Full Version: Sprinter - WOE Problem

From: sprinter [#19]
 13 Jan 2007
To: UncleSteve [#18] 13 Jan 2007

I agree, he is helpful, and I help here. The problem I have with his post is it should have been to me or posted on WOE. Why should the members on EE even be concerned about WOE.

Actually after thinking about it, I should thank him, when ever something is posted about WOE we always gain a few more new members B-)

EDITED: 13 Jan 2007 by SPRINTER

---

From: Stunt Engraver (DGL) [#20]
 13 Jan 2007
To: sprinter [#19] 13 Jan 2007

Ken,

The first post in this thread is addressed directly to you.

---

From: sprinter [#21]
 13 Jan 2007
To: Stunt Engraver (DGL) [#20] 13 Jan 2007

But why here? How many times do you see a post directed to anyone addressing another Forum? I actually find it amusing that he is so concerned about the well being of another forum.

---

From: Stunt Engraver (DGL) [#22]
 13 Jan 2007
To: sprinter [#21] 13 Jan 2007

Ken,

That's a question only Harvey can answer.

Actually, I wondered the same thing.

---

From: LaZerDude (C_BURKE) [#23]
 13 Jan 2007
To: Engravin' Dave (DATAKES) [#16] 13 Jan 2007

:-( Sigh

---

From: UncleSteve [#24]
 13 Jan 2007
To: Stunt Engraver (DGL) [#22] 13 Jan 2007

I'm sure Harvey will answer when they close the store tonight.....

Until then :P

---

From: Mick [#25]
 13 Jan 2007
To: Harvey only (HARVEY-ONLY) [#1] 13 Jan 2007

Not on my computer either

---

From: Franklin (FW_HAYNES) [#26]
 13 Jan 2007
To: ALL

Recently sent a copy of the window in question to a programmer friend of mine with sprinter's response as to what it was. UncleSteve is correct which means the line of bull that sprinter just fed us about security is just that...a load of bull.
I must say that the comment:
"Actually after thinking about it, I should thank him, when ever something is posted about WOE we always gain a few more new members B-) " makes Sprinter seem a little opportunistic.
All for friendly competition and a little banter between sites keeps everyone on their toes, but with the recent changes in WOE going to pay site and now with the this, Ken a.k.a. sprinter I don't feel can be trusted.
Thanks unclesteve for keeping us educated on this.

---

From: Franklin (FW_HAYNES) [#27]
 13 Jan 2007
To: sprinter [#21] 13 Jan 2007

"But why here? How many times do you see a post directed to anyone addressing another Forum? I actually find it amusing that he is so concerned about the well being of another forum. "
Go back and read the first post. He says he would click it off and it would keep popping up so that would stand to reason that he couldn't access WOE because of this. The only alternative was to address it here in hopes that you would see it. I also find it interesting that you responded here before in WOE on this situation even though by the time you responded here there were a few comments about it in WOE

---

From: RALLYGUY (RALLYGUY1) [#28]
 13 Jan 2007
To: UncleSteve [#7] 13 Jan 2007

I't not exactly a fix if it's not broken.
\
What I did was show people how to make a permanant choice so the popup didn't ask every time you logged in.

Sprinter removed the notification from the server to the browser, so it's a non issue now.

---

From: RALLYGUY (RALLYGUY1) [#29]
 13 Jan 2007
To: UncleSteve [#18] 13 Jan 2007

You're absolutely right...that's why I was surprised to see this here......

---

From: RALLYGUY (RALLYGUY1) [#30]
 13 Jan 2007
To: Franklin (FW_HAYNES) [#27] 13 Jan 2007

So what you're saying is that Sprinter is so sinister that he made sure a popup told everyone he was going to look at the content of their computers..........

EDITED: 13 Jan 2007 by RALLYGUY1

---

From: sprinter [#31]
 13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#30] 13 Jan 2007

I find this whole thing laughable. And some of the "expert" posts are really absurd. I don't visit as much anymore, I find to many mindless, vicious and childish posts that have no constructive value to anyone or the industry in general.

EDITED: 13 Jan 2007 by SPRINTER

---

From: RALLYGUY (RALLYGUY1) [#32]
 13 Jan 2007
To: Franklin (FW_HAYNES) [#27] 13 Jan 2007

Here is a description of the security threat and how to handle it if you feel that it is necessary.

 

http://www.mydigitallife.info/2006/09/25/disable-allow-this-webpage-to-access-your-clipboard-pop-up-warning-message-in-ie7/

I will be adjusting my selection to the "trusted sites option" just in case this comes up again with another site.

It seems that this was a hole in the past that allowed someone to view whatever you copied but had not pasted....or whatever the last paste was.

Yes this information could be a security threat....but is very unlikely to be one. Windows decided that it would be extra secure and give a choice to people with a popup. My suggestion for making either a choice of yes or no every time was a cure for the problem, but it seems as if there is even a better solution.....selecting "trusted sites".

Sprinters solution of eliminating the popup, bu not having a website request to the browser essentially cures the issue for anyone that is using IE7.....

---

From: UncleSteve [#33]
 13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#32] 13 Jan 2007

Brian,

Thank you for the update. The key is the following excerpt from the page you referenced:

"the behaviour occurs when you visit a website or webpage that tries to access the information stored in Clipboard’s memory,"

Please note that it occurs when the website tries to access the clipboard, not when it is looking for the cookie, etc.

Sprinter's "explanation" that it was trying to put a cookie on the clipboard is NOT what is happening. It IS trying to read the clipboard. At least an honest explanation by him would have been better, even if it was just "I have to look into it and get back to you with an answer" instead of the WRONG knee-jerk response like he was personally being attacked....

---

From: RALLYGUY (RALLYGUY1) [#34]
 13 Jan 2007
To: UncleSteve [#33] 13 Jan 2007

Steve,

Are you 100% sure that what he is saying couldn't cause the same popup?


I know exactly what the popup means. That doesn't mean that he was lying in his explanation of what was causing it for his website.

If his goal was to harvest information from computers, don't you think it would be stupid to have it cause a popup?

What this allows access to is very limited.....Not the whole hard drive as you suggested earlier on in this thread. It could potentially see copyboard data that was sitting in the memory of what you copied or pasted. Only If you chose to allow it....Period. If not....It wouldn't allow access to it.

I understand what you are saying is that he could potentially have access to that copied information....but only if someone allowed it...It was clearly a product of the upgrade and the security of IE.....not some sinister plot to harvest copied or pasted information. I mean C'mon....do you really believe anyone would bother with that????????!!!!!!!!!

It seems as if every other browser allows it without question up to this point. Wouldn't it have started right away when anyone upgraded to IE 7 and logged in to his site for the last month or two? Why did it only come up after the upgrade to his site?

You know the answer.....it's due to the upgrade, just like the problems that they have had with the beehive upgrade here....Upgrades tend to cause problems, no matter where they are made..........

---

From: sprinter [#35]
 13 Jan 2007
To: UncleSteve [#33] 13 Jan 2007

Please get it right, I never said I was doing anything with the clipboard! IE7 is reporting the security cookie request as a clipboard read request. Take the issue up with microsoft, it just shows you how messed up IE7 really is. I just turned off the security alert request to IE7 to notify the user about the security cookie.

It's amazing how many experts we have here on something they have no knowledge of, not once have any of the experts even asked what server side security software I'm using let alone of how it works. I'm not using Beehives weak or non existant security features. I'm using a professional server side package normally found on high end corporate sites.

END OF STORY!!

---

From: Franklin (FW_HAYNES) [#36]
 13 Jan 2007
To: UncleSteve [#33] 13 Jan 2007

Even if this is just a clipboard reader, still it could be used to monitor who is copying material from WOE. I mean heaven forbid one of us leeches goes in and copies something without being a "paid member" of the site.
Again UncleSteve, thanks for keeping the honest honest on this one.
Also, I have noticed Rallyguy really defending sprinter as well as his giving shameless plugs for WOE on here, etc. With his recent comments about "fixing" the error, etc. I am starting to wonder if he isn't a moderator or something for WOE. Seems like he has some sort of biased stake in it. If this statements seems inflammatory to Rallyguy, then I apologize, but I am curious as to what stake he has in it.

---

From: Dave Jones (DAVERJ) [#37]
 13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#34] 13 Jan 2007

Websites reading the clipboard was defined as a security risk several years ago. Firefox dasabled that ability after version 0.9.3, which came before the "preview" release of Firefox, 2-1/2 years ago.

It is especially a security risk in forums because some people copy/paste their passwords.

The IE control to enable/disable clipboard access by web sites is not new in IE7. It was added in IE6, also a couple of years ago.

---

From: Dave Jones (DAVERJ) [#38]
 13 Jan 2007
To: sprinter [#35] 13 Jan 2007

Just curious if you have a link to a page on Microsoft that confirms this? Or on a reputable security site?

I've seen MSDN reports of the clipboard dialog box repeatedly popping up since IE7 RC1, but have not seen any mention of what you are saying with a cookie request popping up that dialog box in IE7.

---

Show messages:  1-18  19-38  39-57

Back to thread list | Login

© 2025 Project Beehive Forum