Security: delete last clipboard item after few seconds #33
Labels
Comments
|
Need to think how it could be done in a more secured way. Possibly it could be done with a different flow:
|
|
+1 for this. I know Lastpass has the option to clear the clipboard after a few seconds. So you could implement a timer that only copies the note into Clipto after that set time, so when Lastpass deletes it, it never gets copied into Clipto. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Enhancement suggestion:
Since Android 10 there is a big improvement concerning clipboard data privacy.
Only the app that currently has focus (or an input method editor) is able to access clipboard data:
https://developer.android.com/about/versions/10/privacy/changes#clipboard-data
Before Android <10 the problem was much bigger:
https://github.com/grepx/android-clipboard-security
Unfortunately still a lot of people use older android versions and the security problem (if someone puts sensitive infomation like passwords into clipboard) even with android 10 is not gone completely (and problably will never be ever).
Possible solution:
I think clipboard-data in android (and most operating systems) is always just ONE database record. So the clipboard "history" must be in Clipto's app database except the last / current data record.
In the settings area you could offer an option to activate erase of clipboard for example after 10 or 30 seconds. If this option is activated the user has limited time to do whatever they want (edit, create tags, etc) before the following happens:
After the given time (for example 30 seconds) another (malicious) app would not be able to access the sensitive clipboard data anymore BUT also the data would be still available for the user within Clipto to use it later again if necessary (and delete it manually later).
The text was updated successfully, but these errors were encountered: