Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Do any Windows freeware apps habitually access the private contents of the clipboard upon mere invocation of the app?

162 views
Skip to first unread message

Arlen Holder

unread,
Mar 17, 2020, 10:56:37 PM3/17/20
to
Do any Windows freeware apps habitually access the private contents of the
clipboard upon mere invocation of the app?

Which specific freeware Windows apps would that be that access saved
clipboard data upon mere invocation of that app, and clearly without you
asking them to?

On the Apple newsgroups, it was posted that many iOS apps habitually access
the private information on the clipboard, sans any user request whatsoever,
to which the Apple users repeatedly and endlessly claimed that Windows apps
do this exact thing all the time.
o Famous iOS apps are snooping on the Pasteboard - Learn Worthy, by Ant
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/XXaeEvEB79Y>

What apps do you know of on Windows that access the clipboard every time
you invoke those apps without you wanting those apps to have that data?
--
Usenet helps all of us improve our technical skills by sharing with others.

Paul

unread,
Mar 17, 2020, 11:55:11 PM3/17/20
to
Arlen Holder wrote:
> Do any Windows freeware apps habitually access the private contents of the
> clipboard upon mere invocation of the app?

First problem, Arlen, is with your newsgroup list.

Windows 10 has two kinds of applications, Win32 and Metro

Windows XP has one kind of application, Win32.

I then have to assume the question was placed in the
three groups, so I would use a Venn diagram and
conclude the question is about Win32 applications.

The answer for Win32 applications is, there *is* no
concept of privacy in the clipboard. The operator of the
computer, the desktop, the applications, they're owned
by the same user. In the old days, there was no contemplation
of Cloud computing and "over-reach". Consequently, there
is no protection.

A relatively simple scheme, is to wipe over some text
say, and select "copy" and overwrite the last clipboard
usage, so that if another program starts, it cannot see
whatever was in the clipboard previously. Such a model
breaks down, if it turns out the clipboard in an OS
is capable of multiple entries in MRU order, in which
case you'd have to flush the clipboard N times. And perhaps,
need a "clipboard viewer application" to review clipboard
state.

For Metro, please consult the labyrinthian collection
of boolean permissions in that stinking Settings wheel.

It gets worse. With the appropriate Cloud setting, your
clipboard could be copied to another device (plus
Microsoft sees it):

https://support.microsoft.com/en-ca/help/4028529/windows-10-clipboard

"To share your clipboard items across your Windows 10 devices,
select Start > Settings > System > Clipboard.

Choose Automatically sync text that I copy under Sync across devices.
"

"How to clear clipboard history on Windows 10"

https://pureinfotech.com/clear-clipboard-history-windows-10/

"Open Settings.
Click on System.
Click on Clipboard.
Under 'Clear clipboard data' click the Clear button.
"

Yeah, it's a computer, and it's being naughty again.

Paul

Arlen Holder

unread,
Mar 18, 2020, 12:33:45 AM3/18/20
to
On Tue, 17 Mar 2020 23:55:09 -0400, Paul wrote:

> Windows 10 has two kinds of applications, Win32 and Metro

Hi Paul,

I apologize if the question wasn't clear...
o Sometimes, it takes a few passes to fully clarify the question.

I'll try to be specific that the subject line was carefully chosen that the
answer is expected to be a list of apps, or, no apps whatsoever, that have
already been caught accessing the clipboard upon invocation only - without
a single command by the user to do so (as this is what happens on iOS).

You are always purposefully helpful so I hope we can stairstep to narrow
down the answer to a specific list of apps that have been caught accessing
the clipboard (which is what we have on the iOS newsgroup) without any user
action whatsoever, simply by invoking the app (which is exactly what was
reported on the iOS newsgroups to be rampant).

It's fine if the answer includes Metro, but, to answer your question about
Metro, I don't plan on ever using a Metro app, so I certainly wasn't asking
about Metro apps - but it's fine if the answer includes Metro apps as all
that matters is the technical factual truth.

The question was and is which apps have already been caught accessing the
clipboard WITHOUT any user input whatsoever except for the invocation of
the app (which was reported to be rampant on the iOS newsgroups).

> The answer for Win32 applications is, there *is* no
> concept of privacy in the clipboard.

That's not the question though.

To put it into perspective, all of us can rob banks, but only some of us
actually rob banks. All of us can steal apples from the grocery store but
only some of us steal apples from the grocery store. All of us can hit
little old ladies on the head with baseball bats, but only some of us stoop
so low as to be caught hitting old ladies on the head with baseball bats.

Just because an app _can_ read the clipboad every single time it's invoked
doesn't at all mean that the app _does_ read the clipboard.

The relevant question is what apps have been caught reading the clipboard
upon EVERY invocation of the app, WITHOUT any request by the user to do so.

> "How to clear clipboard history on Windows 10"
> https://pureinfotech.com/clear-clipboard-history-windows-10/

This is useful as an ameliorative move, but only if apps are actually
caught accessing the clipboard without any input from the user other than
invoking the app.

The question is which apps have been caught accessing the clipboard without
ANY input from the user except for the user invoking the app (which was
reported to be rampant with iOS apps).

> Yeah, it's a computer, and it's being naughty again.

This question has almost nothing, if not nothing, to do with the operating
system; it has only to do with apps caught accessing the clipboard without
any user intervention whatsoever, simply by invoking the app (which was
reported to be rampant in iOS apps).

Again, just because anyone can throw rocks at windows, only some people are
caught throwing rocks at windows.

Do any Windows freeware apps habitually access the private contents of the
clipboard upon mere invocation of the app?
--
Sometimes, on Usenet, it takes a few passes to fully clarify the question.

Libor Striz

unread,
Mar 18, 2020, 1:10:29 AM3/18/20
to
Arlen Holder <arlen.geo...@is.invalid> Wrote in message:

> The question was and is which apps have already been caught accessing theclipboard WITHOUT any user input whatsoever except for the invocation ofthe app (which was reported to be rampant on the iOS newsgroups).

You probably mean also except clipboard content managers,
as they access clipboard on background purposely.

--
Poutnik ( the Wanderer )

R.Wieser

unread,
Mar 18, 2020, 5:13:43 AM3/18/20
to
Arlen,

> Do any Windows freeware apps habitually access the private contents
> of the clipboard upon mere invocation of the app?

No. As there are no private clipboard contents. Everyting in there is
public (that info is just a google away).

Yes. With the ammount of freeware apps its quite likely one of them will
access/have accessed the clipboard when invoked. Like one of the several
simple clipboard-sharing programs.

> What apps do you know of on Windows that access the clipboard
> every time you invoke those apps without you wanting those apps to
> have that data?

:-) You didn't quite think that thru, didn't you ?

The problem you are describing there is not that of a program (for good or
bad) reading the clipboard, but the intention of the person (not the
program) who, knowingly or not, places data onto the clipboard.

In short: Its not the freeware apps problem (regardless of intention), but
that of the user.

The (obvious) solution ? Do not use programs which place data that /you/
want to keep private onto the clipboard. ...Which will be a bit hard as
even a simple cut-and-paste uses the clipboard, but hey. :-)

Though the solution to that is easy: Run those programs in their own
"sandboxes"*, with clipboard sharing disabled.

*full ones, or even just a small wrapper which intercepts the clipboard
requests and either reroutes them to program local storage or encrypts the
data and stores them under a private format.

Bottom line: Your "lets create a list of bad clipboard accessing programs"
is both futile (there might be new ones tomorrow) as well as not in any way
a solution to the actual problem (keeping your clipboard-stored data safe
from other programs).

> I hope we can stairstep to narrow down the answer

Which should have started with thinking about the question itself - on
multiple points.

One of them being that your wish to compile a list of clipboard-reading
freeware programs is already a solution itself, one /you/ regard as needed
to solve the actual problem. And as you can probably tell, I do not
regard your choice of it as anywhere near good, or even an attainable goal.

Regards,
Rudy Wieser


Mayayana

unread,
Mar 18, 2020, 8:36:03 AM3/18/20
to
"R.Wieser" <add...@not.available> wrote

| > Do any Windows freeware apps habitually access the private contents
| > of the clipboard upon mere invocation of the app?
|
| No. As there are no private clipboard contents.

Good way to put it. Arlen seems to be trying to
perfect "our" list of best freeware recipe database
programs by weeding out spyware.

Visual Studio 6 is one program that's famous for
bad design in that respect. It apparently uses the
Clipboard when it starts up. Once started, the
Clipboard is blank. That bug still sometimes catches
me. I copy a code snippet, open VB6... woops.

I seem to remember that Firefox also once did
that, but it doesn't now.

As far as I know there's also never been anything
like a rule that the Clipboard should be erased when
a program closes. Though PSP5 has a nice feature:
If there's a lot on the Clipboard it warns that I'm
leaving a lot of data in memory and asks to confirm
if I want to leave it for use in another program.


JJ

unread,
Mar 18, 2020, 9:12:55 AM3/18/20
to
On Wed, 18 Mar 2020 02:56:34 -0000 (UTC), Arlen Holder wrote:
> Do any Windows freeware apps habitually access the private contents of the
> clipboard upon mere invocation of the app?
>
> Which specific freeware Windows apps would that be that access saved
> clipboard data upon mere invocation of that app, and clearly without you
> asking them to?

That's easy. Any clipboard manager software does that. i.e. at program
startup, it'll read the current clipboard contents and save it into its own
list of clipboard data. It'll also monitor the clipboard, and whenever the
contents changed, it'll be copied into its own list of clipboard data.
MS-Office softwares such as Word and Excel also do this too, because they
have built in clipboard manager.

As other have said, there's no such thing as private and public clipboard -
at least in Windows. However, in Windows, there can be multiple (true)
Desktops (not to be confused with virtual desktop).

Like the normal desktop and the logon screen which are actually two separate
Desktops. Also the normal Desktop after switching to other user while
keeping the previous user logged in.

Each Desktop has its own set of clipboard data storage, application windows,
etc. A Desktop can be shared among multiple users, and can also be made to
be accessible to a single user only. This includes access to the clipboard
contents of the Desktop. It all depends on the security attributes of the
Desktop.

Arlen Holder

unread,
Mar 18, 2020, 11:16:54 AM3/18/20
to
On Wed, 18 Mar 2020 10:13:32 +0100, R.Wieser wrote:

> In short: Its not the freeware apps problem (regardless of intention), but
> that of the user.

Hi Rudy,

Name just one.

The question isn't who "can" rob a bank, since anyone can; the question is
which apps have already been proven to be currently reading the clipboard
without user action nor desire, simply upon the mere invocation of the app.

Without an app name, the question isn't being answered, where I'll note in
the iOS thread, it was _proven_ (based on the cited article) that the iOS
apps do it - where the iOS users repeatedly blamed Windows for that
happening on iOS.

NOTE: The quoted text below is verbatim.
Dated: March 14th, 2020
o Famous iOS apps are snooping on the Pasteboard
<https://learnworthy.net/famous-ios-apps-are-snooping-on-the-pasteboard>

1. "Apps on iOS and iPadOS have unrestricted access to the system-wide
general pasteboard, also referred to as the clipboard"

2. "An app that accesses the pasteboard can also read what has been
copied on a Mac if Universal Clipboard is enabled"

3. "Access to the pasteboard in iOS and iPadOS requires no app permission
as of iOS 13.3"

4. "Security risks of this vulnerability have been thoroughly discussed in
Precise Location Information Leaking Through System Pasteboard

<https://www.mysk.blog/2020/02/24/precise-location-information-leaking-through-system-pasteboard/>

5. "Our findings only documented apps that read the pasteboard every time
the app is opened"

6. "However, apps can delay snooping on the pasteboard until some time
or event takes place (e.g. signing up), hence they are not included
in our findings."

Here's an alphabetical listing of some of the apps caught doing this:
o ABC News: com.abcnews.ABCNews, com.abcnews.ABCNews
o Accuweather: com.yourcompany.TestWithCustomTabs
o Al Jazeera English: ajenglishiphone
o AliExpress Shopping App: com.alibaba.iAliexpress
o AMAZE!!!: com.amaze.game
o Bed Bath & Beyond: com.digby.bedbathbeyond
o Bejeweled: com.ea.ios.bejeweledskies
o Block Puzzle: Game.BlockPuzzle
o CBC News: ca.cbc.CBCNews, com.H443NM7F8H.CBSNews
o Classic Bejeweled: com.popcap.ios.Bej3, com.popcap.ios.Bej3HD
o CNBC: com.nbcuni.cnbc.cnbcrtipad
o Dazn: com.dazn.theApp
o FlipTheGun: com.playgendary.flipgun
o Fox News: com.foxnews.foxnews
o Fruit Ninja: com.halfbrick.FruitNinjaLite
o Golfmasters: com.playgendary.sportmasterstwo
o Hotel Tonight: com.hoteltonight.prod
o Hotels.com: com.hotels.HotelsNearMe
o Letter Soup: com.candywriter.apollo7
o Love Nikki: com.elex.nikki
o My Emma: com.crazylabs.myemma
o New York Times: com.nytimes.NYTimes
o News Break: com.particlenews.newsbreak
o NPR: org.npr.nprnews
o ntv Nachrichten: de.n-tv.n-tvmobil
o Overstock: com.overstock.app
o Pigment Adult Coloring Book: com.pixite.pigment
o Plants vs. Zombies Heroes: com.ea.ios.pvzheroes
o Pooking Billiards City: com.pool.club.billiards.city
o PUBG Mobile: com.tencent.ig
o Recolor Coloring Book to Color: com.sumoing.ReColor
o Reuters: com.thomsonreuters.Reuters
o Russia Today: com.rt.RTNewsEnglish
o Sky Ticket: de.sky.skyonline
o Stern Nachrichten: de.grunerundjahr.sternneu
o The Economist: com.economist.lamarr
o The Huffington Post: com.huffingtonpost.HuffingtonPost
o The Wall Street Journal: com.dowjones.WSJ.ipad
o The Weather Network: com.theweathernetwork.weathereyeiphone
o TikTok: com.zhiliaoapp.musically
o Tok: com.SimpleDate.Tok
o Tomb of the Mask: com.happymagenta.fromcore, com.happymagenta.totm2
o Total Party Kill: com.adventureislands.totalpartykill
o ToTalk: totalk.gofeiyu.com
o Truecaller: com.truesoftware.TrueCallerOther
o Viber: com.viber
o Vice News: com.vice.news.VICE-News
o Watermarbling: com.hydro.dipping
o Weibo: com.sina.weibo
o Zoosk: com.zoosk.Zoosk
o 10% Happier: Meditation: com.changecollective.tenpercenthappier
o 5-0 Radio Police Scanner: com.smartestapple.50radiofree
o 8 Ball Pool: com.miniclip.8ballpoolmult
--
Usenet allows purposefully helpful adults to share solutions with others.

Arlen Holder

unread,
Mar 18, 2020, 11:26:58 AM3/18/20
to
On Wed, 18 Mar 2020 06:10:23 +0100 (GMT+01:00), Libor Striz wrote:

> You probably mean also except clipboard content managers,
> as they access clipboard on background purposely.

Hi Poutnik,

A. How do we prevent this from happening (for _those_ apps that are known)?
B. How can we most easily _test_ if a given Windows app is doing this now?

I know you well where you sometimes play silly games (akin to nospam) which
just waste our time, and other times you actually provide immense value.

Let's hope your intent today is to provide adult value to the topic.

To answer your question, I had clearly assumed it was obvious that it was
already assumed, a priori, that the user was well aware the question is
about listing specific Windows apps _unintentionally_ accessing the
clipboard, merely upon invocation, without the users' express permission.

However, given Paul's response that any app can rob a bank, one may ask
reasonably why the desired list of apps even matters.

1. The original reason for asking was that it was proven that scores of
iOS apps currently do this without the user's consent, which the
Apple posters repeatedly blamed on Microsoft - which I wanted to see
if that was a verifiable fact, or not.

2. However, even without that being the original impetus for the question,
it's still a valuable topic to discuss on this newsgroup for _just_
the Windows apps (ignoring that scores of iOS apps were caught).

3. The output is expected to be a list of apps that are known to do this.

As a bonus, two other outputs can reasonably be expected from an adult
erudite conversation on this topic, namely:

A. How do we prevent this from happening (for _those_ apps that are known)?
B. How can we most easily _test_ if a given app is doing this right now?

Kenny McCormack

unread,
Mar 18, 2020, 11:33:09 AM3/18/20
to
In article <r4sag0$6s5$1...@dont-email.me>,
No. They would be on the list.

--
The randomly chosen signature file that would have appeared here is more than 4
lines long. As such, it violates one or more Usenet RFCs. In order to remain
in compliance with said RFCs, the actual sig can be found at the following URL:
http://user.xmission.com/~gazelle/Sigs/Noam

nospam

unread,
Mar 18, 2020, 11:47:53 AM3/18/20
to
In article <r4teju$22i$1...@news.mixmin.net>, Arlen Holder
<arlen.geo...@is.invalid> wrote:

> 1. The original reason for asking was that it was proven that scores of
> iOS apps currently do this without the user's consent,

as do apps on other platforms, as you were repeatedly told by several
people

> which the
> Apple posters repeatedly blamed on Microsoft

nobody blamed anyone.

pyotr filipivich

unread,
Mar 18, 2020, 12:11:17 PM3/18/20
to
"Mayayana" <maya...@invalid.nospam> on Wed, 18 Mar 2020 08:35:51
-0400 typed in microsoft.public.windowsxp.general the following:
So the question comes, is there a means to "clear" the clipboard?
Other than copying a blank space to paste later?
>
--
pyotr filipivich
Next month's Panel: Graft - Boon or blessing?

Arlen Holder

unread,
Mar 18, 2020, 12:16:10 PM3/18/20
to
On Wed, 18 Mar 2020 20:12:51 +0700, JJ wrote:

> Any clipboard manager software does that

Hi JJ,

I must not have been clear in the OP, an omission for which I apologize.

*We're only interested in exposing freeware apps _unintentionally_*
*reading the clipboard upon mere invocation of the app* (as cited).

To your point of clarification, Poutnik also mentioned _intentional_
reading of the clipboard... so please see my response to him that it was
assumed, a priori, that we're not talking about exposing Windows freeware
apps that the users _intend_ on reading the clipboard upon mere invocation.

So far, from Paul and others, we are told that _any_ Windows app can
secretly rob the bank without us asking them to, but that tells us nothing
of use that we didn't know _before_ the thread was opened (AFAICT).

To his credit, Mayayana posted reputedly known Windows apps that perhaps
_do_ rob the bank without the users' express consent upon mere invocation
of that Windows app:
o *Visual Studio 6*
o *Firefox*
o ? any others ?
--
These would clearly be apps to avoid in favor of corresponding freeware
that does _not_ rob the bank sans permission upon mere invocation of the
Windows freeware app.

Shadow

unread,
Mar 18, 2020, 12:18:01 PM3/18/20
to
BleachBit will do that.(and numerous other privacy apps, but
BleachBit is cross-platform, libre-ware and trustworthy)
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

Arlen Holder

unread,
Mar 18, 2020, 12:18:15 PM3/18/20
to
On Wed, 18 Mar 2020 11:47:50 -0400, nospam wrote:

> as do apps on other platforms, as you were repeatedly told by several
> people

Name just one.
--
Bullshitters always fail this, the simplest 3-word test of their facts.

Libor Striz

unread,
Mar 18, 2020, 12:37:33 PM3/18/20
to
Arlen Holder <arlen.geo...@is.invalid> Wrote in message:

> I know you well where you sometimes play silly games (akin to nospam) whichjust waste our time, and other times you actually provide immense value.

> Let's hope your intent today is to provide adult value to the topic.

This is one of your games
I am not going to participate on.

Shadow

unread,
Mar 18, 2020, 12:47:38 PM3/18/20
to
Oh fsck. I forgot the OT when I replied and now I'm watching
the thread.
Change watch and kill priorities?
Nah, I deserve the punishment.

R.Wieser

unread,
Mar 18, 2020, 12:58:19 PM3/18/20
to
Arlen,

>> In short: Its not the freeware apps problem (regardless of intention),
>> but that of the user.
>
> Name just one.

I already did. And as it does not make any sense to repeat already given
answers, I suggest you re-read my previous message.

> the question is which apps have already been proven to be currently
> reading the clipboard without user action nor desire, simply upon the
> mere invocation of the app.

Kiddo, repeating the same question again doesn't help to clarify what you
are after. Also, I already explained why that that "without user action
*nor desire*" part (emphasis mine) is problematic. Which you now have
ignored.

Besides, if all you are out for is to show iOS lovers that Windows freeware
programs have the same behaviour than all you need is just one or two (or at
most a handfull) of those aps, which doesn't come near to your "which apps
have", which seems to indicate you need a long, if not full list. Thats
just wastefull.

And there is another problem: some programs may habitualy be reading the
clipboard without any action or desire of the user, but that does not
automaticaly mean that there is any malicious intent - but instead possibly
just an uniformed (by choice perhaps) user.

Did I already say "Which should have started with thinking about the
question itself" ? You really should you know. The better the question,
the more chance you get a usable answer.

> Without an app name, the question isn't being answered,

Than I suggest you take a peek at the public data AV comanies and virus
hunters offer. You know, google for it (yourself).

> where I'll note in the iOS thread
.....

I've ignored everything from that point on, as it doesn't seem to have the
slightest to do with Windows.

> Usenet allows purposefully helpful adults to share solutions with others.

Usenet also allows leeches to prey on the helpfull, and giving nothing in
return.

> A. How do we prevent this from happening (for _those_ apps that are
> known)?

I've already given you the answer to that. Put them in a VM or otherwise
intercept their access to the clipboard. The isolation can be made to
work in both directions.

But, trying to isolate the baddies would be like trying to use a list of
names to keep muggers at bay: No matter how many muggers you blacklist there
will always be more, new ones. You stand a much better chance by
isolating the "good" programs which clipboard contents (read: even simple
copy/paste actions) should not be accessible by the world & dog.

Ofcourse, the /best/ solution would be to stop installing random crap you
(can) find on tha intarwebz. If that can't be done (addictions come in
many forms :-) ) another, easy one, could be to at add a malware scanner
next to the virussscanner.

> B. How can we most easily _test_ if a given Windows app is doing this
> now?

/Easiest/ ? Just ask someone else to do it for you. :-)

Regards,
Rudy Wieser


R.Wieser

unread,
Mar 18, 2020, 1:08:41 PM3/18/20
to
pyotr,

> So the question comes, is there a means to "clear" the
> clipboard? Other than copying a blank space to paste later?

Lol, you want to wrap something /that/ simple in a program ?

But yes, possible. IIRC you could use some HTA for it (effectivily
instructing the browser to clear the clipboard for you). I can imagine
that AutoIt (a rather powerfull scripting language) can also do it.

And I seem to remember some freeware program which you can pipe data into,
which than gets put into the clipboard. An action which could be put in a
shortcut (for easiest access).

Regards,
Rudy Wieser


Arlen Holder

unread,
Mar 18, 2020, 1:11:04 PM3/18/20
to
On Wed, 18 Mar 2020 17:37:26 +0100 (GMT+01:00), Libor Striz wrote:

> This is one of your games
> I am not going to participate on.

Hi Poutnik,

This thread is asking for a named list of badly behaved Windows programs.
o As Mayana inferred, *these would be Windows freeware programs to avoid*.

Just because we _can_ rummage through people's garbage to obtain their bank
statements, doesn't mean that reputable people actually _do_ so without any
need to have done so (and without users' knowledge or express consent).

This cite clearly states the opinion that the scores of listed (admittedly
only iOS) apps that have been _caught_ rummaging through your garbage for
personal information is obviously the wrong thing for those iOS apps to do.

o Famous iOS apps are snooping on the Pasteboard (March 14th, 2020)
<https://learnworthy.net/famous-ios-apps-are-snooping-on-the-pasteboard>

I concur, and I claim that those apps would likely be apps to be avoided.
o All this thread asks for is a similar list of Windows programs.

Put in colloquial terms, the goal here is to list any known Windows
programs that have absolutely no business rummaging through your garbage,
without your knowledge or consent, and yet, who are known to be doing so,
merely upon invocation of the Windows program.

In summary:
*What Windows programs are known to access the clipboard merely upon*
*invocation (which have no need to do so) that we know of*?

Arlen Holder

unread,
Mar 18, 2020, 1:21:09 PM3/18/20
to
On Wed, 18 Mar 2020 17:58:05 +0100, R.Wieser wrote:

>> Name just one.
>
> I already did. And as it does not make any sense to repeat already given
> answers, I suggest you re-read my previous message.

Hi Rudy,

The simplest test of Usenet bullshitters is three words:
o "Name Just One".

Anyone can club little old ladies just because they can get away with it,
but no reputable person clubs little old ladies just because they can.
o If they did, they'd be people to avoid.

Same here.

Since you claim to have provided a specific list of known Windows programs
that do that, akin to the specific list that the cited article clearly
provided, why can nobody find that list but you?
o Name just one.
--
The simplest test of Usenet bullshitters is three words: "Name Just One".

GS

unread,
Mar 18, 2020, 1:26:50 PM3/18/20
to
> Though PSP5 has a nice feature:
> If there's a lot on the Clipboard it warns that I'm
> leaving a lot of data in memory and asks to confirm
> if I want to leave it for use in another program.

Current version still does this!

--
Garry

Free usenet access at http://www.eternal-september.org
Classic VB Users Regroup!
comp.lang.basic.visual.misc
microsoft.public.vb.general.discussion

R.Wieser

unread,
Mar 18, 2020, 1:31:45 PM3/18/20
to
Arlen,

> Bullshitters always fail this, the simplest 3-word test of their facts.

Bullshitters always claim that they don't get the answers they are owed -
while blatantly ignoring all the ones they do not like.

Regards,
Rudy Wieser


Arlen Holder

unread,
Mar 18, 2020, 1:43:02 PM3/18/20
to
On Wed, 18 Mar 2020 18:31:37 +0100, R.Wieser wrote:

> Bullshitters always claim that they don't get the answers they are owed -
> while blatantly ignoring all the ones they do not like.

The permanent Usenet record will show...

FACT:
Bullshitters like Rudy Wieser _always_ instantly fail the three-word test:
o Name just one

That is, their entire belief system is based on exactly zero (0) facts.

Hence, to spare the _adults_ on this newsgroup further indignity, this is
my last response in this thread to this utter worthless piece of shit Rudy
Wieser, who clearly has absolutely zero intention of ever (in his entire
life) purposefully adding on-topic technical value to this newsgroup.
--
Those who have never even once added any value, already proved they can't.

R.Wieser

unread,
Mar 18, 2020, 2:19:49 PM3/18/20
to
Arlen,

> The simplest test of Usenet bullshitters is three words:
> o "Name Just One".

The most silly of (Usenet) Bullshitters always claim that they don't get
their answers - while blatantly ignoring all the ones they do not like.

> Since you claim to have provided a specific list of known \
> Windows programs that do that

I have not claimed anything of the kind. But pray tell, how on earth do
you connect "name just one" with your above "a list of" ? I'm afraid that
your wiring either has a loose contact or a short somewhere ....

> akin to the specific list that the cited article clearly provided,

Ah, thataway. Than I will have you know that to us earthings time flows
in a single direction. Claiming that a later provided list should have
anything to do with an earlier given reply does therefore not quite work on
this planet (and is frowned upon - just so you know).

Though to be honest, the young ones under us always try, once or twice, to
get away something in a similar fashion - not that their elders let them get
away with it though.

And as always, you are rather transparent on your demands that I should, as
proof of me being right, provide you with exactly what you need. Even
though you tried, and failed, a few times before, here you are, trying it
again. I guess you must be "slow" in that regard. :-)

I gave you plenty of info to work with to solve the clipboard access problem
you described. Get off of your lazy ass I would say.

Than a again, I took that question at face value, and someone informed me of
the possibility that solving it was not what you where after - something
your current response (apart from the obvious goading) does seem to support.

> Hence, to spare the _adults_ on this newsgroup further indignity, this
> is my last response in this thread to this utter worthless piece of shit
> Rudy Wieser, who clearly has absolutely zero intention of ever (in his
> entire life) purposefully adding on-topic technical value to this
> newsgroup.

:-) Thank you kind sir. You might not know it, but your personal attack
rants score your thanwhile target points with people who actually have
something to say and share.

Though can't you think of something new to say ? Its get boring. You've
already used the same to me a few times before, and I've seen you use it
towards others too. Does that mean that I'm not, you know, special to you
? :-)

Than again, having that template in whatever you use to read newsgroups and
only having to select the name of the recipient does make the while "lets
try to trash that person" a lot easier. :-)

But, lets see if you can keep your given word. I doubt it though ...

Regards,
Rudy Wieser


Mayayana

unread,
Mar 18, 2020, 2:31:50 PM3/18/20
to
"pyotr filipivich" <ph...@mindspring.com> wrote

| So the question comes, is there a means to "clear" the clipboard?
| Other than copying a blank space to paste later?

You mean like for when you have to lend your
computer to James Bond? There's an API, with
functions in most programming languages. Oddly,
it was never added to Windows Script Host.
Probably the simplest method without writing
software would be this:

<HTML><HEAD>
<SCRIPT LANGUAGE="VBScript">
window.clipboardData.clearData
</SCRIPT>
</HEAD><BODY></BODY></HTML>

Paste that into Notepad and save as an HTML file.
Then just double click it and close the resulting
window.

Of course, on Win10 it may complain that you don't
have permission to clear the clipboard.... or use IE...
or open an HTML file.... or double click with the mouse
prior to buying stuff at the Windows Store....
but it should work fine on XP. :)


R.Wieser

unread,
Mar 18, 2020, 3:13:12 PM3/18/20
to
Mayayana,

> Oddly, it was never added to Windows Script Host.

Most likely they thought about it at some point, but decided that the
problem our esteemed OP posted about would than just be too easy to create,
even by a mediocre scriptkiddie (like the "cd tray virus" of yesteryear) -
or even just a nuissance "clear the clipboard every tenth of a second"
script.

At least, I wish to think that MS considered that. It /could/ ofcourse
just be a kind "/we/ don't need it" kind of lazyness though.

Regards,
Rudy Wieser


pyotr filipivich

unread,
Mar 19, 2020, 12:51:14 PM3/19/20
to
"R.Wieser" <add...@not.available> on Wed, 18 Mar 2020 20:12:59 +0100
typed in microsoft.public.windowsxp.general the following:
I am of the opinion that a lot of interface issues with Windows
are because the people who work _on_ the interface think it is a neat
idea, but don't know anyone who actual works _with_ the interface.

pyotr filipivich

unread,
Mar 19, 2020, 12:51:14 PM3/19/20
to
"R.Wieser" <add...@not.available> on Wed, 18 Mar 2020 18:08:30 +0100
typed in microsoft.public.windowsxp.general the following:
>pyotr,
>
>> So the question comes, is there a means to "clear" the
>> clipboard? Other than copying a blank space to paste later?
>
>Lol, you want to wrap something /that/ simple in a program ?

B-) That's why I asked.

Some of it is the whole "last one out empty the trash" element.
That when program X is closed, the clipboard gets emptied. Some
programs already do ask when you have a lot of stuff on the clipboard.
But how much is "a lot"?

>But yes, possible. IIRC you could use some HTA for it (effectivily
>instructing the browser to clear the clipboard for you). I can imagine
>that AutoIt (a rather powerfull scripting language) can also do it.
>
>And I seem to remember some freeware program which you can pipe data into,
>which than gets put into the clipboard. An action which could be put in a
>shortcut (for easiest access).

I think I'll just try to remember to copy a blank space to the
clipboard.
>
>Regards,
>Rudy Wieser

Mayayana

unread,
Mar 19, 2020, 1:18:17 PM3/19/20
to
"pyotr filipivich" <ph...@mindspring.com> wrote

| I am of the opinion that a lot of interface issues with Windows
| are because the people who work _on_ the interface think it is a neat
| idea, but don't know anyone who actual works _with_ the interface.

I think in this case it's a lack of foresight. Windows
Script Host came out in the late 90s, intended as DOS
updated for the GUI era. At the same time, Microsoft
were integrating COM objects into scripting in IE, to
create "ActiveX". What resulted was a very powerful,
adaptable programming system. The single method of
CreateObject (vbs) or New ActiveXObject (js) opened
up Windows scripting to any available dispatch interface.
(Late-bound COM objects.) Bu that was almost an
accident in terms of being useful in Windows. They
were only trying to screw Netscape.

Meanwhile, what they had meant to do with WSH was
just to give sys admins an easier way to track the file
system, write log files, and so on. So they provided a
method to read and write text files. But no functionality
to handle binary files. Likewise with the Clipboard. It
wasn't a question of security or of functionality. IT people
maintaining computers in the corporate world just didn't
need the Clipboard. They needed to write logs, change
Registry values, check installed software.... that kind of
thing.


nospam

unread,
Mar 19, 2020, 1:19:59 PM3/19/20
to
In article <ui877fpo34sbct6sf...@4ax.com>, pyotr
filipivich <ph...@mindspring.com> wrote:

> I am of the opinion that a lot of interface issues with Windows
> are because the people who work _on_ the interface think it is a neat
> idea, but don't know anyone who actual works _with_ the interface.

very much so.

Arlen Holder

unread,
Mar 19, 2020, 3:31:43 PM3/19/20
to
On Thu, 19 Mar 2020 13:19:58 -0400, nospam wrote:

>> I am of the opinion that a lot of interface issues with Windows
>> are because the people who work _on_ the interface think it is a neat
>> idea, but don't know anyone who actual works _with_ the interface.
>
> very much so.

I will concur that I used to do software usability testing for a startup in
the Silicon Valley where we invited customers to volunteer use the new
alpha code behind those so-called 2-way mirrors (this is before digital
camera technology 'cuz today, we'd just have them use a web cam setup or
something like that).

We would have a team of people behind the mirror counting their keystrokes,
and watching their mistakes, where we used those bits of data to tell the
damn engineers that the software wasn't anywhere nearly as intuitive as
they thought it was.

I remember, in one case, the engineer was incredulous that people could
move to the next version of the software, saying "How hard is it that they
can't pop a few tapes into the magtape drive?)

To that engineer, using software was only as complex as loading it off the
magtape drive.

In short, _many_ Silicon Valley engineers, IMHO, have no clue what its like
for their customers to use their software - which - I suspect - strongly so
- follows suit up in Redmond too.

BTW, to the point of this thread, on the Android newsgroup we found useful
information that Google is limiting access to the clipboard in Android 10.

Here's a snippet...
<https://stuff.mit.edu/afs/sipb/project/android/docs/guide/topics/text/creating-input-method.html>
<https://android-developers.googleblog.com/2009/04/updating-applications-for-on-screen.html>
<https://source.android.com/setup/start/android-10-release>
<https://developer.android.com/about/versions/10/privacy/changes>
<https://developer.android.com/about/versions/10/privacy/changes#clipboard-data>

SUMMARY:
o Privacy Changes in Android 10
"Unless your app is the default input method editor (IME) or is the
app that currently has focus, your app cannot access clipboard data
on Android 10 or higher."

To be able to automatically detect clipboard changes, the application
must be explicitly set as running as "Accessibility service". [sic]

o Restrict app clipboard access
"In Android 10, clipboard access has changed so that clipboard
content can't be watched by calling ClipboardManager.getPrimaryClip
or by adding an onPrimaryClipChanged listener for notification
when the clipboard changes. This increases user privacy and
disables malvertizing apps from modifying the clipboard."

"In Android 10, read access is only allowed to either the current
app with input focus, or to the current keyboard.
The ClipboardManager.onPrimaryClipChanged() listener call now
only fires for apps that meet such restrictions.
ClipboardManager.getPrimaryClip &
ClipboardManager.getPrimaryClipDescription
return null if the requesting app either isn't the default
input method editor (IME), or doesn't have input focus."
--
Those who write GUIs should be forced to use them daily as punishment.

R.Wieser

unread,
Mar 19, 2020, 3:51:19 PM3/19/20
to
Pyotr,

> I am of the opinion that a lot of interface issues with Windows
> are because the people who work _on_ the interface think it is
> a neat idea, but don't know anyone who actual works _with_
> the interface.

An there are a number of problems which are only there because whatever has
been created just needed to do what they where busy with - with reusability
a far-away stepchild. Like who the heck though it would be a good idea to
let the enter key in a textcontrol (still!) just exit a dialog - without
even going thru the regular tear-down channels ?

Sometimes I get the feeling as if the MS guys are just playing a cruel game
with (hobby) programmers (like me). :-(

Regards,
Rudy Wieser


pyotr filipivich

unread,
Mar 20, 2020, 11:59:05 AM3/20/20
to
"Mayayana" <maya...@invalid.nospam> on Thu, 19 Mar 2020 13:18:05
-0400 typed in microsoft.public.windowsxp.general the following:
I will take your word for it. But it fits with my opinion, that
much is done with Windows "for the needs of the plot" err
programmers.

Mayayana

unread,
Mar 20, 2020, 1:35:59 PM3/20/20
to
"pyotr filipivich" <ph...@mindspring.com> wrote

| I will take your word for it. But it fits with my opinion, that
| much is done with Windows "for the needs of the plot" err
| programmers.
|

I think that's true much more with open source. Windows
is commercial. It has to satisfy business customers. Macs
are even more so. Everything on a Mac is either effortless
or can't be done. It's locked down, top-shelf, and kiddie-ready.
Windows has to adapt to a lot more hardware variety, and
it has to maintain a great deal of backward compatibility.
They also have to straddle the boundary between Mac and
Linux. Configurable by IT but usable by normal people. So
they do things like hide the real settings behind an intimidating
button marked "Advanced".

Open source, on the other hand, is not commercial, so there's
no customer who has to be satisfied. Don't like fluorescent green
text in a black window? Screw you! Compile it yourself!

Did you notice that a couple of Linux people got nasty
recently when I said youtube-dl needs a GUI? Those people,
the kind of programmers you're thinking of, don't want
civilians to be able to use computers. That's why Linux is such
a mess. You can probably clear the Clipboard on Linux. And
the instructions probably start with, "Open the console
shell interface of your choice and start Perl..."


nospam

unread,
Mar 20, 2020, 1:51:44 PM3/20/20
to
In article <r52uts$u8d$1...@dont-email.me>, Mayayana
<maya...@invalid.nospam> wrote:

> Everything on a Mac is either effortless
> or can't be done. It's locked down, top-shelf, and kiddie-ready.

false. the only limitation is that of the person using it.

J. P. Gilliver (John)

unread,
Mar 20, 2020, 7:57:18 PM3/20/20
to
On Fri, 20 Mar 2020 at 13:35:47, Mayayana <maya...@invalid.nospam>
wrote:
[]
> Did you notice that a couple of Linux people got nasty
>recently when I said youtube-dl needs a GUI? Those people,
[]
Didn't you write one? Someone did, and I was sort of one of (your I
thought it was) beta testers. If it was you, did it ever proceed any
further?
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

If vegetarians eat vegetables,..beware of humanitarians!

Mayayana

unread,
Mar 20, 2020, 8:17:08 PM3/20/20
to
"J. P. Gilliver (John)" <G6...@255soft.uk> wrote

| > Did you notice that a couple of Linux people got nasty
| >recently when I said youtube-dl needs a GUI? Those people,
| []
| Didn't you write one? Someone did, and I was sort of one of (your I
| thought it was) beta testers. If it was you, did it ever proceed any
| further?

I use it myself. After you tried it I made a couple
of minor adjustments, but it's all I need. I don't have a
use for the endless command line options so I didn't
see any reason to add them. So it's done, weighing in
at a whopping 20 KB. :)

The one thing I'd like to fix, though I'm not sure I
can: I haven't figured out a way to keep the display
updated. All the reporting from youtube-dl shows up
only when downloading is finished because IE doesn't
allow for painting the window before a function
finishes. There are hacks to get around that, but
so far I haven't found one to work.


pyotr filipivich

unread,
Mar 21, 2020, 12:48:01 AM3/21/20
to
nospam <nos...@nospam.invalid> on Fri, 20 Mar 2020 13:51:40 -0400
typed in microsoft.public.windowsxp.general the following:
So you know of a means to get to a command line on a MAC?

Paul

unread,
Mar 21, 2020, 2:12:08 AM3/21/20
to
pyotr filipivich wrote:
> nospam <nos...@nospam.invalid> on Fri, 20 Mar 2020 13:51:40 -0400
> typed in microsoft.public.windowsxp.general the following:
>> In article <r52uts$u8d$1...@dont-email.me>, Mayayana
>> <maya...@invalid.nospam> wrote:
>>
>>> Everything on a Mac is either effortless
>>> or can't be done. It's locked down, top-shelf, and kiddie-ready.
>> false. the only limitation is that of the person using it.
>
> So you know of a means to get to a command line on a MAC?

Look for Terminal ?

https://www.howtogeek.com/347920/how-to-download-macos-updates-using-the-terminal/

Paul

Shadow

unread,
Mar 21, 2020, 5:32:22 AM3/21/20
to
On Fri, 20 Mar 2020 23:55:38 +0000, "J. P. Gilliver (John)"
<G6...@255soft.uk> wrote:

>On Fri, 20 Mar 2020 at 13:35:47, Mayayana <maya...@invalid.nospam>
>wrote:
>[]
>> Did you notice that a couple of Linux people got nasty
>>recently when I said youtube-dl needs a GUI? Those people,
>[]
>Didn't you write one? Someone did, and I was sort of one of (your I
>thought it was) beta testers. If it was you, did it ever proceed any
>further?

I wrote and use one, but it's just a GUI frontend, with a box
for low resolution. You can see the download because a dos box pops
up.
Why? Because I'm lazy.
Lazarus - Free Pascal. 767 KB UPX'd.

nospam

unread,
Mar 21, 2020, 7:18:29 AM3/21/20
to
In article <767b7ftbiapehlqd7...@4ax.com>, pyotr
filipivich <ph...@mindspring.com> wrote:

> >
> >> Everything on a Mac is either effortless
> >> or can't be done. It's locked down, top-shelf, and kiddie-ready.
> >
> >false. the only limitation is that of the person using it.
>
> So you know of a means to get to a command line on a MAC?

trivial. have you even used a mac?? sure doesn't sound like it.

launch terminal (in utilities folder in the applications folder), part
of the os itself.

other options include using a third party terminal app (there are a
couple) as well as ssh into it (if enabled, it's off by default).

zsh is now the default shell (previously bash), but can be changed to
any of several others.

Arlen Holder

unread,
Mar 21, 2020, 7:35:51 AM3/21/20
to
On Fri, 20 Mar 2020 20:16:51 -0400, Mayayana wrote:

> I don't have a
> use for the endless command line options so I didn't
> see any reason to add them.

The main handful of options, for common tasks, for me, seem to be:
A. Download a video as an OPUS file:
youtube-dl.exe http://whatevervideourl.com
B. Download a video as an MP4 file:
youtube-dl.exe -f 18 http://whatevervideourl.com
C. Download and extract just the audio as an M4A:
youtube-dl.exe -f 140 http://whatevervideourl.com
D. Download and extract just the audio as an MP3:
youtube-dl.exe -x --audio-format mp3 --audio-quality 0 http://whatevervideourl.com
E. Download the videos in a playlist text file:
youtube-dl.exe -ciwo "%(title)s.%(ext)s" -a myPlayList.txt
Where the myPlayList.txt simply contains a list of URLs, one per line

BTW... Do we _still_ need to obtain FFMPEG separately?

Anyway, for those wanting to install the youtube-dl, these step-by-step
cut-and-paste instructions were posted to this newsgroup years ago.

As always for others' benefit, here are those (old) instructions:
(I haven't tested them in a while though.)

1. Install Microsoft Visual C++ 2010 Redistributable Package (x86)
https://www.microsoft.com/en-US/download/details.aspx?id=5555

2. Upate Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package MFC Security Update
https://www.microsoft.com/en-us/download/details.aspx?id=26999

3: To extract audio, obtain ffmpeg any way you can, e.g.,
http://ffmpeg.zeranoe.com/builds/
http://ffmpeg.zeranoe.com/builds/win64/static/ffmpeg-20170711-0780ad9-win64-static.zip
Put the three executables in the same directory as the youtube-dl.exe
ffmpeg.exe
ffplay.exe
ffprobe.exe

Note: youtube-dl.exe -x is what needs ffmpeg although you can set it to
-x, --extract-audio = Convert video files to audio-only files
(requires ffmpeg or avconv and ffprobe or avprobe)

You can also just point to the FFMPEG directory:
--ffmpeg-location PATH = Location of the ffmpeg/avconv binary;

4. Then get the right youtube-dl.exe that uses Visusal C & not python!
https://youtube-dl.org/
http://rg3.github.io/youtube-dl/download.html
https://yt-dl.org/downloads/2018.08.28/youtube-dl.exe

5. Check the hash!
(Compare the hash to that listed on the web page.)
The reason this matters is that there are different types
(e.g., the visual C, python, and maybe others for all I know)


For example, my hash was...
---------------------------
Checksum information
---------------------------
Name: youtube-dl.exe
Size: 7955964 bytes (7 MB)

SHA256: 935D5FD32932BF0A6D842F28E168D84F7FC674CD995A5A4646D9A70145B6B255

---------------------------
OK
---------------------------

To test:

1. Choose any test video that you know will have slipstream ads inside it.
https://youtu.be/n6eXtBbhpYg (Happy New Year 2018)

2. If you extract audio then obtain the latest ffmpeg if you don't have it.
http://ffmpeg.zeranoe.com/builds/

This is the one I used:
http://ffmpeg.zeranoe.com/builds/win64/static/ffmpeg-20170711-0780ad9-win64-static.zip

That's three executables but I think you only need "ffprobe.exe".
(But I kept the three executables together so I didn't test that out.)

3. I put the three ffmpeg executables in the current working directory.

However you can add them to your path if you like.
AFAIK, you only need 1 of the 3 ffmpeg executables (ffprobe.exe).

cmd> copy c:\path\ffmpeg\bin\ffprobe.exe .\ffprobe.exe
(Or just put the extracted c:\path\ffmpeg\bin\ in your PATH variable.)

If you get these errors when running the youtube extractor, it's the path:
"writing DASH m4a. Only some players support this container. "
"Install ffmpeg or avconv to fix this automatically."

4. Obtain the latest working youtube-dl.exe (get the right one!)

This is the one I use because it works and doesn't require python!
From: https://youtube-dl.org/downloads/latest/youtube-dl.exe
Size: 7760634 bytes (7 MB)
SHA256: C0396D47480D7C9A14464A8E51E79993F88BD76D6BCFDB11312EFD0D88F3C5C7

NOTE: Some of the GUIs require python and others require java, but
this one requires neither.

5. Doublecheck that the basics are working fine & that you're up to date:
cmd> youtube-dl.exe --version
Initially reported:
2017.07.15

So I updated it:
cmd> youtube-dl.exe -U
Which reported:
Updating to version 2017.12.31 ...
Waiting for file handle to be closed ...
Updated youtube-dl to version 2017.12.31.

Testing it again:
cmd> youtube-dl.exe -U
Now reports:
youtube-dl is up-to-date (2017.12.31)

And doublechecking the version:
cmd> youtube-dl.exe --version
Now reports:
2017.12.31

Optionally, output the manpage:
cmd> youtube-dl.exe -h > youtube-dl.man.txt
cmd> type youtube-dl.man.txt | more

6. Run the command below to download any YouTube video as an mp4:
cmd> youtube-dl.exe -f 18 https://youtu.be/n6eXtBbhpYg
[youtube] n6eXtBbhpYg: Downloading webpage
[youtube] n6eXtBbhpYg: Downloading video info webpage
[youtube] n6eXtBbhpYg: Extracting video information
[youtube] n6eXtBbhpYg: Downloading MPD manifest
[download] Destination: Happy New Year 2018-n6eXtBbhpYg.mp4
[download] 100% of 3.44MiB in 00:01

cmd> dir
30-Dec-17 10:14 AM 3,602,418 Happy New Year 2018-n6eXtBbhpYg.mp4

Note that you can actually add the ads as this is an option!
--include-ads (Download advertisements as well)

7. Now try to extract the audio as an opus file:
cmd> youtube-dl.exe -x https://youtu.be/n6eXtBbhpYg
[youtube] n6eXtBbhpYg: Downloading webpage
[youtube] n6eXtBbhpYg: Downloading video info webpage
[youtube] n6eXtBbhpYg: Extracting video information
[youtube] n6eXtBbhpYg: Downloading MPD manifest
[download] Destination: Happy New Year 2018-n6eXtBbhpYg.m4a
[download] 100% of 621.97KiB in 00:00
[ffmpeg] Correcting container in "Happy New Year 2018-n6eXtBbhpYg.m4a"
[ffmpeg] Post-process file Happy New Year 2018-n6eXtBbhpYg.m4a exists, skipping

8. Try to extract the audio as an m4a format file:
cmd> youtube-dl.exe -f 140 https://youtu.be/n6eXtBbhpYg
[youtube] n6eXtBbhpYg: Downloading webpage
[youtube] n6eXtBbhpYg: Downloading video info webpage
[youtube] n6eXtBbhpYg: Extracting video information
[youtube] n6eXtBbhpYg: Downloading MPD manifest
[download] Happy New Year 2018-n6eXtBbhpYg.m4a has already been downloaded
[download] 100% of 621.52KiB
[ffmpeg] Correcting container in "Happy New Year 2018-n6eXtBbhpYg.m4a"

9. In summary, these two commands are the ones most used:
Video download as MP4:
cmd> youtube-dl.exe -f 18 https://youtu.be/n6eXtBbhpYg
Audio extraction as M4A:
cmd> youtube-dl.exe -f 140 https://youtu.be/n6eXtBbhpYg

10. Addendum: I do not use this implementation of the same name!
https://yt-dl.org/downloads/2017.07.15/youtube-dl.exe
Referenced in https://rg3.github.io/youtube-dl/download.html
(This implementation failed on the harder test videos.)
Addendum: I do not use the all-in-1 GUI which failed on my harder tests.
https://sourceforge.net/projects/youtube-dl-gtk/

This gets the video sans slipstream (using a harder testcase):
youtube-dl.exe -f 18 https://youtu.be/VuNIsY6JdUw
[youtube] VuNIsY6JdUw: Downloading webpage
[youtube] VuNIsY6JdUw: Downloading video info webpage
[youtube] VuNIsY6JdUw: Extracting video information
[youtube] VuNIsY6JdUw: Downloading js player vflalc4VN
[youtube] VuNIsY6JdUw: Downloading MPD manifest
[download] Destination: Taylor Swift - You Belong With Me-VuNIsY6JdUw.mp4
[download] 100% of 17.98MiB in 00:23
18,857,601 Taylor Swift - You Belong With Me-VuNIsY6JdUw.mp4

This adds the slipstream advertisement (using a harder testcase):
youtube-dl.exe -f 18 --include-ads https://youtu.be/VuNIsY6JdUw
[youtube] VuNIsY6JdUw: Downloading webpage
[youtube] VuNIsY6JdUw: Downloading video info webpage
[youtube] VuNIsY6JdUw: Extracting video information
[youtube] VuNIsY6JdUw: Downloading MPD manifest
[download] Destination: Taylor Swift - You Belong With Me-VuNIsY6JdUw.mp4
[download] 100% of 17.98MiB in 00:27
18,857,601 Taylor Swift - You Belong With Me-VuNIsY6JdUw.mp4

Here are other GUIs but they require Python or Java:
https://rg3.github.io/youtube-dl/

youtube-dlG frontend (portable)
https://github.com/MrS0m30n3/youtube-dl-gui

youtube-dl-gui 1.52 (portable)
https://www.videohelp.com/software/youtube-dl-gui

yaYTDLFrontend (java portable)
https://bitbucket.org/qwertz19281/yaytdlfrontend/src

As always, HTH; if not, please improve so that every thread on Usenet
adds on-topic technical value to our combined tribal knowledge.
--
Only 2 kinds of people are on Usenet: Those adding value & those who can't.

Mayayana

unread,
Mar 21, 2020, 8:34:58 AM3/21/20
to
"pyotr filipivich" <ph...@mindspring.com> wrote

| So you know of a means to get to a command line on a MAC?

They have something called AppleScript. And there's
some kind of access to the Unix core. I think it's an
outdated preconception, though, to think that one
only gets to the "real stuff" when the mouse is disabled.
That's the attitude of the oldtimers who make fun of
people who want a GUI. But actually, command line
is very limited and is mostly used to send command line
arguments to executables. The commands are really
simple automations rather than extra functionality. Most
things you can do in console can be done easier in the
GUI. Which, of course, was the whole point of making
a GUI.

Which raises an interesting question: What makes a
system accessible? Programming on a Mac requires
using their hardware, with a license and their tools.
At the other extreme, programming on Linux is open
to all and lots of methods are provided. But if you
don't have well designed, intuitive tools and good
docs then you're lost. That's what's always been nice
about Windows: There are numerous levels of expertise
with tools and docs at each level.


nospam

unread,
Mar 21, 2020, 8:54:19 AM3/21/20
to
In article <r551lb$6t7$1...@dont-email.me>, Mayayana
<maya...@invalid.nospam> wrote:

>
> | So you know of a means to get to a command line on a MAC?
>
> They have something called AppleScript.

that's mainly a gui scripting language and *very* capable, which can
also be used for other stuff, including writing apps.

> And there's
> some kind of access to the Unix core.

otherwise known as a command line, and much more than 'some kind of
access to the unix core'.

> I think it's an
> outdated preconception, though, to think that one
> only gets to the "real stuff" when the mouse is disabled.

the mouse isn't disabled with the command line.

> That's the attitude of the oldtimers who make fun of
> people who want a GUI. But actually, command line
> is very limited and is mostly used to send command line
> arguments to executables. The commands are really
> simple automations rather than extra functionality. Most
> things you can do in console can be done easier in the
> GUI. Which, of course, was the whole point of making
> a GUI.

not exactly.

> Which raises an interesting question: What makes a
> system accessible? Programming on a Mac requires
> using their hardware, with a license and their tools.

it doesn't require it. there are third party tools for the mac and
always has been.

programming on windows is normally done with microsoft's tools, but
there are third party options as well.

> At the other extreme, programming on Linux is open
> to all and lots of methods are provided. But if you
> don't have well designed, intuitive tools and good
> docs then you're lost. That's what's always been nice
> about Windows: There are numerous levels of expertise
> with tools and docs at each level.

same for mac.

khaha

unread,
Mar 21, 2020, 10:56:44 AM3/21/20
to
On 21/03/2020 11:35, Arlen Holder wrote:
>
> (I haven't tested them in a while though.)
>
>


Little wonders nobody cares what you write here.


pyotr filipivich

unread,
Mar 21, 2020, 12:19:53 PM3/21/20
to
"Mayayana" <maya...@invalid.nospam> on Sat, 21 Mar 2020 08:34:42
-0400 typed in microsoft.public.windowsxp.general the following:
>"pyotr filipivich" <ph...@mindspring.com> wrote
>
>| So you know of a means to get to a command line on a MAC?
>
> They have something called AppleScript. And there's
>some kind of access to the Unix core. I think it's an
>outdated preconception, though, to think that one
>only gets to the "real stuff" when the mouse is disabled.
>That's the attitude of the oldtimers who make fun of
>people who want a GUI. But actually, command line
>is very limited and is mostly used to send command line
>arguments to executables. The commands are really
>simple automations rather than extra functionality. Most
>things you can do in console can be done easier in the
>GUI. Which, of course, was the whole point of making
>a GUI.

Most things, true.

But for me and my purposes, getting to a DOS prompt and running
robocopy (or a batch file which calls it and the parameter list) beats
having to tell Windows "yes overwrite that file, no do not overwrite
that file, yes, yes, no, yes, size eight, yes..."
>
> Which raises an interesting question: What makes a
>system accessible? Programming on a Mac requires
>using their hardware, with a license and their tools.
>At the other extreme, programming on Linux is open
>to all and lots of methods are provided. But if you
>don't have well designed, intuitive tools and good
>docs then you're lost. That's what's always been nice
>about Windows: There are numerous levels of expertise
>with tools and docs at each level.

Yes.much of my gripping has less to do with the parts which work
"invisibly" as with how the changes in the GUI interfere with the
muscle memory I had from the previous GUI. Its like getting a new car
which has the windshield wiper where the shift lever was on the last
one. Lot of "oops, didn't mean to do that!"

pyotr filipivich

unread,
Mar 21, 2020, 12:19:53 PM3/21/20
to
"Mayayana" <maya...@invalid.nospam> on Fri, 20 Mar 2020 13:35:47
-0400 typed in microsoft.public.windowsxp.general the following:
"it's a simple procedure involving lasers..."

Sigh.

pyotr filipivich

unread,
Mar 21, 2020, 12:19:53 PM3/21/20
to
nospam <nos...@nospam.invalid> on Sat, 21 Mar 2020 07:18:23 -0400
typed in microsoft.public.windowsxp.general the following:
>In article <767b7ftbiapehlqd7...@4ax.com>, pyotr
>filipivich <ph...@mindspring.com> wrote:
>
>> >
>> >> Everything on a Mac is either effortless
>> >> or can't be done. It's locked down, top-shelf, and kiddie-ready.
>> >
>> >false. the only limitation is that of the person using it.
>>
>> So you know of a means to get to a command line on a MAC?
>
>trivial. have you even used a mac?? sure doesn't sound like it.

Once or twice, back when it was the New Thing.
The question was mostly rhetorical.

Some days I think having a PDP-11 might be a solution to my winter
heating needs as well.

Arlen Holder

unread,
Mar 21, 2020, 1:10:10 PM3/21/20
to
On Sat, 21 Mar 2020 10:59:19 -0400, khaha wrote:

> Little wonders nobody cares what you write here.

*These worthless pieces of shit _hate_ they can never add value*.
o *So they shit on those who do*.

Having been on Usenet for decades and knowing it's always these
utter worthless pieces of shit who _hat4e_ that they can never post value:
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/wDbAqMr-0oY/B0cp1Cl8BwAJ>
<https://groups.google.com/d/msg/alt.comp.freeware/AI5SiPSGyaE/_KBWCeD8IAAJ>

I looked up to see if this "khana" sock is a worthless piece of shit sock
that has never even once, in his entire life, _ever_ authored any value:
<https://i.postimg.cc/c4m41Bny/khana01.jpg>

One post, this one I'm responding to, in the entire history of Usenet,
for this newsgroup, from this "khana" sock, which is pretty convincing
evidence of the sock nature of some coward on this newsgroup.
<https://i.postimg.cc/sgth5RVC/khana02.jpg>

But which worthless piece of shit sock is this "khana"?
o I don't care, as the fact is always the same.

*These worthless pieces of shit _hate_ they can never add value*.
o *So they shit on those who do*.

HINT: We had the exact same issue with the worthless piece of shit sock
that goes by "Cindy Hamilton" (who had clearly posted only
whenever either "p-0''0-h the cat (coder)" posted, or when
"Shadow" posted - nobody else but those two pieces of shit).

I assume this brand new "khana" sock is either Pooh or Shadow, where
the "Cindy Hamilton" sock was _clearly_ associated directly with both
over the many times they posted - but where he got wise when I pointed
that out so he created this new "khana" sock, which has _never_ once
posted anything in the entire history of Usenet except to this thread.
--
Path: aioe.org!.POSTED.nC9u00pl4xBgzERRz97cNQ.user.gioia.aioe.org!not-for-mail
From: khaha <kha...@gmail.com>
Newsgroups: alt.comp.os.windows-10,alt.comp.freeware,microsoft.public.windowsxp.general
Subject: Re: youtube-dl
Date: Sat, 21 Mar 2020 10:59:19 -0400
Organization: Aioe.org NNTP Server
Message-ID: <r559v7$1kdv$1...@gioia.aioe.org>
NNTP-Posting-Host: nC9u00pl4xBgzERRz97cNQ.user.gioia.aioe.org
User-Agent: G2/1.0
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-CA

Mayayana

unread,
Mar 21, 2020, 1:16:46 PM3/21/20
to
"pyotr filipivich" <ph...@mindspring.com> wrote

| Its like getting a new car
| which has the windshield wiper where the shift lever was on the last
| one. Lot of "oops, didn't mean to do that!"
|

Or worse, there's no windshield wipeer control anymore
because now it's "AI powered" and it knows better than
you do when to turn on.


pyotr filipivich

unread,
Mar 22, 2020, 3:20:12 AM3/22/20
to
"Mayayana" <maya...@invalid.nospam> on Sat, 21 Mar 2020 13:16:33
-0400 typed in microsoft.public.windowsxp.general the following:
And you can't turn it off for the car wash.

And while it is neat that I can open the sliding side doors
without geting out, I don't like that I have to unlock the car and put
the key in the ignition to roll up or down a window.

Mayayana

unread,
Mar 22, 2020, 7:57:13 AM3/22/20
to
"pyotr filipivich" <ph...@mindspring.com> wrote

|I don't like that I have to unlock the car and put
| the key in the ignition to roll up or down a window.

Yes. That's one of those idiocies that's so dumb it
just makes me angry. So far I've been able to avoid
electric "luxuries". Pickups generally provide more
options in terms of not getting non-optional "options".


pyotr filipivich

unread,
Mar 23, 2020, 2:15:38 PM3/23/20
to
"Mayayana" <maya...@invalid.nospam> on Sun, 22 Mar 2020 07:56:58
-0400 typed in microsoft.public.windowsxp.general the following:
When (If) I get another pickup, it will be pretty bare bones. Or
whatever is on the lot at the time.
But since I got married, I had to become "respectable." 8-)

Arlen Holder

unread,
Jul 5, 2020, 4:57:43 PM7/5/20
to
My question was whether this is only a problem on iOS or also Windows.

With the advent of the iOS 14 beta, well-known apps have been recently
publicly caught and outed...

Each time they're caught (so far anyway), the company immediately says it's
a nasty bug, and then immediately vows to remove the reading of the
clipboard on every keypress.

o *iOS 14 - Linked-In app caught reading the user's clipboard in background (including from other sources)*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/2VZ5a3QsvBc>

o *Reddit caught red handed by iOS 14 copying the clipboard contents on iOS devices*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/-gvgKjTALvI>

o *iOS 14: TikTok seems to have been caught abusing the clipboard in a quite extraordinary way.*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/dRKgQG8jGo8/>

o *Famous iOS apps are snooping on the Pasteboard - Learn Worthy*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/XXaeEvEB79Y/>

o *Even more iOS apps caught snooping clipboard contents ...*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/IHVirXnbJF0/>
etc.

For example, here's just one snippet from just one article cited above:

o *TikTok and 53 other iOS apps still snoop your sensitive clipboard data*
<https://arstechnica.com/gadgets/2020/06/tiktok-and-53-other-ios-apps-still-snoop-your-sensitive-clipboard-data/>

o 10% Happier: Meditation com.changecollective.tenpercenthappier
o 5-0 Radio Police Scanner com.smartestapple.50radiofree
o 8 Ball Pool com.miniclip.8ballpoolmult
o ABC News com.abcnews.ABCNews
o AMAZE!!! com.amaze.game
o Accuweather com.yourcompany.TestWithCustomTabs
o Al Jazeera English ajenglishiphone
o AliExpress Shopping App com.alibaba.iAliexpress
o Bed Bath & Beyond com.digby.bedbathbeyond
o Bejeweled com.ea.ios.bejeweledskies
o Block Puzzle Game.BlockPuzzle
o CBC News ca.cbc.CBCNews
o CBS News com.H443NM7F8H.CBSNews
o CNBC com.nbcuni.cnbc.cnbcrtipad
o Classic Bejeweled HD com.popcap.ios.Bej3HD
o Classic Bejeweled com.popcap.ios.Bej3
o Dazn com.dazn.theApp
o FlipTheGun com.playgendary.flipgun
o Fox News com.foxnews.foxnews
o Fruit Ninja com.halfbrick.FruitNinjaLite
o Golfmasters com.playgendary.sportmasterstwo
o Hotel Tonight com.hoteltonight.prod
o Hotels.com com.hotels.HotelsNearMe
o Letter Soup com.candywriter.apollo7
o Love Nikki com.elex.nikki
o My Emma com.crazylabs.myemma
o NPR org.npr.nprnews
o New York Times com.nytimes.NYTimes
o News Break com.particlenews.newsbreak
o Overstock com.overstock.app
o PUBG Mobile com.tencent.ig
o Pigment Adult Coloring Book com.pixite.pigment
o Plants vs. Zombies Heroes com.ea.ios.pvzheroes
o Pooking Billiards City com.pool.club.billiards.city
o Recolor Coloring Book to Color com.sumoing.ReColor
o Reuters com.thomsonreuters.Reuters
o Russia Today com.rt.RTNewsEnglish
o Sky Ticket de.sky.skyonline
o Stern Nachrichten de.grunerundjahr.sternneu
o The Economist com.economist.lamarr
o The Huffington Post com.huffingtonpost.HuffingtonPost
o The Wall Street Journal com.dowjones.WSJ.ipad
o The Weather Network com.theweathernetwork.weathereyeiphone
o TikTok com.zhiliaoapp.musically
o ToTalk totalk.gofeiyu.com
o Tok com.SimpleDate.Tok
o Tomb of the Mask com.happymagenta.fromcore
o Tomb of the Mask: Color com.happymagenta.totm2
o Total Party Kill com.adventureislands.totalpartykill
o Truecaller com.truesoftware.TrueCallerOther
o Viber com.viber
o Vice News com.vice.news.VICE-News
o Watermarbling com.hydro.dipping
o Weibo com.sina.weibo
o Zoosk com.zoosk.Zoosk
o ntv Nachrichten de.n-tv.n-tvmobil

My question was whether this is only a problem on iOS or also Windows.
--
My question was whether this is only a problem on iOS or also Windows.

nospam

unread,
Jul 5, 2020, 5:11:57 PM7/5/20
to
In article <rdtes4$hau$1...@news.mixmin.net>, Arlen Holder
<arlen...@newmachine.com> wrote:

> My question was whether this is only a problem on iOS or also Windows.

all platforms.

Arlen Holder

unread,
Jul 5, 2020, 6:11:17 PM7/5/20
to
On Sun, 05 Jul 2020 17:11:53 -0400, nospam wrote:

> all platforms.

Hi nospam,

Logically, sensibly, and reasonably, I would tend to agree that this is a
privacy/security problem that shouldn't be any different on any of the five
common consumer platforms.

However, when I asked on the Android, Windows, and Linux newsgroups, most
of the responses seemed to be "this is normal", which, on iOS, at least the
response was "this is creepy" (which I would agree with).

So I'm not sure _why_ the Android, Linux, and Windows groups seem to think
this is normal behavior to read the clipboard upon every keystroke (or
invocation of the app).

I do notice that the TikTok and other apps _only_ did it on iOS, which is
an enigma to me, because if it's useful to them on iOS, why wouldn't it be
just as useful to them on Android?

Here are the threads, from a while ago, asking on each of those platforms:

o *What common specific Android apps are known to access the clipboard upon mere invocation & without your permission?*
<https://groups.google.com/forum/#!topic/comp.mobile.android/hdNb3BeYm44>

o *What common specific Linux apps are known to access the clipboard upon mere invocation & without your permission?*
<https://groups.google.com/forum/#!topic/alt.os.linux/VmByXYAaJts>

o *Do any Windows freeware apps habitually access the private contents of the clipboard upon mere invocation of the app?*
<https://groups.google.com/forum/#!topic/microsoft.public.windowsxp.general/wDbAqMr-0oY>

In each of those threads, the question was met with derision simply
because, it seems, those users _expect_ this kind of creepy behavior.

I don't.
--
I don't yet understand why this creepy behavior only bothers iOS users...

Arlen Holder

unread,
Jul 5, 2020, 7:02:58 PM7/5/20
to
On Sun, 05 Jul 2020 18:21:38 -0400, nospam wrote:

>> So I'm not sure _why_ the Android, Linux, and Windows groups seem to think
>> this is normal behavior to read the clipboard upon every keystroke (or
>> invocation of the app).
>
> ignorance.
>
> how do you think a clipboard manager app works, which runs in the
> background?
>
> a clipboard manager probably isn't doing anything sleazy (at least the
> reputable ones) with what's on the clipboard, but that doesn't mean a
> different app couldn't do something nefarious.

Hi nospam,

It could be ignorance on the part of the Android, Windows, & Linux users,
as when I first broached the subject, en masse, the trolls came out, and
even some of the regulars seemed to think it's perfectly normal for an app
that has absolutely zero need for the clipboard, to be reading it.

I can see how it's a tad more dangerous, perhaps, on iOS simply because of
the integration with the Mac clipboard (but such integration may be on
Windows, Linux, and Android for all I know).

What I do know is that when an app is called out for this behavior on iOS,
they turn it off and apologize, claiming it's a bug (as you're well aware).

Seems to me Android, Windows, and Linux need the _same_ kind of enhanced
privacy that this new iOS 14 popup message provides.... but, as we both
noted, the Android, Linux, and Windows users appear to be either ignorant,
or, perhaps, they know something we don't know.

I just don't get it why _all_ five platforms shouldn't have this creepy
behavior pointed out, if it's occurring on all five platforms.
--
Usenet is most useful when adult post with purposefully helpful intent.

Arlen Holder

unread,
Jul 5, 2020, 7:30:35 PM7/5/20
to
> So I'm not at all really sure why only iOS makes the news for this kind of
> clearly creepy app behavior... and not, oh, say, Android, or, Windows.

Hi Ant,

It's not just the Windows & Android folks who think it's normal behavior.
o Even the Linux folks seem to think this is perfectly normal behavior.

Windows: <https://groups.google.com/forum/#!topic/microsoft.public.windowsxp.general/wDbAqMr-0oY>
Android: <https://groups.google.com/forum/#!topic/comp.mobile.android/hdNb3BeYm44>
Linux: <https://groups.google.com/forum/#!topic/alt.os.linux/VmByXYAaJts>

So what is confusing to me is why, on iOS, this reading of the clipboard
(by apps that have absolutely no business whatsoever reading the clipboard)
is _always_ considered aberrant behavior by all accounts we can find
(including the companies caught doing it!)...

But on Windows, Linux, and on Android, they think it's perfectly normal.
o Makes no sense.

I agree with nospam, for example, that when the companies who are caught
doing it "claim" it's a bug, they're just making excuses 'cuz you have to
explicitly code this stuff... it doesn't happen by accident.

But at least on iOS, when those companies are caught, they _all_ (so far)
agreed that it's the wrong thing to do, and they all said they'd remove it
(e.g., Reddit, Linked-In, & TikTok, although TikTok was caught long ago so
they are especially egregious offenders).
o Linked-In: <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/2VZ5a3QsvBc>
o Reddit: <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/-gvgKjTALvI>
o TikTok: <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/dRKgQG8jGo8>
o Others: <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/IHVirXnbJF0>

Why is it always a bug (by all accounts) when it happens on iOS, but not on
the other four common consumer OS platforms?

Arlen Holder

unread,
Jul 5, 2020, 7:38:52 PM7/5/20
to
On Sun, 5 Jul 2020 21:50:37 -0000 (UTC), Lewis wrote:

> This is a much more complicated issue than these abndwagon jumpers would
> indicate.
>
> For example, if I copy a link from a page to an RSS feed and then I open
> my podcast app, it will get that URL off the clipboard so that I can
> easily subscribe to the podcast.
>
> When I copy a phone number and then open Hiya, it offers immediately to
> search its database for that phone number.
>
> These are both desirable features.
>
> The issue is when an app (or more likely a framework plugin that the
> "developer" dropped in without even looking at the code) is constantly
> polling the clipboard to monitor everything the user is doing.
>
> When I launch the Safeway app there is no reason I can think of for it
> to be polling the clipboard, and yet it does. It's not doing anything
> for me with that clipboard like offering to search for "Fritos" if
> that's on my clipboard, it's just phoning home with whatever is on the
> clipboard.
>
> Or I have to assume it is phone home because it is grabbing the
> clipboard and I have no way to know it is not phoning that home.
>
> So, I put "Hey Siri remind me to stop going to Safeway because they are
> spying on my clipboard" and open the app a few dozen times.
>
> But since nothing like credit card numbers or passwords are ever on the
> clipboard (never) it's more of an annoyance than anything else.
>
> People who manage their passwords by keeping a notes document and
> copy/pasting their logins and passwords... well, they have a problem,
> but it is a self-inflicted problem.

Lewis has a good point that the "bug" can be accidental if the companies
caught doing it (e.g., Reddit, Linked-In, TikTok, et al.) simply blindly
linked in code that they never even understood...

Although that alone, should be a scary thought for reasons that are
obvious, but unrelated to this query...

My query is simply why it's _clearly_ always considered a bug when, on iOS,
apps that have absolutely zero need to be constantly reading your
clipboard, are constantly reading your clipboard...

... ... and yet ... ...

On all the other common consumer platforms that I asked the question of...
o It's _not_ considered a bug?

Makes no sense.

If it's clearly a bug on iOS for an app that has absolutely no business
reading the clipboard to be constantly monitoring everything you cut into
the clipboard... (which even the companies caught doing it admitted)...

Then why isn't it a bug on the other common consumer platforms?
--
If it's clearly a bug when an iOS app does it, how can it _not_ be a bug
when the Linux, Android, and/or Windows equivalent app does it?

Arlen Holder

unread,
Jul 5, 2020, 7:47:24 PM7/5/20
to
On Sun, 5 Jul 2020 16:38:20 -0700, 123456789 wrote:

>> some of the regulars seemed to think it's perfectly normal for an
>> app that has absolutely zero need for the clipboard, to be reading
>> it.
>
> I see there are a number of Android Clipboard Cleaner apps available. I
> just tried one and it seemed to work OK. So I suppose one could leave his
> clipboard squeaky clean after use if wanted. The question that came to
> my mind is what might the cleaner apps be doing with the dirty laundry...

I'm sure there are tons of workarounds to prevent Android apps that have
absolutely no business reading our clipboards to be constantly obtaining
data from our clipboards...

But what I don't get (yet) is why the Android users who posted (so far)
seem to think it's perfectly normal for an app that has absolutely no
business to be reading our clipboards, to be reading our clipboards.

Only if/when we agree it's aberrant behavior, can we begin to discuss the
workarounds, IMHO.

Although, some workarounds that come to mind, including the one above...
o Auto clear the clipboard every few seconds (or on demand, or on paste)
o Pop up a configurable warning when an app requests clipboard access
o Set a permission, per app, to access the clipboard (if that's possible)
etc.

What bothers me most so far in this thread is people think it's normal.

If it's clearly a bug when an iOS app does it, how can it _not_ be a bug
when the Linux, Android, and/or Windows equivalent app does it?

Ant

unread,
Jul 6, 2020, 1:01:21 AM7/6/20
to
More like ANY softwares? Not just free? I know download managers do for catching URLs.


In microsoft.public.windowsxp.general Arlen Holder <arlen.geo...@is.invalid> wrote:
> Do any Windows freeware apps habitually access the private contents of the
> clipboard upon mere invocation of the app?

> Which specific freeware Windows apps would that be that access saved
> clipboard data upon mere invocation of that app, and clearly without you
> asking them to?

> On the Apple newsgroups, it was posted that many iOS apps habitually access
> the private information on the clipboard, sans any user request whatsoever,
> to which the Apple users repeatedly and endlessly claimed that Windows apps
> do this exact thing all the time.
> o Famous iOS apps are snooping on the Pasteboard - Learn Worthy, by Ant
> <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/XXaeEvEB79Y>

> What apps do you know of on Windows that access the clipboard every time
> you invoke those apps without you wanting those apps to have that data?

--
Life is so crazy! ..!.. *isms, sins, hates, (d)evil, illnesses (e.g., COVID-19/2019-nCoV/SARS-CoV-2), deaths, heat waves, fires, out(r)ages, unlucky #4, 2020, greeds, etc.
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://aqfl.net & http://antfarm.home.dhs.org /
/ /\ /\ \ http://antfarm.ma.cx. Please nuke ANT if replying by e-mail.
| |o o| |
\ _ /
( )

R.Wieser

unread,
Jul 6, 2020, 5:51:27 AM7/6/20
to
Arlen,

Any reason you are necro-bumping a four /month/ old thread ?

And no, splaffing a number of messages all re-iterating what has already
been said does not really add anything to the subject.

> With the advent of the iOS 14 beta, well-known apps have been
> recently publicly caught and outed...

Old news kiddo.

> Each time they're caught (so far anyway), the company immediately
> says it's a nasty bug, and then immediately vows to remove the reading
> of the clipboard on every keypress.

Yeah, we also read those articles. Whats your point (if any) ?

> However, when I asked on the Android, Windows, and Linux newsgroups,
> most of the responses seemed to be "this is normal", which, on iOS, at
> least
> the response was "this is creepy" (which I would agree with).

Arlen, there is a secret component thats part of many discussions but only
few people know of. Is called "context". Both of the above are true at
the same time, but not in the same context.

> some of the regulars seemed to think it's perfectly normal for an
> app that has absolutely zero need for the clipboard, to be reading it.

Thats not what they (me included) said. But hey, when you ignore the
context in which something has been said you get conclusion garbage like
that.

> Seems to me Android, Windows, and Linux need the _same_ kind of
> enhanced privacy that this new iOS 14 popup message provides....

Why are you telling us that ? What /good/ does that do ? What do you
expect from us ?

> but, as we both noted, the Android, Linux, and Windows users appear
> to be either ignorant,

Ah yes, the mighty Arlen is way above the rif-raf that the readers and
contributors of all these different newsgroups are made outof. :-)

I ask you again: What /good/ does your telling *us* that all the OSes need
better privacy controls ? /We/ have *zero* control about what the
respective companies do.

> or, perhaps, they know something we don't know.

Yes, /we/ know something /you/ (you're still not a royalty, so no "we") do
not yet grasp: complaining must be done toward people who can actually
change something about a situation. In all other cases the best you can do
is to /inform/ the other.

> Lewis has a good point that the "bug" can be accidental if the
> companies caught doing it (e.g., Reddit, Linked-In, TikTok,
> et al.) simply blindly linked in code that they never even understood...

Thats called "using (third-party or not) libraries". And its pretty-much
the same as you are doing when you, in your "tutorials", tell people to
(download and) use a specific program to get a certain result ... You
have /zero/ idea about what that program actually does other than what you
read about it. So, hypocrisy much ?

> My query is simply why it's _clearly_ always considered a bug when

By whom ? By the company that introduced that "bug" ? Are you really
expecting them to say "yes, we did put spyware in our product, and now you
caught us doing it we will try to find another way" ? Really ?

> ... ... and yet ... ...
>
> On all the other common consumer platforms that I asked the question of...
> o It's _not_ considered a bug?

Most of us are old enough to be aware that you should not just believe the
excuse of someone who did something wrong. You seem to be one of the few
people left who doesn't seem to be. How come ? Or are you just trolling ?

> What bothers me most so far in this thread is people think it's normal.

They don't kiddo, they don't. Its just you going doing business as usual,
stirring stuff together and looking at the mess you are left with as being
"the facts".

Question: What is the opposite of "right" ? There is /ofcourse/ just one,
right ? Or are you now going to explain that there are circumstances where
it means one thing, and others in which it means something else ? :-p

Regards,
Rudy Wieser


Philip Herlihy

unread,
Jul 6, 2020, 6:16:20 AM7/6/20
to
In article <rdus6p$1jvk$1...@gioia.aioe.org>, add...@not.available says...
>
> Arlen,
>
> Any reason you are necro-bumping a four /month/ old thread ?
>

The notion of "necro-bumping" brought a little joy into my Monday morning...


--

Phil, London

Arlen Holder

unread,
Jul 6, 2020, 10:16:02 AM7/6/20
to
On Mon, 6 Jul 2020 11:53:03 -0000 (UTC), Chris wrote:

> Yup. There's no such thing as "private contents" on the clipboard. All apps
> always have access to anything in the clipboard.
>
> It is why password managers have a method for scrubbing a copied password
> from the clipboard after 30 seconds.

Hi Ant,

People who say all apps do it don't seem to comprehend the actual question.

While you're not an apologist, Chris is, where Chris has proven time and
again to not comprehend even the _simplest_ of problem sets. So my
conversation with you can be on an adult level, whereas, with Chris or any
of the other worthless pieces of shit, there is no possibility for an adult
conversation.

To the point that "every app can do it", I really wish people would stop
repeating what we already know, which is that the clipboard "can" be read
by any app, where, it was stated LONG AGO that the problem isn't even close
to that.

So, to repeat what is already known, and which is not the point, is like
saying a stupid platitude which solves no problem.

Anyone who claims "all apps can do it" as the answer to the question...
o Has no clue what the question is.

The question is simple and I'm no genius, so it's shocking that so many
people can't yet comprehend the simple question - cuz it's very simple.

Why is it always obviously and clearly a bug on iOS when an app that has no
business reading the clipboard is caught reading the clipboard, and yet, on
Windows, people don't consider that very same action by that very same app,
a bug?
--
People who say all apps do it don't seem to comprehend the actual question.

Arlen Holder

unread,
Jul 6, 2020, 10:16:02 AM7/6/20
to
On Mon, 6 Jul 2020 11:16:18 +0100, Philip Herlihy wrote:

> The notion of "necro-bumping" brought a little joy into my Monday morning...

Hi Philip Herlihy,

I don't know you so I'll let you in on an obvious secret, OK?

1. Rudy Wieser is a well known worthless piece of shit.
2. He can't add value to _any_ thread, and never has.
3. Worse, he has _zero_ intention (or capability) to add value.

Rudy just complains like a whiny child, where he's on Usenet purely for his
own amusmement, which is fine as long as he doesn't infest a thread where
adults are trying to get something done.

As an adult, a well educated one at that, who is trying to get something
done, your post was not only worthless, but it proves that you, like Rudy,
do not seem to comprehend even the _simplest_ of timelines.

I don't know yet if you're just ignorant, or actually stupid like Rudy, so
I'll repeat for your benefit the time line makes sense to any adult.

I'll put it in _simple_ words for you so you have a chance at cognition.

OK?

1. The thread was opened when TikTok got caught reading the clipboard
(where TikTok immediately declared it a bug they would fix)

2. The thread was revitalized with new information this week when, again,
TikTok got caught, as did over 50 other apps, two of which are Reddit
and Linked-In, all three of whom declared it a bug they would fix.

If you can't comprehend those obvious facts, then open a thread where you
and Rudy Wieser can both be pieces of worthless shit on some other thread.

OK?
--
If that timeline doesn't make sense to you, then I'll know the answer to
the question of whether you're just ignorant, or incredibly stupid like
Rudy clearly is.

Arlen Holder

unread,
Jul 6, 2020, 10:16:03 AM7/6/20
to
On Mon, 6 Jul 2020 11:51:07 +0200, R.Wieser wrote:

> Any reason you are necro-bumping a four /month/ old thread ?

Hi Rudy,

You don't even comprehend the question...
o As always, you never add value - you simply complain like a whiny child.

The adults will be able to comprehend the enigma, which is, essentially:
a. Why, when this happens on iOS, by all accounts, it's a bug...
b. But, when it happens on the other operating systems, it's not?

This post is not for Rudy (who is a worthless piece of shit), but for the
adults on this newsgroup, who matter dearly, since they own the brain power
that will solve this question properly.

To Rudy... I realize you are _completely_ different from me, so you'll
never understand what is supremely obvious to most cognizant adults.

Since you're an utter moron, Rudy, and since I'm always purposefully
helpful to the adults who are on this newsgroup, I'll spell it out.

1. I am well educated, a scientist, and an engineer, which means I know
full well how to _document_ a subject, where, adding an update to a
document (such as to a white paper for example), is normal.

You, Rudy Wieser, are a worthless piece of shit, ill educated, and unable
to comprehend that I'm not on Usenet for my amusement (which is why you're
on Usenet).

You have absolutely zero intent to add value, which is why you can't and
never have.

2. As for the "four months" (which to whiny children like you, Rudy, is a
long time, but for adults, it's how long seeking answers takes
sometimes)...

With all the above in mind, I'm genuinely seeking _answers_ to the stated
problem set, which I opened at exactly the proper time, which you'll never
comprehend, was when TikTok got caught reading the clipboard when they had
absolutely no need to do so, and for which they apologized and said they'd
fix the "bug".

3. The reason for revitalizing this thread, which, again, is beyond your
child-like brain to comprehend Rudy, is that again, just this week, TikTok
(and plenty of others, like Linked-In & Reddit) got caught doing it again.

The adults will be able to comprehend the enigma, which is, essentially:
a. Why, when this happens on iOS, by all accounts, it's a bug...
b. But, when it happens on the other operating systems, it's not?
--
In summary, the worthless pieces of shit like Rudy Weiser will _never_ help
anyone answwer any technical question (they can't); all they can do is
complain when someone else seeks an answer ... where they can't even
comprehend the question, let alone add value to the answer.

R.Wieser

unread,
Jul 6, 2020, 1:42:50 PM7/6/20
to
Arlen,

> The adults will be able to comprehend the enigma, which
> is, essentially:
> a. Why, when this happens on iOS, by all accounts, it's a bug...

[quote=me]
By whom ? By the company that introduced that "bug" ? Are you really
expecting them to say "yes, we did put spyware in our product, and now you
caught us doing it we will try to find another way" ? Really ?
[/quote]

> b. But, when it happens on the other operating systems, it's not?

[quote=me]
Most of us are old enough to be aware that you should not just believe the
excuse of someone who did something wrong. You seem to be one of the few
people left who doesn't seem to be. How come ? Or are you just trolling ?
[/quote]

Lolz! Posting

> This post is not for Rudy

-- directly followed by

> To Rudy...

Make up your mind kid, either it is for me or it isn't. I'm no
"schrodinger's cat" you know.

> 1. I am well educated, a scientist, and an engineer, which
> means I know full well how to _document_ a subject

No, you /don't/ know how to do that. You show the lack of it every time
you claim to have created another "tutorial". Its mostly badly written
junk, with ill consideration to whomever has to read/follow it. Something
I've underbuild commenting on that list of "tutorials" you posted a few
weeks back. But you ignored all of that as well. 'Cause thats all you
/can/ do.

As for your "I am well educated, a scientist, and an engineer" claim ? Fat
chance.

Lets face it, your infantile ranting towards everyone who doesn't agree with
you tells me that you are most likely /not/ "well educated". If you would
be than you would not need to do that, because you would know how to defend
your own position by providing actual arguments - which you seldom, if ever,
do.

As for the latter ones ? If that where true you would be able to figure
stuff out for yourself instead of continuously leeching on others,
expecting - no, /demanding/ that they do all the work. And ofcourse it
would also be rather visible in your "tutorials", which it definitily isn't.

> You have absolutely zero intent to add value, which is why
> you can't and never have.

[quote=me]
Why don't you try to prove that ? Just find /all/ my messages and
describe, for each and every one of them how it was not helpful to the
intended recipient of that post. Good luck. :-)

Kiddo, don't you realise by now that "never", "always", "noone", "everyone"
and other indications like those are rather easy to break ? Just a
*single one* opposing it, and you fall flat on your face.
[/quote]

You're (educated and) a /scientist/ ? Ha, don't make me laugh. If you
would have been you would have known the above, and not even have /tried/ to
make that claim of yours to begin with. But here you are, posting it for
the umptied time.

> 2. As for the "four months" (which to whiny children like you,
> Rudy, is a long time, but for adults, it's how long seeking answers
> takes sometimes)...

So ? What /are/ those answers ? I did not see any. Just some "a day
late and a dollar short" info reposts and some complaints about stuff that
/should/ have been clear to you all those months ago.

> With all the above in mind, I'm genuinely seeking _answers_
> to the stated problem set,

Yeah, you do. As long as /you/ do not need to lift a finger in getting them
ofcourse.

As for the "stated problem set" ? Kiddo, just a few weeks ago you asked
for *the* hotkey for /all/ chromium based browser programs that would cause
a specific settings page to pop up. If /I/ can explain to you how that
question sucks than an /educated scientist/ should be able to recognise that
long before he even thinks of putting it to paper. Yet, you did post it ...

And I may be wrong, but me pointing out the flaw(s) in your question AND
making a suggestion to what could be used instead would, by some, be
considered helpfull ... But as I did not stoke your ego with it you
denied yourself to learn from it. Which is /your/ problem, not mine.

> 3. The reason for revitalizing this thread, which, again, is beyond
> your child-like brain to comprehend Rudy, is that again, just this
> week, TikTok (and plenty of others, like Linked-In & Reddit)
> got caught doing it again.

Yeah, and /anyone/ could have read that on their favorite tech
bulletins/fora a few days back. I know that I did. As such its old news.
And as shown in my previous reply, you have not brought anything /new/ into
the thread. But you sure did show that you have little, if any,
understanding of what was offered in the direction of answers and/or
explanations all those months ago.

> The adults will be able to comprehend the enigma, which is,
>essentially:
> a. Why, when this happens on iOS, by all accounts, it's a
> bug...
> b. But, when it happens on the other operating systems,
> it's not?

Thats the third time you've stated the same question, with the second time
being at the top of your post. Alas, my answer to it doesn't change.

> In summary, the worthless pieces of shit like Rudy Weiser will _never_
> help anyone answwer any technical question (they can't);

[quote=me]
Why don't you try to prove that ? Just find /all/ my messages and
describe, for each and every one of them how it was not helpful to the
intended recipient of that post. Good luck. :-)

Kiddo, don't you realise by now that "never", "always", "noone", "everyone"
and other indications like those are rather easy to break ? Just a
*single one* opposing it, and you fall flat on your face.
[/quote]

Kiddo, as always you refuse to answer even the simplest questions, like the
ones in my previous post or this one, or underbuild your own claims -
instead to just repeat accusations like a broken record. I said it before
and I'll repeat it here : you're pathetic.

Regards,
Rudy Wieser


Arlen Holder

unread,
Jul 6, 2020, 2:02:42 PM7/6/20
to
If anyone ever wonders why I point to Rudy Wieser's posts to prove, beyond
any shadow of a doubt, he's a child who can't possibly add value, the post
I just deleted from him is a perfect example of him proving that point for
me, simply by me pointing to exactly the crap that he spews forth.

Moving forward on the technical topic, we found out today that Android is
apparently adding the capability to notify the user when an app that has no
reason to use the clipboard is constantly reading your clipboard.
o *Those on Android 10... is it worth upgrading from 9 to 10?*
*What are the pitfalls you've experienced & the benefits?*
<https://groups.google.com/forum/#!topic/comp.mobile.android/X65cMyzAn-g>

And, of course, it's well known to all but low-IQ morons like Rudy Wieser
that everyone caught, to date, e.g., Linked-In, Reddit, TikTok, et al., has
vowed to 'fix' the code so that it no longer snoops on your clipboard.

o *LinkedIn says iOS clipboard snooping after every key press is a bug*
<https://www.zdnet.com/article/linkedin-says-ios-clipboard-snooping-after-every-key-press-is-a-bug-will-fix/>
"A LinkedIn spokesperson told ZDNet yesterday that a bug in the company's
iOS app was responsible for a seemingly privacy-intrusive behavior
spotted by one of its users on Thursday."

"LinkedIn said Friday it would stop the practice, explaining its app
was doing so to perform an equality check between what a user is typing
and what's in their clipboard... The company didn't explain why the
practice was in place to begin with..."
<https://www.theverge.com/2020/7/4/21313214/reddit-code-clipboard-privacy-copy-ios>

o *Reddit says it's fixing code in its iOS app that copied clipboard contents*
<https://www.theverge.com/2020/7/4/21313214/reddit-code-clipboard-privacy-copy-ios>
"Reddit says it's releasing a fix for a piece of code that copied
contents from users' clipboards. 'We tracked this down to a codepath in
the post composer that checks for URLs in the pasteboard and then
suggests a post title based on the text contents of the URL,' a Reddit
spokesperson wrote in an email to The Verge..."
"'We removed this code and are releasing the fix on July 14th'."

o *TikTok says it will stop accessing clipboard content on iOS devices*
<https://www.theverge.com/2020/6/26/21304228/tiktok-security-ios-clipboard-access-ios14-beta-feature>

"A TikTok spokesperson said in a statement emailed to The Verge on Friday
that it had submitted an update to the App Store to remove the feature,
which it described as an anti-spam measure. The feature was never
introduced to Android devices, according to the company."

And we found out that there are Linux variants which protect the clipboard:
o <https://www.qubes-os.org/>
o <https://www.qubes-os.org/doc/>
o <https://www.qubes-os.org/doc/copy-paste/>
"On Copy/Paste Security
The scheme is secure because it doesn't allow other VMs to steal the
content of the clipboard."
etc.

So we have progress in three of the four common consumer OS's I use:
o iOS 14 will notify the user
o Android 10 (reputedly) will notify the user
o Linux (at least with Qubes) reputedly will not allow the app access

We just need to figure more about how Microsoft plans to handle it.
--
Usenet is wonderful when everyone pitches in helpfully with knowledge.

J. P. Gilliver (John)

unread,
Jul 6, 2020, 5:43:26 PM7/6/20
to
On Mon, 6 Jul 2020 at 19:42:32, R.Wieser <add...@not.available> wrote:
>Arlen,
[lots of stuff I agree with snipped]

Rudy,
please stop replying to Arlen - I know it's hard. But the rest of us
have mostly killfiled him, so only see his output when someone does a
public reply to him. (Replying to him serves little or no purpose; he's
incapable of absorbing the point[s] you're trying to make.)

[To self:]
John,
please stop asking Rudy (and others) to stop replying to Arlen.

(-:
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The death of democracy is not likely to be an assassination from ambush.
It will be a slow extinction from apathy, indifference, and undernourishment.
-Robert Maynard Hutchins, educator (1899-1977)

Arlen Holder

unread,
Jul 6, 2020, 8:15:22 PM7/6/20
to
On Mon, 6 Jul 2020 22:41:16 +0100, J. P. Gilliver (John) wrote:

> he's
> incapable of absorbing the point[s] you're trying to make.)
> --
> J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Hi J. P. Gilliver,

I've always considered you an adult, so I'm going to ask you a simple adult
question, ok?

An adult has at least a single fact backing up his belief system, right?
o Do you?

Let's see, shall we?
o I'm going to ask you an _adult_ question, John P. Gilliver.

It's only three words, but I think you'll _fail_ this simple question.
o Name just one

Name once in the entire history of Usenet, where I did what you claimed.
o Name just once.

Point to even a _single_ post, which is not an attempt to get the trolls
(like Rudy Wieser) to simply go away and infest some other thread.

Point to one post, John Gilliver, where I did what you claim.
o Point to a single one.
--
The mark of a bullshitter is they can't back up a single claim they make.

Arlen Holder

unread,
Jul 7, 2020, 12:02:00 AM7/7/20
to
On 06 Jul 2020 21:55:50 GMT, Stephane CARPENTIER wrote:

> Yes, but no. With android and I'd say the same for iOS, the application
> is requesting its requirements at the installation process. And once
> granted it doesn't request anything any more and you don't know what is
> done. Except when you have wifi, data and everything off by default and
> the application is requesting you to put it on.

Hi Stephane,

Yes but no. :)

Here's the "Yes"...
"Explanation: Any applications that declare the permission
android.permission.READ_CLIPBOARD in their AndroidManifest.xml file
is automatically granted this permission when it is installed,
meaning they can read the Android clipboard.

Although many devices have access to a permission management control
system in Settings, READ_CLIPBOARD is not something users can restrict
from apps (unless you're a user of certain custom ROMs such as
LineageOS.)"
<https://www.xda-developers.com/stop-apps-reading-android-clipboard/>

Here's the "but no"...
"However, there's actually a hidden way of restricting the permission
apps use to read your clipboard... We used the hidden appops command
line interface, which lets us restrict more permissions than is shown
in Settings."
<https://www.xda-developers.com/stop-apps-reading-android-clipboard/>

It's a pleasure to discuss things with you because, with you, we can move
forward from what we all knew before this thread existed, instead of doing
what most people are doing, which is rehashing what everyone already knows.

While you seem to be the only one so far who has posted (that I've
responded to anyway) that seems to have _any_ grasp of the issue, as far as
I can recall, Android (up until Android 10 anyway), doesn't have, AFAIK, a
specific permission set for clipboard access (someone correct me if I'm
wrong as all I ever care about, are the facts).

Just like with clipboard protection, iOS & Android are ahead of Linux and
Windows, it seems, at least by default, as we move ahead on privacy (e.g.,
Android now transmits only randomized MAC addresses, by default).
o *Privacy changes in Android 10*
<https://developer.android.com/about/versions/10/privacy/changes>
<https://tr2.cbsistatic.com/hub/i/2019/06/04/d390bc2c-33a3-4def-8d19-1d2c49ef2b8d/macb.jpg>

That kind of privacy, by default, isn't yet on Linux (AFAIK), as, well,
Lord knows how many threads I've authored on Mac randomization in the past.

It seems the mobile devices are ahead of Linux, on these defaults.

In Android 10, for example, there are now new clipboard permissions:
o *Read Clipboard Permissions on Android 10*
<https://joaoapps.com/AutoApps/Help/Info/com.joaomgcd.join/android_10_read_logs.html>
"To read your clipboard on Android 10, Join needs to be granted
permission to read system logs and draw over other apps on your device"

o *No more stealing passwords*
"The Android Q 10 build includes new permission called
READ_CLIPBOARD_IN_BACKGROUND. As the name suggests, the new permission
will hamper random background apps from accessing the clipboard content.
Above all, apps would be asked to get a signature from the OEM.
<https://fossbytes.com/best-android-10-features/>

>> Why not Linux?
>
> There is ways to restrict usages to application in Linux. But the
> purpose of the clipboard isn't to be restricted but to help sharing
> information between applications.

Well, on Android, as shown below, there _are_ ways to restrict apps from
reading the clipboard, which is good news as Android is ahead of the game.

o *How to Stop Apps from Reading the Android Clipboard to Protect your Privacy*
<https://www.xda-developers.com/stop-apps-reading-android-clipboard/>
(You set the clipboard permissions from your Mac, Linux, or Windows
computer over USB using the freeware adb commands.)
$ /home/user/downloads/adb devices
$ adb shell
$ cmd appops query-op --user 0 READ_CLIPBOARD allow
$ cmd appops set <package> READ_CLIPBOARD ignore
"If you don┤ see an error message, then the command worked!
Repeat the above step for any other apps you want to stop reading
your clipboard."

"The first command we did, query-ops, pulls a list of applications
installed that have been granted the Android clipboard read permission.
Using that list, we can then decide which apps we want to stop from
reading your clipboard. If you decide to restrict the permission from
every user/third-party app installed on your device, then you can even
start to safely copy and paste your passwords without having to worry
that another app might listen in and steal your passwords!"
<https://www.xda-developers.com/stop-apps-reading-android-clipboard/>

>> You pretty much answered that _some_ Linux variants do have this
>> protection.
>
> Qubes OS is not a Linux variant. It's an hypervisor with a lot of
> Virtual machines running on it. The VM can be Linux or Windows. But for
> the privacy, it's a lot more heavier to handle, the people don't want it
> without reason.

Ah, thanks for clarifying what Qubes OS is, as this is my first exposure.

What I like about iOS and Android's philosophy on clipboard privacy is that
you _can_ turn off clipboard access, on a case by case basis, with the
latest iOS 14, and, apparently, with multiple Android versions (where it's
simply easier to do now, in Android 10, reputedly).

>> It would be nice for "basic" Linux (e.g., ubuntu) to have this option,
>> just as iOS 14 and now, Android 10, have this option.
>
> It's not an option in Linux. The design is different. And I trust a
> little bit the applications I'm putting in because they aren't very
> popular and around from a long time. They are all open source, so a
> malware could be found more easily.

Agreed.

Overall, open source helps the user because we can presume "somebody" who
knows what they're doing has "inspected" the code. (Let's hope.)

I do get my hairs on end when people, like they did in this thread, suggest
"everyone" (even those who don't code!) still read the code, in order to
assess what the code is doing to the clipboard... but that's just crazy
(which is why I state that of all who posted, only you seem to understand
the problem set sufficiently to provide useful advice).

> I would be very surprised to find that Android iOS have the same level of
> security than qubes OS.

Let's be clear that nobody said that, and nobody implied that, and nobody
thinks that, and nobody should infer that anyone said that.

What Android (and iOS) has, that Linux doesn't seem to have, is control
over whether or not an app has access to the clipboard, and, in the case of
iOS, notification when it does access the clipboard.

Does Linux have that yet?
o If not, perhaps it should. :)

> The purpose is not to protect against the clipboard, but against
> everything. From the viruses, to the webcam. The clipboard is only a way
> to extract information. They wouldn't do so much work only for the
> clipboard.

Agreed.
o Later, not now, but later, I'll run a search for the obvious, which is:
"What is the difference between Tails and Qubes OS"
(although that alone might get me on some TLA's radar as an activist!) :)

However, the point of this thread is _only_ about the clipboard.
o Specifically Linux protection akin to what we now see on Android & iOS.

> The
> purpose is to let your application access to an isolated clipboard, like
> that, whatever your application do with your clipboard is of no
> consequence for your privacy.

Thank you for that explanation where, again, you seem to be the only one,
so far, who posted, who understands the problem set sufficiently to advise
others.

In summary, I think, this thread, has suggested multiple related factors:
1. On both iOS and on Android, the user is now notified when an app
secretly accesses the clipboard.
2. All apps caught that we know of to date, have instantly apologized and
said they will immediately remove their creepy snooping behavior
3. All app developers have "claimed" it was a bug, but we all on this ng
aren't that easily bamboozled by their excuses; sufficient that they remove
the clipboard snooping when caught.
4. On Linux (e.g., Ubuntu) native, the user apparently will have no way of
knowing how many apps perform this act when they don't need to do it.
5. As nospam has said, it's "ignorance" driving users (like Peter) who
claimed, without a shred of data apparently, that no apps on Linux are
malicious.
6. The fact that many (most? all?) Linux apps are open source helps greatly
though, where we can "assume" that "someone" who knows how to read code,
has checked the code to see if the apps maliciously read the clipboard.

In summary, most people feel it's only a problem on iOS and Android, and
not, necessarily, on Linux, where, if that's indeed the case, the good news
is that clearly both iOS and Android are doing something about the problem.
--
Working in unison on Usenet in polite discussion we can all learn together.

Arlen Holder

unread,
Jul 7, 2020, 1:02:29 AM7/7/20
to
On 06 Jul 2020 22:59:00 GMT, Stéphane CARPENTIER wrote:

> Why are you only concerned by the clipboard ?

Hi Stephane,

You seem to be able to handle technical detail, so it's a pleasure to
discuss this problem set with you.

That's especially true given you're the only one who seems to _understand_
the problem set (perhaps along with J.O. Aho with his most recent response
to the same post you're responding to above)... hence what you ask of me is
important.

The simple answer is inherent in the opening post:
o TikTok got caught doing it; so I wondered what Linux programs do it.

The more complex answer in inherent in the timeline of new details:
o Apple iOS implemented popup notifications when it happens again

Where, that caught TikTok (again), along with Reddit, Linked-In, et al.
o So that's why the thread was UPDATED with further new details this week

In addition, after getting a shit ton of bogus answers on this (and other)
OS threads from people who _still_ don't seem to comprehend what you
understood from the very start... I dug into what Android does & did,
where, since at least Android 6, we've had control of app clipboard
permissions obtained as easily as simply installing an app, e.g.,

o *Private Clipboard helps mimic Android 10's clipboard privacy on older Android devices*
<https://www.xda-developers.com/private-clipboard-mimic-android-10-privacy/>
"In Android versions prior to Android 10, every single app could read the
contents of your clipboard. And this was accomplished without needing to
grant any runtime permission to any app..."

"Android Q/Android 10 would finally block background clip reading.
But if you are on an older release of Android, you can mimic the
same functionality with this Private Clipboard app."
<https://forum.xda-developers.com/android/apps-games/app-private-clipboard-t3964055>
<https://labs.xda-developers.com/store/app/net.easyjoin.privateclipboard>

Note that you can do the same thing, apparently, as private clipboard does,
simply by connecting your Android device to Linux, Mac, Windows, over adb
on USB, and then you can issue commands to *control* what apps have
clipboard access (as described in gory detail in a prior post to you
minutes ago).

In summary, for clipboard access, the two operating systems doing something
about it are clearly iOS and Android, where what iOS is doing is
essentially two things (AFAICT):
1. Notifying the user whenever an app maliciously reads the clipboard, and,
2. Allowing the user to _control_ whether they want that app to have it.

On Android, it seems the "notification" isn't there yet (is it?); but it
seems the ability to allow the user control over the setting was always
there (within some range of "always", e.g., Android 6+), and, it's
apparently more easily accessible to the normal user in Android 10.
o *Clipboard not accessible from background app with Android 10 SDK upgrade*
<https://stackoverflow.com/questions/58727690/clipboard-not-accessible-from-background-app-with-android-10-sdk-upgrade>

It seems both Linux & Windows, so far, don't have/need/want it yet.

> Do you know which
> application is using you mic or your camera ?

Yes, of course.
o At least for Android I think I have full & complete knowledge.

Particularly since I turn _off_ mic & camera permissions for all apps that
request it, and only turn it back on, ad hoc, if/when I need it.

In fact, I turned off _all_ possible permissions, and fully documented it:
o *My experiment turning all Android app permissions off*
<https://groups.google.com/forum/#!topic/comp.mobile.android/FKjvRYbqgIw>
--
Every thread should add to the value of our permanent Usenet archive.

R.Wieser

unread,
Jul 7, 2020, 3:56:48 AM7/7/20
to
John,

> Rudy,
> please stop replying to Arlen - I know it's hard.

It is. He blabbers so much stupidity that its rather hard not to try to
correct him.

> Replying to him serves little or no purpose; he's incapable of absorbing
> the point[s] you're trying to make.

Although I do not know if that is true, it is rather obvious that he doesn't
respond to questions, remarks or suggestions in his direction.

> so only see his output when someone does a public reply to him

Hmmm... My newsgroup reader currently also supresses the replies to a
supressed post (and so on). I do not see such branches unless I disable
the display-blocking for them.

But, point taken. And by the way, my apologies. I would get irritated by
it too.

Regards,
Rudy Wieser


Arlen Holder

unread,
Jul 7, 2020, 2:19:09 PM7/7/20
to
On 07 Jul 2020 11:37:03 GMT, Stéphane CARPENTIER wrote:

> The MAC address randomisation is only useful when you move without VPN.

Hi Stephane,

<warning: details follow, where I address all your stated concerns, I hope>

It's a pleasure discussing this with you since, unlike most who posted, you
can handle details (as can I). Most simply think the entire thread is no
more detailed than the Subject line (which is why they repeatedly and
endlessly told us what everyone knew since the dawn of computers, for
example - which simply wasted more than half this thread on their lack of
ability to comprehend what the thread topic was actually about).

Agreed on VPN...

You maybe don't remember how many threads Marek Novotny and I had which
created scripts (almost exclusively by Marek, where I tested them for the
team) improving the geolocated randomization of six thousand VPN servers in
the past on this newsgroup.

If you want, I can dig up a few representative a.o.l threads where we
tested to death killswitches, VPN geolocation scripts, & VPN randomization
years ago, where my point is that randomization of everything is useful,
e.g., I even randomize my (Windows) system timezone, as shown in this post:
o Script to randomize the system timezone to help foil fingerprinting
<https://groups.google.com/d/msg/alt.msdos.batch/0EE2VwfKwYc/fjh7tvLpAAAJ>

>> It seems the mobile devices are ahead of Linux, on these defaults.
>
> Because it's pointless on desktop, and pointless on laptop if you use
> your phone as a wifi source. So, Linux can put it in place easily, but
> there is no real need by default outside mobile devices.

I don't disagree now that I know more about what the mobile devices are
doing, where, you may note I'm all over the Android & iOS newsgroups on how
to improve privacy (e.g., I've virtually eliminated Google-anything on my
Android devices, without needing to be rooted).

You can have full functionality on Android _without_ Google if you just
take some risks of deleting, disabling, and blocking Google's background
and system processes.

I have so many threads on this topic that pointing to just one would be
insufficient, but here's just one to give you the idea of the scope:
o *Does anyone know how the PHONE ties to CONTACTS tiies to SMS on Android
9 Pie?*
<https://groups.google.com/forum/#!topic/comp.mobile.android/EvXtsP9radE>

In that case, for example, I eliminate the default sqlite contacts db,.
which, I realize, almost nobody on the planet does, but they also don't
know what I know, which is that Google uploads that specific file without
you knowing it (most people can't fathom that concept, which is why they
don't do the things I do to get around that privacy hole in Android).

> Do you really believe it's an improvement to be required to read the log
> to be able to access the clipboard ?

No. No. No. :)

Nobody said that, nobody implied that, and nobody should infer that.

All I was saying was that Android, since Android 6, has had the capability
to deny read permission on an app-by-app basis, but it was a bitch (as you
noted).

What _is_ an improvement though, is that in iOS 14 and in Android 10
(reputedly), the user has app-by-app control that is _easy_ so that the
_user_ decides which apps have clipboard read permission.

I couldn't get it to work on Android 10 when I tried yesterday, but I
didn't try for more than a minute or two as I was in the middle of
researching it.

Luckily, on iOS 14 (currently in beta), the user is _notified_ whenever an
app accesses their clipboard, which is a boon to detection of which apps do
it (since some clearly have no business accessing the clipboard at all,
even less so constantly).

> OK, I'm French and maybe I don't know what a clipboard is. It's possible
> we don't speak of the same thing. For me, the clipboard is the thing used
> to copy/paste information between applications.
>
> If I'm wrong, I'd like an explanation.

I think on Apple they call it a "pasteboard" & "clipboard" concurrently:

o *Apple Suddenly Confirms Hidden Problem Impacting All iPhone, iPad Users*
<https://www.forbes.com/sites/zakdoffman/2020/06/23/apple-ios14-release-iphone-11-pro-update-ipad-upgrade-security>
"Apple should include a privacy setting, app by app, enabling or
disabling access to the _clipboard_. And, at the very least, it should
flash a notification on screen when an app does access the _clipboard_,
to prevent apps from exploiting the _pasteboard_, the researchers said
back in February, Apple must act!"

On Android, they mostly just call it a "clipboard", I think:
o *Limited access to clipboard data*
<https://developer.android.com/about/versions/10/privacy/changes>
"Unless your app is the default input method editor (IME) or is the app
that currently has focus, your app cannot access clipboard data on
Android 10 or higher."

It's important to realize the detail that it's the OPERATING SYTEM
developer who needs to act first, and only after the OS is fixed, can the
user have this privacy against malicious clipboard access.

It's also important to notice the detail that both Android & iOS developers
did act, and both implemented solutions in the operating system, which are
the kinds of things I was asking here, about Linux.

My key question was why is it desperately needed in mobile devices, but not
on desktop operating system, where the answer from most here is
(essentially) that there is simply no malicious code on the Linux operating
system - and there never will be malicious code on Linux ('cuz it's open
source). :)

[Yes, I know I'm taking it slightly out of context; but that's essentially
Peter's claim, for example.]

> If I'm right, I really don't understand what concerned you so much with
> the clipboard. It's not a keylogger. If you tell me that Android and iOS
> don't manage a real clipboard but are using the central logs for the
> purpose, there is a real concern. But they are not far in advance of
> Linux, they are garbage which needs fast improvement.

Thank you for asking as I think almost nobody on this thread understands
the problem set, where you clearly understood the most. Most think they
read the subject line and then they understand the problem set - but
EVERYTHING they post proves that they don't understand the issue.

So I thank you for saying that you're a bit confused, as we must be talking
about different things if you're confused about the danger, which I admit
must be my mistake that I didn't explain it well.

If you read why everyone is upset with Linked-In, Reddit, and TikTok, and
if you read the developers' statements that they will _remove_ the
clipboard reading, the problem is clearly stated in those references
(previously provided, but here's just one more to read to get the idea):
o *Apple iOS 14 Alerts Reveal Reddit App Is Reading User Clipboard Data*
<https://www.forbes.com/sites/daveywinder/2020/07/05/reddit-latest-to-get-caught-by-apple-ios-14-clipboard-data-copying-alerts-iphone-privacy/>

*The _simplest_ clarification I can give is that apps that have no*
*business in reading the clipboard, are constantly reading the clipboard.*

It's far worse than that, of course, but that's the gist of the problem
set.

The only reason Reddit, Linked-In, and TikTok (among others) are removing
the code is that they got caught.

The only reason they got caught (at least recently), was that iOS 14 beta
now tells the user whenever an app is reading their clipboard without their
knowledge, nor consent.

This thread was just to ask about this same problem set on Linux. :)

> Why do you put your password on you clipboard ? There is better ways
> than that. Either you know your password or you put it in a serious
> password manager. Putting your password in your clipboard is bad.

Hmmmmmmmm.... people do a lot of things that you and I might not do. On
Apple, for example, you can copy something on your Mac, which will show up
in the clipboard of your iPhone (apparently), which then the malicious apps
can vacuum up.

People cut and paste a _lot_ of things, where I think anyone who focuses
_just_ on passwords misses the point.

It's sort of like having a miscreant kid in the neighborhood who steals
people's packages left on their doorstep, one of which might be, oh, say,
electronics, and then asking why people allow electronics packages on their
doorstep.

The "password" part is just one kind of "package" that the miscreant
steals, where anyone who asks "why do people allow electronics packages to
be left on their doorstep" is missing the point, IMHO.

The point is that the miscreant is stealing the packages.

> From what I see it's more far behind. And for the restriction, it's as I
> said. You don't grant it the right at each need, which would be very
> difficult.

Usenet is a flat text-only communication so I think we agree for the most
part, where I think it goes this way in terms of sophistication:
1. iOS 14 beta seems to be best for notifying users & allowing control.
2. Android 10 seems to be ok for allowing control and inadequate for
notifying users.
3. Android 6 to 9 seems to be barely adequate for allowing control &
totally inadequate for notifying users
4. Linux/Windows seem to be stuck in the Stone Age in terms of notifying
users and allowing control.

The argument most posted, so far, for _why_ Linux doesn't do what the
latest iOS and Android do, is that Linux apps are never malicious, which,
if true, is good enough for me.

As the Spartans would say to "If Linux doesn't need it...", my reply is:
o If

> I don't know how Android and iOS are managing their clipboards, but
> unless I have not the same definition, only what you copy must be
> available in it. If the clipboard grant to access to anything else, it's
> bad, and I understand your concern. But in this case, their philosophy
> is garbage and they lack far behind Linux.

Again, I think we're just talking about different aspects of the clipboard.

Think about it in terms of a kid stealing packages left on people's
doorstep, who shouldn't be stealing those packages.

On Linux, in this thread, most people said there are no kids stealing those
packages, so you don't need anything to tell you that it's happening.

OK.

But on iOS, we _clearly_ know there _are_ kids stealing those packages
(e.g., Reddit, LinkedIn, TikTok, and about 50 others, to date).

And on Android, we clearly know that in Android 10, you have to explicitly
allow that kid to take that package off your doorstep.

Notice the problem is not that the package is on the doorstep (i.e., it's
not what you pasted into the clipboard or why you did it); the problem is
that the miscreant kid is stealing those packages off your doorstep, when
he has no right to do so.

These miscreant apps are reading your clipboard when they have no rational
reason to do so (and they _all_ admit it, although they try to explain it
away as a "bug").

The important point is that all apps caught to date stealing these packages
from your doorstep have instantly vowed to remove the miscreant code.

That tells you everything you need to know, right there. (IMHO)

> The important thing is anyone who wants to can.

Trust me Stephane, I _know_ all the platitudes on Open Source.

What irks me is when someone seriously suggests, in effect, _everyone_ who
cares about privacy must read all the open source code of all the open
source apps on their system.

It's just a ridiculous suggestion and as such, is patently unhelpful.

Most of the comments in this thread just wasted everyone's time, e.g., how
many freaking people claimed any app "can" read our clipboard? What the
heck did they think they were telling us? I can see someone mentioning it
once, but jesus christ, do you know how many times they said it?

45% of the posts in this thread were that kind of utter garbage, and 45% of
the posts from me were responding to that utter garbage.

It's utter garbage what was suggested (to read the source code).
o It just is.

Your point of view that people who know how to look for such things "can"
(and probably should and likely do) look at the source code is fine.

However, it's something we all knew decades ago, so it only needs to be
stated once and we can move on instead of rehashing it over and over and
over and over (and over) again.

> You don't have to rely
> on someone you don't trust. You can trust who you want and if you trust
> nobody you can check by yourself.

We do not need to rehash this.
o We all knew this decades ago.

It adds no value after the first time it's mentioned.
o Nobody disagrees.

It only has merit when/if someone claims _because_ it's open source, there
is no malicious (or accidental) code that reads the clipboard that doesn't
need to read the clipboard.

That's essentially what has been claimed by Peter, for example.
o Because it's open source, it's looked at, and no malicious code exists.

> Even if you trust someone, you can
> check by yourself. On Linux, you have the developer who do what he want,
> and then you have the package maintainers. So, you have people who knows
> their jobs to take care of it.

Understood. We do not need to rehash this over and over (and over) again.
o Because it's linux, if it's looked at, malicious code doesn't exist.

If

> Yes, but you seam overtly concerned about it.

Heh heh heh... I'm not in the _least_ worried about it.

Just like I'm not in the least worried that at the 2018 Battle of Khasham,
something like 200 or so of 500 Russian "soldiers" were massacred by we
Americans because they tried a simple "Banzai style" attack against 30
Americans who didn't need to fire a shot in response...

That simply happened.
o It doesn't worry me.

But I'm extremely _interested_ in _how_ that could possibly have happened,
where, Putin claimed that they were not Russian soldiers (despite lots of
now-childless Russian mothers & bereft Russian wives wailing in the weeks
afterward).

Notice it's the same type of "excuse" Putin is providing (i.e., Wagner is a
group of completely private mercenaries whom he has no control over) as
LinkedIn, Reddit, and TikTok provided (i.e., they claimed they were simply
bugs).

In both cases, adults know exactly what is going on.
o In both cases, I'm _interested_ in knowing what is going on.

But I'm not worried about it in either case.

It's the same with Macron & Putin in Libya just this week.
o I'm not at all worried that Libya is split into three factions, where
Macron supports one of the three, while Putin another, and Turkey yet the
third (greatly oversimplified).

Hence, what Macron claims about Putin is true, but what Macron claims about
what he's doing, is bullshit...

Just as what Putin claims about Macron is true, but what Putin claims about
what he's doing, is bullshit... (he's claiming the PMC did it, for example,
not him).

Notice I'm _interested_ but I'm not in the least concerned.
o All I want to know is what is really going on.

What is really going on isn't going to be resolved by platitudes.
o This thread is, unfortunately, 95% platitudes and 5% progress on
understanding the problems set.

> For me, in the clipboard,
> you put only information you choose. If have put a keylogger, you have
> every information you type on your keyboard for example. If you cant do
> anything better, it's good for a spy to access your clipboard, but it
> should be his last ressort.

That's not the problem.

The problem is akin to a miscreant kid in the neighborhood stealing
packages that people feel should be left alone on their doorstep.

If they were shipping enriched uranium, like that which was made at the
Natanz Nuclear Fuel Enrichment Facility that, just this weekend
mysteriously blew up (heh heh heh), they wouldn't be putting it on their
doorstep.

What we're talking about has nothing, per se, to do with passwords or
keyloggers at all. The Israelis are likely the "keylogger" here, who were
rather clever at planting a bomb _inside_ the super secure facility, and
they widely emailed journalists with well-prepared videos of their action
just moments (mere minutes) after it happened (at 2am Iranian time).

That's a keylogger you should be concerned about if you're an Iraqi bent on
nefarious nuclear hegemony.

All we're talking about here is simply that a miscreant kid in the
neighborhood is stealing, for no good reason, packages casually left on
people's doorsteps.

The point is that people have a right to have packages casually left on
their doorstep that they don't need to worry about a miscreant kid stealing
them.

So please understand that we're talking not about nuclear fuel (i.e.,
passwords) so much as ladies and men's underwear left on the doorstep,
where the point is that app developers have no business reading this
information when they have no business reading it.

The fact that miscreant kids were stealing the packages is the problem,
where now we know they're doing it (on iOS anyway), and their parents
immediately said they will have their miscreant kids stop it.

Same with the app developers (who are akin to the miscreant kid).

>
>> In summary, most people feel it's only a problem on iOS and Android, and
>> not, necessarily, on Linux,
>
> If I know what a clipboard is, I agree with them.

I understand your agreement, where my only reply is... "if".

>> where, if that's indeed the case, the good news is that clearly both
>> iOS and Android are doing something about the problem.
>
> If their clipboards aren't limited to the copy information, I'd say,
> they really should improve faster.

No. Their clipboards _are_ copy information.

The clipboard is analogous to the "doorstep" where packages are left.

It's good when people are aware that miscreant kids are stealing their
packages which are habitually casually left on their doorstep.

When the parents of the miscreant kids are publicly outed, as Reddit,
LinkedIn and TikTok were, those parents put a stop to it immediately.

My initial question was why wasn't this needed on Linux.
o The (simplified) answer was there are no miscreants coding on Linux.

I understand that point of view, where my key response is... "if".
--
It's a pleasure discussing a topic with someone who can understand it.

Arlen Holder

unread,
Jul 11, 2020, 9:03:07 PM7/11/20
to
Update (based on threads posted today)...

This thread was posted by someone today of what we've discussed prior:
o *TikTok and 32 other iOS apps still snoop your sensitive clipboard data*
<https://groups.google.com/forum/#!topic/comp.mobile.android/6YRFPNiRTo0>

My global response, which ties the operating systems together, is below.

On Sat, 11 Jul 2020 21:57:29 -0000 (UTC), CrawdaddinCrawdad wrote:

> On background, a spokesperson said that TikTok
> for Android never implemented the anti-spam feature.

This has been reported & discussed in detail on each of these newsgroups.
o Interestingly, the same topic was considered different by each newsgroup!

iOS:
o *Even more iOS apps caught snooping clipboard contents ...*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/IHVirXnbJF0>

Android:
o *What common specific Android apps are known to access the clipboard upon mere invocation & without your permission?*
<https://groups.google.com/forum/#!topic/comp.mobile.android/hdNb3BeYm44>

Windows:
o *Do any Windows freeware apps habitually access the private contents of the clipboard upon mere invocation of the app?*
<https://groups.google.com/forum/#!topic/alt.comp.freeware/AI5SiPSGyaE>

Linux:
o *What common specific Linux apps are known to access the clipboard upon mere invocation & without your permission?*
<https://groups.google.com/forum/#!topic/alt.os.linux/VmByXYAaJts>

For some reasons, it's only considered a big problem, on iOS.
o I'm not quite sure why, but you can read the threads for the detail.

Similar iOS Discussions:
o *Reddit caught red handed by iOS 14 copying the clipboard contents on iOS devices*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/-gvgKjTALvI>

o *iOS 14: TikTok seems to have been caught abusing the clipboard in a quite extraordinary way.*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/dRKgQG8jGo8>

o *iOS 14 - Linked-In app caught reading the user's clipboard in background (including from other sources)*
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/2VZ5a3QsvBc>

For whatever reason, the Android folks aren't as worried, where Android has
had the ability, since Android 6, to view & remove clipboard access on an
app-by-app basis:
o *Freeware "App Inspector" by Ubqsoft [free, no ads, GSF independent] lists installed apps & their "secret" permissions [apparently]*
<https://groups.google.com/forum/#!topic/comp.mobile.android/3MEPsDCDCSs>

And, where, in Android 10, you can set that clipboard access more easily:
o *Those on Android 10... is it worth upgrading from 9 to 10? What are the pitfalls you've experienced & the benefits?*
<https://groups.google.com/forum/#!topic/comp.mobile.android/X65cMyzAn-g>

In summary, note that each operating systems apparently handles this
clipboard access privacy/security hole quite differently:

A. iOS 14 tells you when it's happening & allows you to block it.
B. Android 6+ can block it; but doesn't tell you when it's happening.
C. Windows, as far as I can tell, has no protections or notification.
D. Linux is completely different - they claim no apps are malicious.

Go figure.
o If you don't believe (or understand) my summary, click on the threads.
--
Each operating system group considers the same problem differently.

Arlen Holder

unread,
Jul 28, 2020, 9:46:05 PM7/28/20
to
UPDATE:

Dateline less than a week ago...

"Laptops running Windows 10 or macOS operate a little differently.
Many apps you install can still access the clipboard whenever they want,
unfortunately, that part is still the same. However, both desktop
operating systems also offer some kind of cloud clipboard feature.

"How-To Geek offers a great rundown on clipboard access"
o *PSA: All Apps Can Read Your iPhone and Android Clipboard*
<https://www.howtogeek.com/680147/psa-all-apps-can-read-your-iphone-and-android-clipboard/>

"Apple offers a cloud clipboard feature that enables users to copy and
paste across iOS, iPadOS and Mac devices. Apps snooping on the clipboard
can get data from your laptop or tablet too."

"When iOS 14 officially arrives later this year, it will allow apps to
query the clipboard without seeing its data. ... [Browser] apps can use
the new API to ask iOS what's in the clipboard. iOS can then tell the
browser whether it has a URL, text, a picture, or something else.
Plus, the software can do this without revealing what's in the
clipboard. If iOS says a URL is available, the browser can paste it from
the clipboard, triggering the notification and letting the user know
what transpired. If there isn't a URL, the app doesn't access the
clipboard data, the user's information remains secure and iOS doesn't
notify the user."

This article from last week outlines a nice history of how iOS progressed
to capture scores of malware apps (many from well known respected authors)
which accessed the users' clipboard when they had no business doing so:

o *Copy, paste catastrophe: how Apple's iOS 14 disrupted clipboard espionage*
<https://mobilesyrup.com/2020/07/23/ios-14-clipboard-apps-snooping/>

"In February 2020, German-based developer Tommy Mysk and Toronto-based
developer Talal Haj Bakry shared a blog post explaining how iOS and
iPadOS apps have unrestricted access to the clipboard. The duo
highlighted how this access could lead to security vulnerabilities,
such as exposing users' precise location."

o *Precise Location Information Leaking Through System Pasteboard*
<https://www.mysk.blog/2020/02/24/precise-location-information-leaking-through-system-pasteboard/>

"Mysk submitted the details to Apple in January, but the company told the
developers it didn't see an issue with the vulnerability. However, with
the release of iOS 14 betas to developers and later the public,
it became clear that Apple did see a problem with clipboard access.

o *iOS 14 will notify users when apps access the clipboard*
<https://mobilesyrup.com/2020/06/24/ios-14-new-clipboard-api-notification/>

"Apple's latest mobile operating system ushered in two significant
changes for the clipboard; a notification to tell users when apps
accessed clipboard data and a new API that makes the clipboard more
secure."

"Since late June, people have caught over 50 apps abusing clipboard
access."

o *Security researcher finds 53 more iOS apps reading users' clipboard data*
<https://mobilesyrup.com/2020/06/28/security-researcher-finds-53-more-ios-apps-reading-users-clipboard-data/>
"The apps include Fruit Ninja, the New York Times, PUBG Mobile and Viber"

The article goes on to include Android...

"What about Android users? After reading all this, you may wonder if the
clipboard on your Android phone or Windows PC is safe."

"How-To Geek offers a great rundown on clipboard access"
o *PSA: All Apps Can Read Your iPhone and Android Clipboard*
<https://www.howtogeek.com/680147/psa-all-apps-can-read-your-iphone-and-android-clipboard/>

"Starting with Android 10, apps need permission to access the clipboard
in the background. Still, while restricting background access to the
clipboard is good, it's no more than what iOS 13 does. Hopefully, Google
follows Apple and implements a similar system to iOS 14 on Android."

"Laptops running Windows 10 or macOS operate a little differently.
Many apps you install can still access the clipboard whenever they want,
unfortunately, that part is still the same. However, both desktop
operating systems also offer some kind of cloud clipboard feature.

macOS has Universal Clipboard, which shares copied data across macOS,
iOS and iPadOS. That means anything you copy will pass through Apple's
servers."

"Windows 10 has a Clipboard history setting that saves a record of
everything you copy and paste. You can access this by tapping Windows+V.

Windows 10 will sync your clipboard history across devices as well if
you enable that setting.

The one saving grace here is websites. Web apps can't automatically
access your clipboard. Users have to paste content manually for a
website to access it."

"Apps that access the clipboard without user consent"
o Firefox
o Google Chrome
o Discord
o Fox News
o The New York Times
o Wall Street Journal
o Bejeweled
o Fruit Ninja
o PUBG Mobile
o Viber
o Weibo
o Zoosk
o AccuWeather
o DAZN
o Overstock
o CBC News
o CBS News
o ABC News
o Al Jazeera English
o CNBC
o News Break
o NPR
o Reuters
o ntv Nachrichten
o Russia Today
o Stern Nachrichten
o Huffington Post
o The Economist
o Vice News
o 8 Ball Pool
o Amaze
o ToTalk
o Tok
o Truecaller
o Block Puzzle
o Classic Bejeweled
o Class Bejeweled HD
o Watermarbling
o Total Party Kill
o Tomb of the Mask
o Tomb of the Mask: Color
o FlipTheGun
o Golfmasters
o Letter Soup
o Love Nikki
o My Emma
o Plants vs. Zombies Heroes
o Pooking
o 10% Happier: Meditation
o AliExpress Shopping App
o Bed Bath
o Hotels.com
o 5-0 Radio Police Scanner
o Hotel Tonight
o Pigment
o Recolor Coloring Book to Color
o Sky Ticket
o Microsoft Teams
o Call of Duty Mobile
o Google News
o McDonald's
o Starbucks
o Wendy's
--
Apps that have no business snooping on your clipboard, shouldn't do it.
0 new messages