kdeconnect clipboard passwords security

To: debian-kde@lists.debian.org
Subject: kdeconnect clipboard passwords security
From: inkbottle <inkbottle007@gmail.com>
Date: Wed, 17 Oct 2018 18:41:21 +0200
Message-id: <[🔎] 1655924.F56LAyWDrv@pluto>

Hi,

I believe default kdeconnect settings are to share clipboard content.

I use a password manager to store my passwords; that means that at some point 
the passwords will be stored in the clipboard, even if it is for a short 
period of time.

Androids applications might or might not have access to the clipboard; there 
are hundreds of them, sometimes it is convenient they have access to the 
clipboard; in all case it is difficult task to make a thorough review of each 
and every one of them in the concern of clipboard access.

I'm no security expert, but it seems to me that clipboard sharing as a default 
behavior is a huge security issue.

The issue came to my attention when some Oxford Dictionary asked me if I 
wanted it to pronounce password for me.

I was wondering if some tuning about default kdeconnect settings could be done 
on the debian package side; or if it was a pure upstream matter.

Also there might be far superior solution to that password leaking issue of 
which I'm unaware of.

Best,
Chris

Reply to:

Follow-Ups:
- Re: kdeconnect clipboard passwords security
  - From: Thom Castermans <thom.castermans@gmail.com>

Prev by Date: Re: Which team is best for team-maintaining libepoxy package ?
Next by Date: Re: kdeconnect clipboard passwords security
Previous by thread: Re: Which team is best for team-maintaining libepoxy package ?
Next by thread: Re: kdeconnect clipboard passwords security
Index(es):
- Date
- Thread