Version: 3.1.1 (using KDE KDE 3.1.1a) Installed from: Compiled From Sources Compiler: gcc latest ~x86 gentoo(irrelevent) irrelevent.. I think... OS: Linux hello, middle mouse button automatically pastes AND ENTERs the contents of the clip board into the wild internet world I routinely copy and paste PASSWORDS (password leak) from email to applications and other things. now, when accidentally click the middle mouse button, it transmits my password over the internet, to anybody who cares to packet sniff. I know this middle mouse button is configurable... but this behavior is not tollerable/ let alone acceptable for default behavior. I report because I care/want to help. I'd be quite/use windows if I didn't.
You're sure that the security problem is not in front of your computer? :-)
My sence of humor when I'm tired is remarably stupid. But I don't think that I am ;) Well, I'm actually sure that the security problem IS in front of my computer... AND everybody elses! the middle mouse button gets clicked accidentally / in habbit of having that autoscroll feature in mozilla /pheoneix (its an extension) it's also in opera 6.12 and IE and word... that the middle mouse button gets clicked in habbit. now when data gets sent to google on that click... there arrises a huge security problem. Its like asking somebody not to shake hands because there are no wash facilities... DON"T middle click unless you want it to go publicly over the internet... Also, on a very similar note, if I type stuff into the location bar, and hit enter... the data gets sent to a search engine.. I couldn't find out how to turn this off. This is also a security leak. It's like placing your work on a window sill that a cat frequents... I think the user should be able to have the behavior of the browser be anyway they want it to... however it is not responsible / there is responsibilty of the developer to warn the user about somethings (already done) and to make some things be a few steps till catastrophy instead of one step away. so, yes, I am a security vulnerabilty, and so are most of the people I have met. Lessening the chances of leaks like this are important. (continuing rationalization ..) why not just log me in as root all of the time.. with a hex editor and a couple memory addresses to do my work? the possibilty of blowing the system away is too much. We have syntax checkers on basic and warnings in compilers.... we need middle mouse scrolling (autoscrolling) or something else that is usefull to take over the middle mouse button.
Subject: Re: paste unintentional data leak middle mouse button behavior security problem This is a known issue, but I think it remains as such out of tradition, and because there are many ways to do similar mistakes. This is a common one though, and I'm sure it will be reconsidered again and again.
if people like this behavior, they should be able to turn it on themselves. I just can't find a way to turn the middle mouse button paste off, nor the google search that happens if I hit enter for a bad url. On windows, I had to edit the hosts file to keep IE from sending my data /miss typed stuff to search engines. I really don't want the search engine companies being able to track everything I do because it goes through them every time I make a typo So, I guess this bug is dedicated to blowing away the tradition of passing off design flaws as user mistakes. where do I hack to make the behavior acceptable?
*** This bug has been marked as a duplicate of 44931 ***
With the web shortcuts, do we still need to automatically search on a search engine everything that is typed in konqueror ? I also find this behaviour irritating and not very secure.