×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Adobe Flash Ads Launching Clipboard Hijack Attacks

kdawson posted more than 5 years ago | from the poisoning-the-ad-pool dept.

Security 353

bullyBEEF writes "Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In the Web attacks, which affect Mac, Windows, and Linux users running Firefox, IE, and Safari, bad guys are seizing control of the machine's clipboard (probably using the Flash command setClipboard) and inserting a hard-to-delete URL that points to a fake anti-virus program. A number of legitimate sites have been seen to host ads carrying the attack — including Newsweek, Digg, and MSNBC.com. Researcher Aviv Raff offers a harmless demo of how it's done."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

353 comments

Clicked on the flash area in NoScript in the demo (2, Informative)

Derek Pomery (2028) | more than 5 years ago | (#24667473)

But although the flash launched, that wasn't enough to get the attack going.
And given how much it takes for me to do even that, I don't think NoScript users have much to be worried about.

Opposite experience (2, Informative)

Anpheus (908711) | more than 5 years ago | (#24667873)

I enabled the object in Firefox 3.0.1 with NoScript 1.7.8, Flash version is 9.0r124, and yes, it did set my clipboard.

Re:Opposite experience (1)

Derek Pomery (2028) | more than 5 years ago | (#24668251)

NoScript 1.7.8
Shockwave Flash 10.0.0 d569
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008072820 Firefox/3.0.1
Ubuntu

Did you whitelist the domain for javascript as well, or just click on the flash?
Wonder if it was using 10.0.0 or if I was just lucky.

Re:Clicked on the flash area in NoScript in the de (3, Insightful)

unlametheweak (1102159) | more than 5 years ago | (#24668125)

These days you have to go out of your way to avoid flash by learning about and installing less popular Web browsers like Firefox and installing extensions (Add-ons) like NoScript that you have to educate yourself about. These days even browsers like Firefox come pre-installed with crapware and bloatware like Microsoft DRM and Shockwave Flash. These things I have manually disabled.

I often hear people on Slashdot claiming that Flash is safe, but I also constantly hear about flash-based exploits as well. To most Slashdot users I would think Flash would be relatively safe, however most people are not Slashdot users.

The Internet is becoming less accessible to me as the years go by. There is no need for Flash or Java or JavaScript (to navigate to a URL for example). I can only perceive malicious reasons why Web developers would try to force people to use these technologies.

When a Web site says Flash, JavaScript, Silverlight, Internet Explorer or anything else is required then that Website is never again visited. One must separate the wheat from the chaff.

what sort of flash? (5, Funny)

Anonymous Coward | more than 5 years ago | (#24667481)

"Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards..."

booby flash?

Hard to remove? (1)

TubeSteak (669689) | more than 5 years ago | (#24667493)

I closed the demo window and Ctrl-C works as normal

Re:Hard to remove? (4, Interesting)

INeededALogin (771371) | more than 5 years ago | (#24667825)

I closed the demo window

The average user is not going to know that they have been hijacked and they won't necessarily know which window is doing it. The clipboard hijacker could even wait until you copy a url before modifying it.

Block ads (1)

Matt Perry (793115) | more than 5 years ago | (#24667495)

This is yet one more reason why I block all ads.

Re:Block ads (0, Offtopic)

actionbastard (1206160) | more than 5 years ago | (#24667681)

"Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles."

"Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdotal Battles."
There, I fixed your sig for you. You're welcome.

Re:Block ads (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#24667987)

No, you changed the meaning of his sig. "Anecdote battles" means a battle of anecdotes. "Anecdotal battles" means anecdotes about battles.

It was already fine grammatically.

If you're going to be pedantic, you should take a few remedial English courses yourself.

Re:Block ads (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#24668201)

No, you changed the meaning of his sig. "Anecdote battles" means a battle of anecdotes. "Anecdotal battles" means anecdotes about battles.

While you're correct that the poster changed the meaning, you're still wrong.

Anecdotal battles means battles which are anecdotal in nature, anecdotal is an adjective here. Now, as far as to what that actually ends up meaning, I'm not entirely sure. :-P

Your pedantry, while well intentioned, is still in need of some remedy. ;-)

flashblock (5, Informative)

owlnation (858981) | more than 5 years ago | (#24667499)

as though we really need yet another reason to use flashblock...

This one small piece of technology has made browsing the web bearable again. I can't ever thank its developers enough.

Re:flashblock (1)

corsec67 (627446) | more than 5 years ago | (#24667529)

I got a step further, and have a primary browser that doesn't have flash installed, and then a second browser with flash and flashblock, for the rare time when I actually want to watch a flash video.

Re:flashblock (4, Informative)

enoz (1181117) | more than 5 years ago | (#24667725)

You could just create multiple profiles in Firefox, and then load the secondary profile with "-no-remote" so that it doesn't intercept any URLs or clicks that would normally load in your primary browser.

Re:flashblock (1)

maxume (22995) | more than 5 years ago | (#24667835)

Why?

If you do it that way so that people think you don't have flash installed, you should realize that no one cares if you have flash installed or not (putting it another way, the few people who are actually looking at the installed base when they consider using flash are making their decisions based on the enormous majority that does have flashed installed, not based on the puny minority that does not have flashed installed).

Re:flashblock (4, Interesting)

FictionPimp (712802) | more than 5 years ago | (#24668127)

I have talked quite a few companies out of using flash while consulting for them. I have used many legitimate reasons. Accessibility for the disabled, backwards compatibility, not using a business model dependent on a 3rd parties proprietary software, and the general annoyance of most users when they encounter a flash based website. I have found that a nice clean site developed with good web standards can do 99% of what most people want to do with flash. It will fail better on older browsers, it will load faster (in most cases), and it will be more usable by the customer with the least amount of work (larger fonts, screen readers, alternate color schemes, opening windows in new tabs, bookmarking, etc).

IMHO, companies that choose to use flash do so because they don't have the resources to see there are better choices AND they already know flash.

Re:flashblock (1)

unlametheweak (1102159) | more than 5 years ago | (#24668227)

That reminds me of the 1990's when JavaScript and pop-up ads were very popular. Most people had dial-up Internet access back then and would cancel out of a pop-up ad before it even loaded. About 5 or 6 years later I read a story on ZDNet that companies were starting to re-think their use of pop-up ads because they found that a lot of people cancel out of them before they finish loading. It's a shame that business leaders and Managers need consultants to tell them what everybody else already knows about bad technology and bad business practices.

Flashblock doesn't work here (2, Interesting)

Anonymous Coward | more than 5 years ago | (#24668223)

I am visiting the test site using Firefox with Flashblock on Ubuntu 8.04. I press Ctrl+V, and there it is, http://www.evil.com.

This only happens sporadically, though, and I can always just Ctrl+C something else. I believe this is because Flashblock blocks ads as they are loaded, not before they load (not 100% sure about this).

Does anybody else have this issue?

confirmed on mac os x 10.5.4 (4, Informative)

v1 (525388) | more than 5 years ago | (#24667501)

it copied "http://www.evil.com/ to my clipboard. Any app I pasted into pasted that url. I tried many apps to copy something to the clipboard but it remained evil.

The article says in one place you have to restart, and in another you have to close your browser window. I found that closing safari was not sufficient, and I had to quit safari to successfully copy different data into my clipboard with other apps.

Re:confirmed on mac os x 10.5.4 (5, Funny)

ScentCone (795499) | more than 5 years ago | (#24667547)

confirmed on mac os x 10.5.4

I'm sorry, but you're using a Mac and anything like this is completely impossible. Why do you hate Mac users, that you would say such a disturbing thing? You are mean.

Re:confirmed on mac os x 10.5.4 (0)

Anonymous Coward | more than 5 years ago | (#24668031)

It is not Mac's fault Adobe totally fucked up Flash. I blame PC!

Re:confirmed on mac os x 10.5.4 (5, Informative)

Mr. Marabou Man (533239) | more than 5 years ago | (#24667573)

Yeah ? Interesting. On my setups (Firefox 3.0.1 on Slackware & Tiger, Safari 3.1.2 on Tiger), closing the tab is sufficient to make it go away. YMMV, obviously.

Re:confirmed on mac os x 10.5.4 (2, Informative)

mr_mischief (456295) | more than 5 years ago | (#24668115)

Closing just the tab worked for me on these browsers on Mandriva:

Firefox 3.0.1 (from Mozilla's site)
Firefox 2.0.0.16 (from the repository).
Opera 9.50 (from Opera's site)

Too lazy right now to fire up Windows or Mac.

Re:confirmed on mac os x 10.5.4 (1)

azav (469988) | more than 5 years ago | (#24667611)

Since Flash files are easily unptrotected and opened up, it would be interesting to see how this is happening. I'll bet that the flash file populates the clipboard several times a second as the flash frame advances. I'm interested how this flash movie stays in memory and keeps running. I seems like it attaches to something to keep its instance running.

Re:confirmed on mac os x 10.5.4 (0)

Anonymous Coward | more than 5 years ago | (#24667785)

I copied something in notepad++ and had no problems.

Re:confirmed on mac os x 10.5.4 (2, Insightful)

pushing-robot (1037830) | more than 5 years ago | (#24667795)

Here on 10.5.4/Safari 3.1.2, closing the browser window/tab or simply navigating to another page fixes it.

Still, it's disturbing that a web site can copy data to the clipboard without permission. Browser makers need to make plugin content opt-in (a la flashblock), or at least run plugins in a very limited sandbox until the user requests otherwise.

Re:confirmed on mac os x 10.5.4 (1)

marxmarv (30295) | more than 5 years ago | (#24668105)

How would you run plugins in a sandbox without running them in a VM? And then, what's the point of the plugin if it isn't native code? Plugins do exactly what they should. Blame the plugin authors for being so obnoxious and presumptive.

Re:confirmed on mac os x 10.5.4 (0, Flamebait)

fermion (181285) | more than 5 years ago | (#24667849)

Honestly, when Apple put out Safari without a built in flash blocker, it spelt the beginning of the end. Apple now, like MS, treats users as a means to generate a long term profit stream, not like a customer who paid a huge amount of money for a machine and expects to be treated as a customer.

Fortunately there is camino. Unfortunately most people don't use it. Flash is really enemy #1 in terms of security, and it would be nice if Adobe would build in a mandatory stop/start button into the specification. Fortunately, there is still no flash on the iPhone, and if we are lucky there never will be.

Re:confirmed on mac os x 10.5.4 (1)

jcr (53032) | more than 5 years ago | (#24668019)

Honestly, when Apple put out Safari without a built in flash blocker,

Go to Safari Preferences, select the security tab and uncheck the "Enable plug-ins" box.

-jcr

Re:confirmed on mac os x 10.5.4 (0)

Anonymous Coward | more than 5 years ago | (#24668089)

Fortunately, there is still no flash on the iPhone, and if we are lucky there never will be.

Why does it matter? You can't copy and paste on an iPhone anyways! :P

Re:confirmed on mac os x 10.5.4 (1)

FictionPimp (712802) | more than 5 years ago | (#24668199)

I'd love to use Camino. I need foxmarks, firebug, something like 'distrust' and stumble. Give me that and I'd switch in a heart beat.

AKERT THE PRESSES! (0)

Anonymous Coward | more than 5 years ago | (#24667509)

I can't copy/paste my links to porn anymore!

I would login to post a comment.... (0)

Anonymous Coward | more than 5 years ago | (#24667515)

But I can't get http://www.evil.com out of my clipboard now to use my password manager.

It may not be this (0)

Anonymous Coward | more than 5 years ago | (#24667517)

But there is something going on with ads and the page load for slashdot.

Re:It may not be this (3, Informative)

riceboy50 (631755) | more than 5 years ago | (#24667821)

If you are using FF3 and beta Firebug, then you are probably seeing the DOM corruption bug that I see when ads are inserting into the DOM. The symptom is that the whole page disappears except for that ad. I've seen this behavior on several sites, including /. I haven't figured out a remedy yet except to disable Firebug, and we all know that's not going to happen!

Re:It may not be this (1)

mr_mischief (456295) | more than 5 years ago | (#24668123)

You can disable Firebug or just certain Firebug panels for particular web sites if you're using one of the more recent versions.

Write Filter = Best Antivirus (4, Informative)

Z34107 (925136) | more than 5 years ago | (#24667523)

Good thing my laptop runs EWF drivers. Any changes made to the C volume (a solid state drive) made in memory instead. Everything works like you'd expect it to - delete a file and it's gone - until you reboot, that is, and all of your in-memory changes are discarded.

I'd like to see XP Antivirus Pro 2008 thoroughly embed its tendrils... and then survive a restart. No changes are committed unless I manually force it.

Considering that Circuit City will sell you a PC with 6 GB of RAM for $999, I wonder why EWF isn't a standard feature. Probably because somebody would forget that defragging your hard disk would exhaust available RAM and then die, or wonder where that program they just installed went after they rebooted...

Linux has a similar filesystem, I believe it's used for boot CDs. It pairs the read-only volume with a RAM drive, and all writes are cached there and discarded.

Re:Write Filter = Best Antivirus (1)

QuantumG (50515) | more than 5 years ago | (#24667607)

Normal people like to write to their hard disk.

a PC with 6GB of RAM for $999? Really? That's funny, I don't see a shop by [circuitcity.com] option for 6GB.

Re:Write Filter = Best Antivirus (2, Informative)

bgerlich (1035008) | more than 5 years ago | (#24667687)

Try searching in desktops, laptop is not the only option in most stores ... yet.

Re:Write Filter = Best Antivirus (1)

QuantumG (50515) | more than 5 years ago | (#24667783)

Ahh, good point. Thanks. There's even a $699 desktop there. No monitor of course.

Re:Write Filter = Best Antivirus (2, Funny)

x2A (858210) | more than 5 years ago | (#24667777)

"a PC with 6GB of RAM for $999? Really? That's funny"

That's not funny. Funny would involve the computer coming from a man walking into a bar after crossing the road on a chicken, or asking many of those 6gigs of RAM it would take to change a lightbulb. There's no chickens involved here, and definitely no light bulb. I deduce that you're using sarcasm, maybe to convey the idea that you don't believe you can get a computer out of 'em with 6gig RAM... am I right?

This is why I block ads... (1)

Anonymous Coward | more than 5 years ago | (#24667527)

And, also, they're annoying.

Yes, its annoying (2, Interesting)

QuantumG (50515) | more than 5 years ago | (#24667551)

But I fail to see how you can leverage this to gain privs.

If that's possible, then maybe that should be the subject of the article.

Re:Yes, its annoying (1)

larry bagina (561269) | more than 5 years ago | (#24667595)

the idea is that eventually, you'll copy/paste a url into your browser bar (or maybe an outgoing email).

Re:Yes, its annoying (4, Insightful)

QuantumG (50515) | more than 5 years ago | (#24667623)

Umm.. yeah, and then you'll say "sure, install this program I didn't even ask to install". If that's something to be worried about then no amount of "security" is going to protect these people.

Re:Yes, its annoying (2, Insightful)

x2A (858210) | more than 5 years ago | (#24667945)

"no amount of "security" is going to protect these people"

Protect them? Protect us! They get their machines infected, they become latest members of bot nets, flood our mailboxes with spam, his the servers we use with ddos attacks... no we can't protect 100%, but it's in all of our best interests to try, and close off any avenues of attack that we can.

Re:Yes, its annoying (1)

QuantumG (50515) | more than 5 years ago | (#24667955)

"Download this exe and run it for me, I've put the url in your clipboard for you".. exactly what would you have the security community do?

Re:Yes, its annoying (4, Interesting)

slashqwerty (1099091) | more than 5 years ago | (#24667705)

But I fail to see how you can leverage this to gain privs.

I suppose it would be possible to populate the clipboard with corrupted contents, perhaps a string of XML that another app would try to consume. If that other app, designed strictly for desktop use, has a vulnerability in the way it processes said XML an attacker may be able to gain privileges. It's possible such an app will examine the clipboard contents just to determine if it should enable the Paste menu. Which means you could be vulnerable even though you never paste from the clipboard.

Re:Yes, its annoying (1)

mr_mischief (456295) | more than 5 years ago | (#24668153)

Considering there are websites out there that can own a Windows PC just by having someone visit a page with IE, I'd say this is a pretty good attack vector. You might not get many, but you'll get some who copy and paste a URL or accidentally paste it into an email instead of the string they meant and not notice until they've hit enter or clicked send.

Shockwave... (4, Informative)

azav (469988) | more than 5 years ago | (#24667561)

I'll bet you can do it too in Shockwave with copyToClipboard. It is a little trickier though as copytoClipboard holds the reference to the Director member copied IIRC. Thinking about it, any web service that supports the clipboard should be able to do this.

How to fix this: (4, Informative)

MrMista_B (891430) | more than 5 years ago | (#24667581)

http://adblockplus.org/en/ [adblockplus.org]

Problem solved!

Seriously, blocking ads and javascript and flash stuff is like a game for me now, I get a little thrill of victory every time I block one of those things, it's great.

Re:How to fix this: (5, Funny)

AceofSpades19 (1107875) | more than 5 years ago | (#24667593)

You have problems....

Re:How to fix this: (2, Informative)

redcaboodle (622288) | more than 5 years ago | (#24667827)

You have problems....

Surely - because with Adblock you block AFTER you have seen the Flash. So unless the Flash comes from an already blocked source (*.doubleclick.com?) it will already have done its evil magic.

Only if you block all Flash you did not specifically allow you are clear. NoScript should work, then.

And some of us have to develop in Flash (stupid designer - stupid clients) so NoScript is out of the question.

Re:How to fix this: (1)

FictionPimp (712802) | more than 5 years ago | (#24668221)

You realize you can white list your own sites in NoScript. I'm a developer who uses NoScript on my browser. I have no problems.

Re:How to fix this: (1)

Darkness404 (1287218) | more than 5 years ago | (#24667685)

A better way to fix it would be a good /etc/hosts file that blocks all adservers and malware. So even if it did direct you to an evil site, it would be blocked.

Re:How to fix this: (1)

maxume (22995) | more than 5 years ago | (#24667895)

And if you get directed to a site run by a dude that they guy running the blacklist doesn't like, you get blocked.

You have to trust someone, somewhere, sometime, but blocking hundreds or thousands of sites because some guy on the internets said so is not a very attractive solution.

Re:How to fix this: (0)

Anonymous Coward | more than 5 years ago | (#24667759)

Don't forget flashblock either for firefox.

As I am fond of saying (1)

smitty_one_each (243267) | more than 5 years ago | (#24667863)

I get a little thrill of victory every time I block one of those things, it's great.

Who is pleased easily is pleased often.

Lame results with Linux (5, Informative)

keeboo (724305) | more than 5 years ago | (#24667633)

Well I accessed the page under Linux and Firefox 2 and the following things happened:

The middle mouse button pastes as usual.
The hijacked content only appeared with CTRL-V.

All I need to do is to close the page tab and it's gone.

Disappointing.

Re:Lame results with Linux (2, Insightful)

marxmarv (30295) | more than 5 years ago | (#24668141)

I think that's an X11 anachronism you're dealing with there. No idea why it still exists in 2008.

Re:Lame results with Linux (1, Insightful)

Anonymous Coward | more than 5 years ago | (#24668147)

This is because Linux, in its infinite wisdom, decided to have two clipboards - one for selecting text and middle-clicking, and one that works with Ctrl-C and Ctrl-V like all the other OS'es. Yay for confusing users with needless features. But of course there must be some technical users out there who take advantage of the two clipboards and would never allow removing one of them from the OS.

Re:Lame results with Linux (0)

Anonymous Coward | more than 5 years ago | (#24668149)

Another example of our schizophrenic clipboard is beneficial.

Honestly though, I never use CTRL-V in Linux.

Re:Lame results with Linux (0)

Anonymous Coward | more than 5 years ago | (#24668151)

Damn that Linux for having two separate paste buffers to make life easier!

Re:Lame results with Linux (1)

jesser (77961) | more than 5 years ago | (#24668235)

FWIW, there's a Firefox bug that lets sites hijack your 'primary' clipboard (the one that middle mouse clicks paste). See bug 265868. So you're not safe just by avoiding Ctrl+V yet.

YAFH (0)

Anonymous Coward | more than 5 years ago | (#24667641)

Yet another flash hijack. Comments I've seen aren't calling out Adobe, but instead are talking about good thing for flash-block and no-script. Yes, those are great plugins, but come on Adobe, my system is only as strong as its weakest link, and more and more that's Flash, not the browser, not the OS. I wonder if Silverlight has this vulnerability.

Re:YAFH (1)

ozmanjusri (601766) | more than 5 years ago | (#24667877)

Comments I've seen aren't calling out Adobe

That's an interesting point.

I've noticed a big increase in the amount of anti-Adobe sentiment in tech blogs recently, with Flash being targeted in particular.

I wonder if it has anything to do with Microsoft's pushing Silverlight?

Re:YAFH (0)

Anonymous Coward | more than 5 years ago | (#24668037)

anti adobe sentiment has existed for a long long time, and justifiably slow, They write some of the buggiest code out there and on top of that they have a very VERY poor security record.

Re:YAFH (0)

Anonymous Coward | more than 5 years ago | (#24668139)

I've noticed a big increase in the amount of anti-Adobe sentiment in tech blogs recently, with Flash being targeted in particular.

I wonder if it has anything to do with Microsoft's pushing Silverlight?

No, it has to do with the fact that flash is such a piece of crap. Adobe software is so annoying to deploy & maintain. Adobe doesn't follow the normal rules for installers & msi files for acrobat and Adobe CS, and there are many, many errors in the limited documentation that they provide. Even getting .msi installers for flash is a hassle.

Further, flash (and silverlight) are overwhelmingly used for web crap.

Re:YAFH (1)

marxmarv (30295) | more than 5 years ago | (#24668197)

It could be astroturf, but that doesn't mean Flash doesn't suck butt. The thing that sucks most about Flash (from this end user's perspective) is that access control is very coarse: the only way to keep it from interacting with the page, performing HTTP requests on your behalf, sending to your soundcard, accessing your clipboard, etc. is not to run the Flash applet in the first place. Ergo, Flashblock/NoScript is essential equipment these days.

(Why, I'm looking right now at a NoScript placeholder below this very edit box. Sorry, DoubleClick.)

Reading the clipboard is even more evil (1)

Pascarello (909061) | more than 5 years ago | (#24667693)

Yeah, adding stuff to the clipboard is nothing new. You could do it without a prompt in browsers in the past with a couple lines of JavaScript. TinyUrl does it with IE. I was always worried about a script that could read what is on the clipboard and send it to some host server. Target your competitor and see if you can get sensitive data!

Not affected it seems ... (4, Informative)

YeeHaW_Jelte (451855) | more than 5 years ago | (#24667729)

... on this old system with SuSE 9.1, FF 2.0.014, flash 7.

Hoorah for lazy upgrading ;)

What about Opera? (1)

Lando242 (1322757) | more than 5 years ago | (#24667745)

Does the same problem appear in Opera? Seeing as how Opera has a built in ad-blocker thats quite effective (and also blocks flash) once configured I'd bet its less of an issue. What if you do click the add though? Is Opera's much touted security up to the task?

Re:What about Opera? (4, Informative)

hellwig (1325869) | more than 5 years ago | (#24667931)

Tried with Opera 9.51 on gOs/Ubuntu 7.10 and it did copy the url to my clipboard which I was unable to replace (with ctrl+c) until I closed the tab. After closure, I regained control of my clipboard.

I tried using a user javascript file that would block all flash content and allow me to individually activate the various flash files, but I had problems with things like YouTube, and eventually I abandoned it when certain websites I frequented used Flash for the most obsurd reasons (don't remember which, this was over a year ago). Might be worthwhile to bring it back.

Barely works in ubuntu (1, Interesting)

Anonymous Coward | more than 5 years ago | (#24667979)

I'm running Ubuntu 8.10 and Firefox 3.0, and while the attack does paste text onto the clipboard, all I need to do to copy new text over it is close the offending tab. Based on comments I read from mac and windows users it seems like linux is the least affected by this 'attack'

iPhone (2, Funny)

Anonymous Coward | more than 5 years ago | (#24668023)

Now we know why the iPhone has no copy/paste support. It's a security issue!

Remember those old dress shirts... (1)

zogger (617870) | more than 5 years ago | (#24668065)

...where the collar was a different color from the rest of the shirt?

That's Flash.

Just say no.

No need for flash adverts (1)

TavisJohn (961472) | more than 5 years ago | (#24668111)

Personally I see no need for flash adverts. Adverts should never use flash or any scripts for this very reason.

But so what? (1)

flyingfsck (986395) | more than 5 years ago | (#24668133)

Most computer users don't even know that Windoze has a clipboard, let alone know how to press Ctrl-V to do something with it, nevermind getting some program to actually follow the link.

It looks like a big ball of nothing to me.

Use the iPhone (0)

Anonymous Coward | more than 5 years ago | (#24668137)

Two reasons why the iPhone is the safest from this type of attack:

1. No Flash
2. No Clipboard

Just a loop (4, Interesting)

Twillerror (536681) | more than 5 years ago | (#24668155)

Okay so the flash ad just copies something to the clipboard in a loop. Closing the tab or browser stops this. I suppose if you are running your browser in the background this would be very annoying and you wouldn't know.

Today firefox and IE prompt if you want to use the clipboard from javascript, but it used to not be this way. I'm sure Adobe will patch this soon enough.

This is like old popups...and oversight that is being exploited by the annoying "internet bully". It's like getting a wet willing or you head stuffed in a toilet.

The issue is here that both Flash and the underlying operating system don't have any kind of cut and paste protection. X, Mac OS X, and XP/Vista should not allow a program to copy and paste the same dam string to the clipboard over and over. Really kind of annoying that we have to spend so many human hours fixing "problems" like this...but such is life I suppose.

A Legit Use (0)

Anonymous Coward | more than 5 years ago | (#24668167)

http://is.gd is a site like TinyURL (but shorter), it uses this paste ability to after you have "hashed" the address.

Yes, but (0)

Anonymous Coward | more than 5 years ago | (#24668177)

does it run in lennix?

nothing for me either (1)

Kid Zero (4866) | more than 5 years ago | (#24668237)

FireFox, Adblock, NoScript, all latest versions, and the flipping thing didn't work. I'm not concerned.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...