrl7Z
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:+TtiHmHuNNqzrTVgmGDUWJzll2I=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 10 May 2022 22:00 UTC

VanguardLH wrote:

> knuttle wrote:
>
>> OP: Since I just discovered the new clipboard, have never used it in a
>> production setting.
>
> Same clipboard function (same API calls). Just a new cache (history)
> feature got added.
>
>> I thought that that the Account security could probably be over ridden.
>> SO I don't think I will pursue that Idea.
>
> https://www.startpage.com/do/metasearch.pl
>
> Lots of info on how data can get leaked from the clipboard. Didn't
> bother to check if remote access was addressed. Anyone or any program
> you grant to have remote access to your computer can look at your
> clipboard. The clipboard is no more secure than using a .txt file.

Sorry, Startpage just implemented a restriction in using their site:
URL-based searches are no longer allowed, and searches on their home
page do not update the URL in the address bar to reflect a URL-based
search (so I copied the URL in the address bar without realizing the
search args had not been added). For now, use Google URL-based search,
like:

https://www.google.com/search?q=windows%20clipboard%20security

or go to the home page of any search engine you want to use, and search
on:

windows clipboard security

__________

Just discovered a failing with Startpage: when you do a search, they
don't change the URL in the address bar to reflect the search criteria
in the URL. Entering "windows clipboard security" in their home page
search field should change the URL to:

https://www.startpage.com/do/search?q="windows clipboard security"

but instead I get:

https://www.startpage.com/sp/search

which is worthless to show others on how I searched.

Okay, I used Google to search on "windows clipboard security" which
changed the address bar to show:

https://www.google.com/search?q=windows%20clipboard%20security
(I edited out all the other crap from their URL.)

Also, if I do a lot of searches in a row, apparently Startpage pukes
with a web page saying:

We apologize for the inconvenience: to prevent possible abuse of our
service, your ability to connect to Startpage has been suspended at
this time.

This happens when a large number of search requests are received from
a particular internet connection during a short period of time.

I've hit this with forums where they limit searches to, say, one every 5
minutes. This is unreasonable for a search engine to implement. About
a minute or two had to elapse before I could do another Startpage
search. I was then able to do searches one after the other with no
pause (other than waiting for the search results to show up), so I don't
know what quota threshold that I hit. This was not using the home page
(startpage.com) to enter the search criteria. This was when using a URL
that specified the search criteria, like:

Whether I used the home page to enter search criteria, or used a URL in
the address bar, Google never bitched about me doing too many searches.
Startpage doesn't bitch when I use their home page, but might when
specifying a URL to do the search (i.e., the search criteria are in the
URL). I use bookmark shortcuts in Firefox to do searches, like:

s windows clipboard security

The bookmark for Startpage in Firefox is defined as:
keyword = s
URL = https://www.startpage.com/do/search?q=%s

%s is the placeholder for the string I specify after the "s". I have a
folder full of subfolders defining keywords and URLs for many search
engines. Much easier for me to enter the keyword and search string than
to waste time visiting the home page of a search site. For example, I
can enter "dict <string>" to go to dictionary.com to look up a word
instead of visiting dictionary.com and then enter the string on which to
search.

This is new behavior at Startpage. I've never before encountered
Startpage puking out a rate threshold exceeded message on a URL-based
search submitted to them. It only happens when I use a URL-based
search, like:

https://www.startpage.com/do/search?q="windows clipboard security"

Not a problem if I waste time going to their home page to input the
search string into the input field. This sucks. I've been using
keyword/URL shortcuts for decades, and this is the first search engine
that refuses to allow URL-based searches. They didn't before, now they
refuse to accept URLs with search criteria.

Google doesn't have a problem with URL-based searches, and they also
change the URL in the address bar to reflect the URL with the search
criteria added. Duck Duck Go also changes the URL to show the search
args, and URL-based searches aren't throttled. Wikipedia works okay to
reflect search args in the URL and accept URL-based searches. I now
have 32 bookmarks in Firefox with keywords and URL definitions to let me
enter "<prefix> <searchstring>" in the address bar to do URL-based
searches. The only one that fails is for Startpage who no longer
accepts URL-based searches (and the first one that I noticed doesn't
change the address bar to reflect the URL with search args after
performing a search)".

I'll have to switch to DDG as my default search engine despite they are
located in the USA (susceptible to NSLs) verus Startpage (outside a
5-eyes country). Startpage has their anonymous view (clicking on a
search result visits the target site through their VPN, so the target
site can't track you). DDG doesn't have this feature. Startpage
searches are not throttled with filtering unless you enable it. Same
for Google. DDG has moderate filtering turned on, by default.

While I can go to youtube.com, dictionary.com, startpage.com, and other
web sites with search functionality to right-click in the address bar to
use "Add <searchname>" to add that search provider to the "Default
Search" and "Search Shortcuts" lists to pick whichever I want as the
default search engine, I cannot do that with duckduckgo.com. Same for
bing.com. DDG doesn't support the OpenSearch format.

https://developer.mozilla.org/en-US/docs/Web/OpenSearch

I deleted all the superfluous search providers a while back. I cannot
use the OpenSearch method of adding DDG to the list of default search
providers to then select it as the default. The only I can get DDG
added as a search provider to then pick it as the default is to use
"Restore Default Search Engines" which adds DDG, and several other
search providers I don't use except a couple via keyword shortcuts in
bookmarks to them (you specify the keyword as a prefix in the address
bar followed by the search criteria). After restoring Mozilla's preset
list of search providers then I can pick DDG as the default one. Too
bad DDG doesn't support OpenSearch which is not just a Mozilla standard,
but also used in Edge, Chrome, and other web browsers. All DDG would
have to do is add an <OpenSearchDescription> tag. Same for Bing: they
don't support OpenSearch, so I have to restore the entire preset list
from Mozilla, delete the unwanted others, and then Bing is available to
select as the default search engine. Then I have to re-delete the
superfluous providers in the "Search Shortcuts" list.

Re: New Windows 10 Clipboard Security

<1t7k8dufhe7f9.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62430&group=alt.comp.os.windows-10#62430

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Tue, 10 May 2022 17:48:49 -0500
Organization: Usenet Elder
Lines: 82
Message-ID: <1t7k8dufhe7f9.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e83u$8ok$1@gioia.aioe.org> <bf5z1bvr11e5.dlg@v.nguard.lh> <t5ekgn$1jbl$1@gioia.aioe.org>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net uFX8Wsi3nTJctUM207xejwMS4cRdoXyTUpNBv466QdwlNbO58c
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:Rjf1pT8ohsat6oI4XACvtmV1gQk=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 10 May 2022 22:48 UTC

Herbert Kleebauer wrote:

> On 10.05.2022 21:13, VanguardLH wrote:
>> Herbert Kleebauer wrote:
>>
>>> VanguardLH wrote:
>>>
>>>> Some articles claim the clipboard history can be disabled from the
>>>> command line by running:
>>>>
>>>> echo off | clip
>>>
>>> That only clears the last entry but there are 25, so you have to use:
>>>
>>> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)
>>>
>>> from the command line. Double the % if used in a batch file.
>>
>> Since "off" is an invalid argument to the clip.exe program, I don't see
>> the command line suggestion will work.
>>
>> What I do see is "echo off | clip" will result in ADDING another entry
>> to the clip history that is blank, because "echo off" is a command to
>> disable echoing, not to output the "off" string. There is no stdout
>> when turning off or on the echoing feature. I don't end up clearing out
>> any entries from the clip history. I end up adding another clip which
>> is blank to the clip history.
>
> Before Win10 Version 1809 there was only one clipboard entry. So
>
> echo off | clip
>
> cleared this entry. Now there are 25 entries and the above command
> only clears one of the 25 entries (by adding a new, empty one and
> therefore shifting out the last one in the history). To clear all
> 25 entries you now have to add 25 new one which can be done by:
>
> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)

The %i variable will hold the incremented numerical value of the
for-loop index. "for /l %i do echo %i" just gives a list in stdout of
numbers 1 to 25 in that many lines. So, wouldn't using %i in "echo %1 |
clip & timeout 1)" end up creating 25 clips showing "1" to "25"?

Instead of clearing out the possible 25 entries in history, you now
created 25 entries showing "1", "2", "3", ..., "23", "24", "25". If you
had only 5 entries, you end up wiping them out but by showing numbers in
each one, and added another 20 entries with numbers in them, too.

Seems your command line needs changing to:

for /l %i in (1,1,25) do (echo off | clip & timeout 1)

You don't need to use the index var in the command. The timeout is only
needed to allow some time to modify the clip cache, but it does mean
having to wait 25 seconds for the flush to complete. Also, 1 second
delay between each clip command may not be sufficient. I had one
instance issue "ERROR: Access denied". Doubling the timeout means you'd
be waiting 50 seconds for the for-loop to complete.

Adding "> nul" after timeout got rid of the noise output, but each
command waited 1 second, would take 25 seconds to complete, with 1 error
regarding access denied. Upping the timeout to 2 seconds eliminated the
access error, but doubled the run to 50 seconds.

Also, the script you showed was not reliable. On some runs, the clips
did not get cleared. In fact, for me, none of the clips got cleared
except for one even after upping the timeout to 2 seconds. If I added
%1 to echo's stdout (which puts a number into a clip, not clear it), not
all clips got overwritten. Also, pinned clips will not get cleared
using your script.

For the time spent to run the for-loop, it would be faster and reliable
to use Win+V, click on a 3-dot menu for any of the entries, and select
Clear. Unpinned entries get cleared (removed).

The more I've tested the new Windows clip history feature, the more
inclined I am to disabling it, and continue using my 3rd party clip
manager. My clip manager is payware, but there are loads of freeware
clip managers. Although I learned about the new clip history feature
back when it got added in Windows 10 October 2018 Update, I've never
used it except for this type of testing.

Re: New Windows 10 Clipboard Security

<t5foj1$16ka$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62445&group=alt.comp.os.windows-10#62445

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!aioe.org!xHVm1EGFR+wkm00AHonZ7g.user.46.165.242.91.POSTED!not-for-mail
From: kle...@unibwm.de (Herbert Kleebauer)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Wed, 11 May 2022 09:28:33 +0200
Organization: Aioe.org NNTP Server
Message-ID: <t5foj1$16ka$1@gioia.aioe.org>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh>
<t5e83u$8ok$1@gioia.aioe.org> <bf5z1bvr11e5.dlg@v.nguard.lh>
<t5ekgn$1jbl$1@gioia.aioe.org> <1t7k8dufhe7f9.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="39562"; posting-host="xHVm1EGFR+wkm00AHonZ7g.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.9.0
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-US
 by: Herbert Kleebauer - Wed, 11 May 2022 07:28 UTC

On 11.05.2022 00:48, VanguardLH wrote:

>> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)
>
> The %i variable will hold the incremented numerical value of the
> for-loop index. "for /l %i do echo %i" just gives a list in stdout of
> numbers 1 to 25 in that many lines. So, wouldn't using %i in "echo %1 |
> clip & timeout 1)" end up creating 25 clips showing "1" to "25"?

Yes.

> Instead of clearing out the possible 25 entries in history, you now
> created 25 entries showing "1", "2", "3", ..., "23", "24", "25". If you
> had only 5 entries, you end up wiping them out but by showing numbers in
> each one, and added another 20 entries with numbers in them, too.

Clearing means to delete any information in the clipboard so
it can't be a read by other people. There is no problem if
they get the numbers 1-25.

> Seems your command line needs changing to:
>
> for /l %i in (1,1,25) do (echo off | clip & timeout 1)

That doesn't work. Windows is (sometimes) smart enough to
not waste a clipboard entry with data which is already
stored in an other entry.

> Also, the script you showed was not reliable. On some runs, the clips
> did not get cleared. In fact, for me, none of the clips got cleared
> except for one even after upping the timeout to 2 seconds.

As I said, Windows sometimes is smart.

> If I added
> %1 to echo's stdout (which puts a number into a clip, not clear it), not
> all clips got overwritten.

Then, instead of increasing the timeout, maybe:

for /l %i in (1,1,25) do (start /wait echo %i^|clip^&exit)

> Also, pinned clips will not get cleared
> using your script.

Isn't that the purpose of pinned clips that they are not deleted?

Re: New Windows 10 Clipboard Security

<t5ght7$rhq$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62453&group=alt.comp.os.windows-10#62453

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: Eri...@Bloch.com (Zaidy036)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Wed, 11 May 2022 10:40:39 -0400
Organization: A noiseless patient Spider
Lines: 82
Message-ID: <t5ght7$rhq$1@dont-email.me>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh>
<t5e9bk$e73$1@dont-email.me>
Reply-To: Zaidy036@air.isp.spam
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 11 May 2022 14:40:39 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="a56d8aa5fd1fa5c8a815c3024a12fd62";
logging-data="28218"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18L2HTzXrGNAKyd1knnRPnENEqSXfopxeM="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.9.0
Cancel-Lock: sha1:xN+xmkbykYltRUBY+omq0GF/lrE=
In-Reply-To: <t5e9bk$e73$1@dont-email.me>
Content-Language: en-US
 by: Zaidy036 - Wed, 11 May 2022 14:40 UTC

On 5/10/2022 2:02 PM, Zaidy036 wrote:
> On 5/10/2022 12:42 PM, VanguardLH wrote:
>> knuttle wrote:
>>
>>> I just learned about the new W10 Clipboard, and could see several uses
>>> for it, especially the ability to pin items to it.
>>>
>>> One that came to mind was to pin passwords to it so you did not have to
>>> type them all of the time.
>>>
>>> As part of a volunteer job I use another computer periodically.  There
>>> are several passwords needed for that computer, that would be nice to
>>> put into the clipboard.
>>>
>>> I have never used multiple accounts and was wondering if I would create
>>> a new account on the volunteered computer and then pin the passwords to
>>> the clipboard in that new account; would they be available only to me or
>>> can any account access the data in the clipboard.
>>>
>>> OR are the contents of the new clipboard unique to the account where
>>> they were created, or are they available to all accounts on the
>>> computer.
>>
>> There are lots of utilities that clear the clipboard along with lots of
>> other cleanup.  As a test, I saved several clips which then showed in
>> the clipboard history.  I pinned 2 of the clips.  I ran CCleaner, and
>> the clipboard history got cleared except for the pinned entries.  I
>> saved a few clips again, and ran the Disk Cleanup included in Windows
>> (and which has a scheduled event to periodically do that cleanup), but
>> the clips survived.  Whether the clips survive depends on how the user
>> does the cleanup, and I cannot attest to the survivability of pinned
>> clipboard history entries for other cleaners.
>>
>> Any software can programmatically manage the Windows clipboard.  That's
>> how all the clipboard managers work.  I use one called ClipMate.  Since
>> the clipboard is accessible via API, any software can access the
>> clipboard, including malware.
>>
>> https://docs.microsoft.com/en-us/windows/win32/dataxchg/clipboard
>> https://docs.microsoft.com/en-us/dotnet/api/system.windows.clipboard?view=windowsdesktop-6.0
>>
>>
>> There have been reports by users that a huge clipboard history cache
>> slows down Windows, and the cure was to clear the clipboard history.  It
>> is also the user'll the clipboard managers work.  I use one called
>> ClipMate.  Since the clipboard is accessbut pinned entries survive.
>> However, disabling the clipboard history wipes all entries.
>>
>> Some articles claim the clipboard history can be disabled from the
>> command line by running:
>>
>>    echo off | clip
>> That pipes the "off" string into clip.exe.  However, that didn't work
>> for me even in an elevated command shell.  When I run "clip /?", "off"
>> is not a valid parameter.  When I run "clip off", that doesn't work,
>> either (get "Invalid argument").  Maybe it worked once in an older
>> build, but not in mine (21H2).
>>
>> Saving passwords into the clipboard history is not a secure method of
>> storing passwords.  Any program can programmatically access the
>> clipboard's entries.  Saving passwords into the clipboard history is
>> equivalent to saving them in an unprotected .txt file.  There is nothing
>> secret for data stored in the clipboard history.
>
> look at <https://nircmd.nirsoft.net/clipboard.html>

Using Win 10 Pro. NirCmd does NOT clear the keyboard history.

Clear everything by going to Settings-Clipboard and toggle it Off-On.
There is also a button to clear all except pinned items which is the
same as opening the history GUI, selecting an item, click on the three
dots, and select "Clear All".

One can make a batch to do either of the above using a button pusher
like PTFBpro.exe and maybe AutoIt. Direct access to the settings is by
using the following cmd: START "" MS-SETTINGS:clipboard

The following appears to work as a shortcut or batch:
<https://winbuzzer.com/2021/06/18/how-to-clear-the-clipboard-in-windows-10-with-a-shortcut-xcxwbt/>

Re: New Windows 10 Clipboard Security

<1kv7vndgqlb9x.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62539&group=alt.comp.os.windows-10#62539

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!rocksolid2!i2pn.org!usenet.goja.nl.eu.org!3.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
Date: Fri, 13 May 2022 23:42:20 -0500
Organization: Usenet Elder
Lines: 65
Message-ID: <1kv7vndgqlb9x.dlg@v.nguard.lh>
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e83u$8ok$1@gioia.aioe.org> <bf5z1bvr11e5.dlg@v.nguard.lh> <t5ekgn$1jbl$1@gioia.aioe.org> <1t7k8dufhe7f9.dlg@v.nguard.lh> <t5foj1$16ka$1@gioia.aioe.org>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 5aq8MSqsivAABSsNXiUpUg6W686wZYXaPpwnqqzqkQsxLVu5T2
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:1lEKZBAoL6ZCpTbYHjK7cvUZZ50=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Sat, 14 May 2022 04:42 UTC

Herbert Kleebauer wrote:

> On 11.05.2022 00:48, VanguardLH wrote:
>
>>> for /l %i in (1,1,25) do (echo %i|clip&timeout 1)
>>
>> The %i variable will hold the incremented numerical value of the
>> for-loop index. "for /l %i do echo %i" just gives a list in stdout of
>> numbers 1 to 25 in that many lines. So, wouldn't using %i in "echo %1 |
>> clip & timeout 1)" end up creating 25 clips showing "1" to "25"?
>
> Yes.
>
>> Instead of clearing out the possible 25 entries in history, you now
>> created 25 entries showing "1", "2", "3", ..., "23", "24", "25". If you
>> had only 5 entries, you end up wiping them out but by showing numbers in
>> each one, and added another 20 entries with numbers in them, too.
>
> Clearing means to delete any information in the clipboard so
> it can't be a read by other people. There is no problem if
> they get the numbers 1-25.

Your definition. Not what others expect.

>> Seems your command line needs changing to:
>>
>> for /l %i in (1,1,25) do (echo off | clip & timeout 1)
>
> That doesn't work. Windows is (sometimes) smart enough to
> not waste a clipboard entry with data which is already
> stored in an other entry.

Didn't know that. I thought it was just the pinned entries it skipped.

>
> > Also, the script you showed was not reliable. On some runs, the clips
> > did not get cleared. In fact, for me, none of the clips got cleared
> > except for one even after upping the timeout to 2 seconds.
>
> As I said, Windows sometimes is smart.

Smart by erroring on a subsequent command when the first hasn't yet
completed? More like the user doesn't realize commands can return
before issuing a status code. Maybe building a command line, using &&
between commands, and then executing the chained command would get the
parser to wait until the prior command return an errorlevel status. To
me, the error is caused by trying to execute clip.exe before the prior
instance actually got done.

>
> > If I added
> > %1 to echo's stdout (which puts a number into a clip, not clear it), not
> > all clips got overwritten.
>
> Then, instead of increasing the timeout, maybe:
>
> for /l %i in (1,1,25) do (start /wait echo %i^|clip^&exit)

The "start /wait" is the same as using && to wait until a command
finishes and issues an errorlevel of 0 (zero) before allowing the next
command in the chain to execute. Either would work.

However, I still don't think anyone but you thinks writing is the same
as clearing. Overwriting will obliterate data, but that's not clearing
it. Yeah, I know, I say po-tay-toh and you say po-tah-toh.

Re: New Windows 10 Clipboard Security

<XnsAE97678A63F2COhmmmmmmm@85.12.62.219>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=62548&group=alt.comp.os.windows-10#62548

 copy link   Newsgroups: alt.comp.os.windows-10
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx09.iad.POSTED!not-for-mail
Newsgroups: alt.comp.os.windows-10
Subject: Re: New Windows 10 Clipboard Security
From: Breeder_...@That's.my.name_Don't.wear.it.out (Bucky Breeder)
References: <t5dk8d$jfc$1@dont-email.me> <17aya2k309t7h.dlg@v.nguard.lh> <t5e83u$8ok$1@gioia.aioe.org> <bf5z1bvr11e5.dlg@v.nguard.lh> <t5ekgn$1jbl$1@gioia.aioe.org> <1t7k8dufhe7f9.dlg@v.nguard.lh> <t5foj1$16ka$1@gioia.aioe.org> <1kv7vndgqlb9x.dlg@v.nguard.lh>
Organization: AWESOMENESS IS ITS OWN REWARD!
Message-ID: <XnsAE97678A63F2COhmmmmmmm@85.12.62.219>
User-Agent: Xnews/2009.05.01
X-Face: ->>6wZ*>9r!(Myik]B;=rGj%wLw9"fb\If;UQ5eyvM=x\`/{0xfYrQ/qzEXBiu_yKLD-pAm.X9?W3zciFS"wy_9}2XHTk!5zc9kojiNT@GoO<bnai%gc;;{7}MA@uR2&;R<k2Z943kc;MmTi,GL)BblFlxVM~7yPgTvEgns-p!/N8ma`iq&f.g{x;8#<QUa*%OCGj$zJ3blvi?W6,;BD*=~0#vcL;}#glM_e}mg46$|F0ydKheR(dqT|Jk,oel6em
Lines: 21
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Sat, 14 May 2022 15:10:43 UTC
Date: Sat, 14 May 2022 15:10:43 GMT
X-Received-Bytes: 1573
 by: Bucky Breeder - Sat, 14 May 2022 15:10 UTC

VanguardLH <V@nguard.LH> posted this:

> Didn't know that. I thought it was just the pinned entries it skipped

Whineytard Poopy-Pants VanguardLH was probably having a "moment" because Mike
Easter had loaded "their" geriatric diapers again.

According to the internet, this is VanguardLH's own personal web page:

<https://tinyurl.com/ytn4mayc>

Hope this hleps.

--

I AM Bucky Breeder, (*(^;

And *NO*, that is *NOT* a Jedi Light Saber I have in my pocket!

But that doesn't necessarily mean I'm happy to see you either.

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor