[tbb-bugs] #22814 [Applications/Tor Browser]: Disable clipboard.autocopy in Tor Browser
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 5 13:06:33 UTC 2017
#22814: Disable clipboard.autocopy in Tor Browser
--------------------------------------+--------------------------
Reporter: pqrst | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by pqrst):
Here is a more complete description of what is happening:
1. You are viewing a website Foo in Tor Browser. You now want to navigate
to site Bar. Instead of opening a new tab, you select the old URL
(foo.com) in the address bar, delete it and enter bar.com instead. If
`clipboard.autocopy` is enabled in the configuration (which it is by
default), this will copy foo.com to the clipboard.
2. You are done looking at Bar and create a new identity in Tor Browser in
order to clean up your browsing session. foo.com is still on the clipboard
(although it will be cleared if Tor Browser is closed completely).
3. In a separate non-Tor Firefox window you middleclick on something that
is not a link (I do this by accident quite often). If
`middlemouse.contentLoadURL` is enabled (which it is by default), this
will cause Firefox to load the URL currently on the clipboard (foo.com).
This means that your IP address is revealed to foo.com, and the fact that
you visited foo.com is revealed to your ISP and anyone looking over your
shoulder.
Apparently this is a general Firefox on UNIX issue that has been debated
for 11 years: https://bugzilla.mozilla.org/show_bug.cgi?id=366945 . It
appears that some people actually consider this a feature.
My recommendations are:
1. Make `clipboard.autocopy` false by default. This is an OK behavior for
mainline Firefox, but in Tor Browser it is a security concern. Especially
since many (most?) users don't even know that everything that is selected
with the mouse, even just for the purpose of deleting it, automatically
ends up on the clipboard. Users who use this feature often can manually
enable it in the configuration.
2. Clear the clipboard when creating a new identity.
I would also argue that `middlemouse.contentLoadURL` should be disabled by
default, but that's a separate issue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22814#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list