Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! Websites somehow have access to the files on my computer!


  • Please log in to reply
6 replies to this topic

#1 Ghostbusters2

Ghostbusters2

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 12 July 2018 - 02:00 PM

Something DEEPLY DISTURBING has just happened to me and I am in shock!

 

I was writing a message on a popular website and decided to paste a bit of text from another website.

 

However, when I hit "paste" I could not BELIEVE what happened... the website UPLOADED a PERSONAL FILE from my computer. It did this IMMEDIATELY without any prompting or Explorer window appearing.

 

The file in question was a file on my computer which I happened to copy earlier, so it was in the copy buffer.

 

But how could a website gain access to my copy buffer? I mean there could have been ANYTHING in the copy buffer. Private messages. Passwords. It could have uploaded my personal diary, photos of me naked, pornography I had on my computer? This is SERIOUSLY scary stuff.

 

What is going on? How could a website get hold of a file from my computer without there being a Windows prompt? Do I have a virus? Can anyone help?

 

In all my years of using a computer, this has to be the scariest thing that has ever happened to me. It seems that every website I visit is now somehow able to see what's in my copy buffer. And what's more, every website I visit can (apparently) access and upload my personal files from my computer without any permission being given!!!!!!!!!!

 

PLEASE HELP!!!!!!!!!!

 

I use Windows 7 x64, and Firefox.61.0.1


Edited by hamluis, 13 July 2018 - 09:44 AM.
Moved from Win 7 to Web Browsing/Email - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:10 PM

Posted 12 July 2018 - 02:41 PM

What website performed this deed?  How do you know that a file was uploaded?

 

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis


Edited by hamluis, 12 July 2018 - 08:00 PM.


#3 Ghostbusters2

Ghostbusters2
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 12 July 2018 - 05:10 PM

Thank you sir. The website was Trello, and I know the file was uploaded because it said "uploading" and the file posted publicly on the discussion (before I deleted it).

 

I will follow your steps when I get a moment over the next couple of days. Thanks.



#4 Platypus

Platypus

  • Global Moderator
  • 15,194 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:10:10 AM

Posted 13 July 2018 - 12:22 AM

Trello will paste whatever is in the buffer into the current card. My guess is when you highlighted the text you wanted to copy, the Copy function didn't "take" to update the clipboard for whatever reason (e.g. if doing Ctrl-C, accidentally released Ctrl before hitting C). The paste function would then be from the clipboard which still contains the file link, which would be accepted by Trello as an upload.

 

https://help.trello.com/article/769-adding-attachments-to-cards

 

It will upload, as it says in the above link:

 

"NOTE: Attachments from your computer create an actual copy within Trello"


Edited by Platypus, 13 July 2018 - 12:27 AM.

Top 5 things that never get done:

1.

#5 Ghostbusters2

Ghostbusters2
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 13 July 2018 - 04:32 AM

OK, so apparently this is normal behavior.

 

So my question is: how can this possibly be allowed? How can browsers allow websites to read a person's copy buffer? Or to upload files from the computer without the user knowing? Isn't this a gross violation of privacy?

 

In the course of a normal day, I copy and paste SO MUCH personal information. Passwords. Personal information. Deeply private messages. Private files. And if I happen to have my browser open then every website can read this information?

 

Surely something is very wrong here? And how can it be stopped?



#6 Platypus

Platypus

  • Global Moderator
  • 15,194 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:10:10 AM

Posted 13 July 2018 - 05:40 AM

It would still be a good idea to follow the steps requested by hamluis, in order to see if there is any obvious indication of something on the system being in disorder.

 

But if the possible cause I mentioned is in fact what happened, then it is simply a function of how the features we choose to make use of on websites work behind the scenes.

 

To illustrate, I'm typing this into the post editor on this website, and in order for this to happen, the editor being run in the browser has to be able to "see" the contents of my computer's keyboard buffer. Otherwise it wouldn't get to Bleeping Computer as a post. That doesn't mean any other website I visit can see the data in my keyboard buffer - they can't, unless I take an action that requires the website to be given access to that data.

 

So even though it's not obvious that this is what's happening, when I press the Reply to this topic button, I give the editor that comes up permission to read my keyboard buffer. It's just the way things have to work.

 

The same applies when you're using Trello. Since it has a feature that allows the contents of the user's clipboard to be pasted straight into wherever the cursor is on a card, when that paste function is used, Trello must be able to access the clipboard contents in order to get them and place them on the card. Again, it's just the way things work, and is going on all the time behind the scenes when we interact with websites. But Trello is a little unusual, in that we're not usually pasting into a location that can equally accept text, an image (e.g. screenshot) or a file upload.

 

Trello doesn't get access to that clipboard data until you initiate a paste, and the fact that Trello then does get the data doesn't indicate that any other website you have visited, while the same data was there, could access it. They can't unless you take an action that makes it necessary for that website to have that data.

 

That's why Trello has the article I linked to, to explain something of what is occurring when particular features are used.

 

Alternatively, if you're not confident that a missed copy step is what happened (I do that very often myself when working with copy/paste - thought I'd done a new copy, then pasted what I had before), then you could post a description of the issue in the Malware Removal Assistance forum, with a link to this topic. A helper would be able to assist with making sure there isn't anything like a keylogger or some other malware lurking on your system causing odd behavior.


Edited by Platypus, 13 July 2018 - 05:41 AM.

Top 5 things that never get done:

1.

#7 Ghostbusters2

Ghostbusters2
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 13 July 2018 - 08:30 AM

Platypus, thank you for the very detailed answer! :) And I will take the steps suggested in the coming days.

 

I found one thing you said particularly reassuring:

 


Trello doesn't get access to that clipboard data until you initiate a paste, and the fact that Trello then does get the data doesn't indicate that any other website you have visited, while the same data was there, could access it. They can't unless you take an action that makes it necessary for that website to have that data.

 

I really hope this is true, but is this an assumption, or definitely the case? I'm just a little paranoid because up until now I had assumed that websites can't access files on my computer unless I specifically use the file browser to select a file to upload.

 

As for the issue of whether the copying of text had properly registered: Yes it had, because I was able to paste the text into other applications like text editors. Yet going back to Trello and hitting paste still resulted in the file being uploaded! So that is really strange.

 

I'm also confused about how Trello can access a file on my computer. Yes, I had "copied" that file earlier, but when you copy a file in Windows, it only stores the path to the file. The actual file itself isn't stored in RAM. So I am still unclear how Trello can retrieve a file from my computer when it only has the path.

 

One way or another, this seems highly invasive and I am still not sure how it is that browsers can allow this behavior, or who would even want this kind of behavior? The idea of a website being able to read my copy buffer fills me with dread. My buffer is private!

 

Yes, I understand that browsers allow people to paste text into text boxes. But your browser is only relaying text to a text field. Even if you accidentally paste the path of a local file into a textbox, I don't see how the site then has the capacity to start retrieving that file from your computer. Surely browsers should not allow that to happen?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users