On Dec 14, 2009, at 2:38 PM, Adam Barth wrote:
On Mon, Dec 14, 2009 at 2:13 PM, Tyler Close <[email protected]>
wrote:
For example, the
User Consent Phase and Grant Phase above could be replaced by a
single
copy-paste operation by the user.
Any design that involves storing confidential information in the
clipboard is insecure because IE lets arbitrary web sites read the
user's clipboard. You can judge that to be a regrettable choice by
the IE team, but it's just a fact of the world.
Information that's copied and pasted is highly likely to leak in other
ways than just the IE paste behavior. For example, if it looks like a
URL, users are likely to think it's a good idea to do things like
share the URL with their friends, or to post it to a social bookmark
site, or to Twitter it, or to send it in email. Even if it does not
look like a URL, users may think they need to save it (likely
somewhere insecure) so they don't forget.
Regards,
Maciej
