I published the following diary on isc.sans.edu: “Show me Your Clipboard Data!“:
Yesterday I’ve read an article about the clipboard on iPhones and how it can disclose sensitive information about the device owner. At the end of the article, the author gave a reference to an iPhone app that discloses the metadata of pictures copied to the clipboard (like the GPS coordinates).
This is true, our clipboards may contain sensitive information likeâ€¦ passwords, private URLs, confidential text, and man more! About passwords, many password managers use the clipboard to make the userâ€™s life easier. You just need to paste data exported by the password manager in the password field. Some of them implement a technique to restore the content of the clipboard with previous data. This is very convenient but it is NOT a security feature. Once data has been copied into the clipboard, it can be considered as â€œlostâ€ if other applications are monitoring its content… [Read more]