Am 21.05.2017 um 01:54 schrieb Andrew David Wong: > On 2017-05-17 23:49, tokidev wrote: >> Hello everyone, > >> like the subject already says, I'd like to request for a feature which >> shows the exact clipboard size when hitting the magic hotkey Ctrl-Shift-C. > >> Due to lack of hardware, I didn't test if this is already the case, but >> I couldn't find any suggesting. > >> AFAIK, after hitting the mentioned hotkey there appears a dom0 message >> box confirming that hit. This seems to be the ideal place where to >> inform the user about the current clipboard size. > >> The aim is to enable the user to estimate if the clipboard seems to be >> reasonable without parsing it. As Joanna mentioned here [1], parsing is >> potentially dangerous. So, this feature here could be a practicable >> middle course. > >> I know that this should not let the user feel safe. Even with this >> feature, it's still potentially dangerous to copy from a less trusted VM >> to a more trusted one. However, this feature could prevent some >> malicious attacks in an easy way, independent from the trust to a VM. > >> Let's say, a malware tries to put harmful code into the clipboard a >> hundred times per second, thus, it'll override the users clipboard >> content before pasting it and also before hitting Ctrl-Shift-C. Okay, I >> have to admit that an even smarter malware might keep the size of the >> big enough clipboard when putting its payload to it. > >> Of course, the user should be "trained" in guessing the necessary >> clipboard size before using that feature. A new "Estimating Clipboard >> Size" documentation section or page, showing examples for ASCII plain >> text, UTF-8 plain text, HTML text, images etc., could help. > >> Besides that, it could be useful to show the size again after hitting >> the magic hotkey Ctrl-Shift-V. > > >> What do you think about it? > >> Kind regards, >> Tobias > >> [1] https://groups.google.com/d/msg/qubes-devel/JJN9GZMmp5s/AW7gzjK1tEgJ > > > > Interesting idea. If I understand correctly, it would working something > like this: > > I copy one sentence, and the dom0 notification says something like, > "Copied X bytes to the clipboard." > > But if, instead, I copy one sentence, and the notification says, "Copied > X *kilobytes* to the clipboard," then this tips me off that the VM from > which I copied has replaced my single sentence with a large, potentially > malicious payload. > > Is that the idea? > >
Exactly! It could also work the other way around: Let's say, in the GIMP you copy a large bitmap image but afterwards the clipboard is just a few hundred bytes big. I prefer to show the exact number of bytes, besides an optional representation with a unit prefix when numbers become very big, e.g., "Copied 2,560 bytes (2,5 kiB) to the clipboard." but "Copied 128 bytes to the clipboard." Of course, the bigger the expected clipboard size the more difficult to estimate that size. Thus, for providing the user a measure, the message could also say something like "This could be a big sentence in plaintext or a few file names." or "This could be e.g. a bitmap image of size 1024x1024 or an MP3 file of around 2 minutes." A nicer approach: Assuming that it's safe to extract the type(s) of the clipboard content(s) then those estimates could be in relation to that type(s), e.g.: "Copied 2,560 bytes (2,5 kiB) to the clipboard. Content type: Uncompressed bitmap image. Estimated dimensions: - 29x29 pixels at 24-bit color resolution. - 50x50 pixels at 8-bit color resolution. - 143x143 pixels at 1-bit color resolution." Tobias -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/7a22d647-439e-ec8c-6747-4ab83b3f14f3%40posteo.de. For more options, visit https://groups.google.com/d/optout.
