Full Version: Sprinter - WOE Problem
From: sprinter [#21]
13 Jan 2007
To: Stunt Engraver (DGL) [#20] 13 Jan 2007
From: Stunt Engraver (DGL) [#22]
13 Jan 2007
To: sprinter [#21] 13 Jan 2007
That's a question only Harvey can answer.
Actually, I wondered the same thing.
From: LaZerDude (C_BURKE) [#23]
13 Jan 2007
To: Engravin' Dave (DATAKES) [#16] 13 Jan 2007
From: UncleSteve [#24]
13 Jan 2007
To: Stunt Engraver (DGL) [#22] 13 Jan 2007
Until then :P
From: Mick [#25]
13 Jan 2007
To: Harvey only (HARVEY-ONLY) [#1] 13 Jan 2007
From: Franklin (FW_HAYNES) [#26]
13 Jan 2007
To: ALL
I must say that the comment:
"Actually after thinking about it, I should thank him, when ever something is posted about WOE we always gain a few more new members B-) " makes Sprinter seem a little opportunistic.
All for friendly competition and a little banter between sites keeps everyone on their toes, but with the recent changes in WOE going to pay site and now with the this, Ken a.k.a. sprinter I don't feel can be trusted.
Thanks unclesteve for keeping us educated on this.
From: Franklin (FW_HAYNES) [#27]
13 Jan 2007
To: sprinter [#21] 13 Jan 2007
Go back and read the first post. He says he would click it off and it would keep popping up so that would stand to reason that he couldn't access WOE because of this. The only alternative was to address it here in hopes that you would see it. I also find it interesting that you responded here before in WOE on this situation even though by the time you responded here there were a few comments about it in WOE
From: RALLYGUY (RALLYGUY1) [#28]
13 Jan 2007
To: UncleSteve [#7] 13 Jan 2007
I't not exactly a fix if it's not broken.
\
What I did was show people how to make a permanant choice so the popup didn't ask every time you logged in.
Sprinter removed the notification from the server to the browser, so it's a non issue now.
From: RALLYGUY (RALLYGUY1) [#29]
13 Jan 2007
To: UncleSteve [#18] 13 Jan 2007
You're absolutely right...that's why I was surprised to see this here......
From: RALLYGUY (RALLYGUY1) [#30]
13 Jan 2007
To: Franklin (FW_HAYNES) [#27] 13 Jan 2007
EDITED: 13 Jan 2007 by RALLYGUY1
From: sprinter [#31]
13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#30] 13 Jan 2007
EDITED: 13 Jan 2007 by SPRINTER
From: RALLYGUY (RALLYGUY1) [#32]
13 Jan 2007
To: Franklin (FW_HAYNES) [#27] 13 Jan 2007
Here is a description of the security threat and how to handle it if you feel that it is necessary.
I will be adjusting my selection to the "trusted sites option" just in case this comes up again with another site.
It seems that this was a hole in the past that allowed someone to view whatever you copied but had not pasted....or whatever the last paste was.
Yes this information could be a security threat....but is very unlikely to be one. Windows decided that it would be extra secure and give a choice to people with a popup. My suggestion for making either a choice of yes or no every time was a cure for the problem, but it seems as if there is even a better solution.....selecting "trusted sites".
Sprinters solution of eliminating the popup, bu not having a website request to the browser essentially cures the issue for anyone that is using IE7.....
From: UncleSteve [#33]
13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#32] 13 Jan 2007
Thank you for the update. The key is the following excerpt from the page you referenced:
"the behaviour occurs when you visit a website or webpage that tries to access the information stored in Clipboard’s memory,"
Please note that it occurs when the website tries to access the clipboard, not when it is looking for the cookie, etc.
Sprinter's "explanation" that it was trying to put a cookie on the clipboard is NOT what is happening. It IS trying to read the clipboard. At least an honest explanation by him would have been better, even if it was just "I have to look into it and get back to you with an answer" instead of the WRONG knee-jerk response like he was personally being attacked....
From: RALLYGUY (RALLYGUY1) [#34]
13 Jan 2007
To: UncleSteve [#33] 13 Jan 2007
Are you 100% sure that what he is saying couldn't cause the same popup?
I know exactly what the popup means. That doesn't mean that he was lying in his explanation of what was causing it for his website.
If his goal was to harvest information from computers, don't you think it would be stupid to have it cause a popup?
What this allows access to is very limited.....Not the whole hard drive as you suggested earlier on in this thread. It could potentially see copyboard data that was sitting in the memory of what you copied or pasted. Only If you chose to allow it....Period. If not....It wouldn't allow access to it.
I understand what you are saying is that he could potentially have access to that copied information....but only if someone allowed it...It was clearly a product of the upgrade and the security of IE.....not some sinister plot to harvest copied or pasted information. I mean C'mon....do you really believe anyone would bother with that????????!!!!!!!!!
It seems as if every other browser allows it without question up to this point. Wouldn't it have started right away when anyone upgraded to IE 7 and logged in to his site for the last month or two? Why did it only come up after the upgrade to his site?
You know the answer.....it's due to the upgrade, just like the problems that they have had with the beehive upgrade here....Upgrades tend to cause problems, no matter where they are made..........
From: sprinter [#35]
13 Jan 2007
To: UncleSteve [#33] 13 Jan 2007
Please get it right, I never said I was doing anything with the clipboard! IE7 is reporting the security cookie request as a clipboard read request. Take the issue up with microsoft, it just shows you how messed up IE7 really is. I just turned off the security alert request to IE7 to notify the user about the security cookie.
It's amazing how many experts we have here on something they have no knowledge of, not once have any of the experts even asked what server side security software I'm using let alone of how it works. I'm not using Beehives weak or non existant security features. I'm using a professional server side package normally found on high end corporate sites.
END OF STORY!!
From: Franklin (FW_HAYNES) [#36]
13 Jan 2007
To: UncleSteve [#33] 13 Jan 2007
Again UncleSteve, thanks for keeping the honest honest on this one.
Also, I have noticed Rallyguy really defending sprinter as well as his giving shameless plugs for WOE on here, etc. With his recent comments about "fixing" the error, etc. I am starting to wonder if he isn't a moderator or something for WOE. Seems like he has some sort of biased stake in it. If this statements seems inflammatory to Rallyguy, then I apologize, but I am curious as to what stake he has in it.
From: Dave Jones (DAVERJ) [#37]
13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#34] 13 Jan 2007
Websites reading the clipboard was defined as a security risk several years ago. Firefox dasabled that ability after version 0.9.3, which came before the "preview" release of Firefox, 2-1/2 years ago.
It is especially a security risk in forums because some people copy/paste their passwords.
The IE control to enable/disable clipboard access by web sites is not new in IE7. It was added in IE6, also a couple of years ago.
From: Dave Jones (DAVERJ) [#38]
13 Jan 2007
To: sprinter [#35] 13 Jan 2007
Just curious if you have a link to a page on Microsoft that confirms this? Or on a reputable security site?
I've seen MSDN reports of the clipboard dialog box repeatedly popping up since IE7 RC1, but have not seen any mention of what you are saying with a cookie request popping up that dialog box in IE7.
From: RALLYGUY (RALLYGUY1) [#39]
13 Jan 2007
To: Franklin (FW_HAYNES) [#36] 13 Jan 2007
I am no more moderator or have a stake in the WOE than I am or do here on EE. In other words....Im neither on any of the Engraving forums.
I have simply embraced both, and I am frusterated to see a clear distain from the EE side at this point based on their behavior...........
I know that the history of the WOE forum is based on a seperation of ideals, born from the time that David decided to go pay.......I know that exchange wasn't necessarily pretty....but we are a long way from back then.....and I have always suggested and supported having more than one forum......Even at the time of the initial split of sprinter off on his own.
Unfortunately some of the EE forum members don't have the stomach for fair competition.......
They are looking for a Monopoly on the engraving forum idea, because the WOE threatens the idea of going pay for this forum. It has from the beginning...in fact that was it's original purpose.....Sprinter didn't like the way David wanted to take this forum so he started another competing forum. He was then forced to go pay because of a malicioius uploader that spammed the site with pornography under the guise of an EE supporter. Now I have no way of proving or disproving what they presented themselves as. I highly doubt any of the members that run this forum would have ever done such a deed, and have too much respect for them to ever put them in that kind of position.
That said.....I am indifferent to both forums. I will support both equaly, and intend to become a member of the pay group here on EE as well when they go that route.
Right now I like each forum for different reasons. What I don't like is feeling that one is lower on the scale because one has been around for a while, a feeling I get every time someone over here gets a chance to take a jab at the WOE forum. The new forum has some great options......Nothing against this one....just simple straight talk, and I really think that some of the people here are just doing what they can to give it a bad rap, every chance they get. You don't see that kind of behavior over there, unless someone from the EE starts complaining about the differences over there. Otherwise the EE is not discussed. No one over there is looking over their shoulder at the EE forum.....so there's no reason to be threatened.....This forum is different in that regard however. Every chance that they have to browbeat the WOE forum....they take. Picking it apart piece by piece.
If there is any bias about the forum's...it's coming from people like you.
From: Harvey only (HARVEY-ONLY) [#40]
13 Jan 2007
To: RALLYGUY (RALLYGUY1) [#6] 13 Jan 2007
Read the post I did more carefully and you would have had the answer before your taking these shots. After I read the rest of this thread I might just delete it all or some posts.
I DO Not use IE7, I use IE6. I do not intend to go to Firefox, so stop thinking you have the best program. IE6 would not allow me to say no, it would just pop up again. Again read the post
The whole idea was to alert Sprinter of a problem I was having, because I could not get onto WOE to post him a message. Again read the post.
I will not make a comment on cheap shots, because the answer would be one.
Show messages: 1-20 21-40 41-57