this post was submitted on 26 Sep 2024
549 points (99.3% liked)

Technology

59963 readers
3483 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

Here is the text of the NIST sp800-63b Digital Identity Guidelines.

you are viewing a single comment's thread
view the rest of the comments
[–] VantaBrandon@lemmy.world 90 points 2 months ago (5 children)

How about making it illegal to block copying and pasting on website forms. I'm literally more likely to make a mistake by typing a routing number than copying and pasting it. The penalty for should be death by firing into the sun to anyone caught implementing any such stupidity.

[–] johannesvanderwhales@lemmy.world 73 points 2 months ago (3 children)

Frankly I'm mostly annoyed that my browser allows web sites to block cut and paste, ever. I am capable of making my own decisions over whether I want to cut and paste.

There are plugins that will disallow this. I think the one I use is "don't fuck with paste"

[–] dual_sport_dork@lemmy.world 15 points 2 months ago (3 children)

Ooh, ooh. And for implementing any Javascript or jQuery or whatever that pops up some kind of smarmy message when you right click: Believe it or not, straight to jail.

Plus, that kind of thing is not going to prevent anyone from scraping images from anywhere if they have the capability to lift a finger to press F12.

[–] sugar_in_your_tea@sh.itjust.works 4 points 2 months ago* (last edited 2 months ago)

Exactly.

My host decided to update their TOS to force me to accept binding arbitration, so I Inspect Elemented that right off the page and sent a message to support to end my service effective immediately (had been a paying customer for years). You're not going to bully me on my own browser...

[–] JustARaccoon@lemmy.world 1 points 2 months ago

It won't block it yes but it will diminish the amount of people doing it which is the point

[–] progandy@feddit.org 1 points 2 months ago

Some do detect open developer tools and nuke the whole page, though.

[–] D_Air1@lemmy.ml 13 points 2 months ago (1 children)

Browsers shouldn't allow half of the stuff that they allow. You have to do the same thing not just with copy and paste, but also searching on the page with ctrl + f. Like I don't care that websites won't to create their own experience. Don't mess with browser behavior.

[–] JustARaccoon@lemmy.world -4 points 2 months ago (1 children)

You really want to memorise different shortcuts for search? What if you're on a web app like discord? Ctrl+f isn't gonna be as useful as a built in search solution that has access to data that isn't visible until searched for. I get the issues on disabling the features but if they're replacing browser behaviour with something that suits the site better I think that's alright as long as it's not s downgrade.

[–] D_Air1@lemmy.ml 3 points 2 months ago

All too often it is a downgrade though. A lot of those webapps have terrible search and I only want to search for what is on the current page anyways. For example reddit search has been notoriously bad for a long time. Half the forums online seem to be using the exact same open source software with the exact same terrible search. When all too often I just want to find what is on the current page anyways.

[–] priapus@sh.itjust.works 9 points 2 months ago (1 children)

Never thought to look for an extension for that. Thanks for mentioning it.

[–] subtext@lemmy.world 3 points 2 months ago (1 children)

You can also just run it when you need it rather than having to add an extension. Just add a bookmarklet with the code here and just click it when you encounter a problematic website.

It’ll reduce your attack surface while still getting the job done.

https://github.com/jswanner/DontF-WithPaste?tab=readme-ov-file#bookmarklet

[–] priapus@sh.itjust.works 2 points 2 months ago

Even better, thanks!

[–] dsilverz@thelemmy.club 16 points 2 months ago (3 children)

I circumvent that by right-clicking, then choosing "Inspect element", then switching to the tab "Console", then typing $0.value = "TheValueIWantToPaste". If right-clicking is also disabled, I use either F12 or Tools menu > DevTools.

[–] GreenKnight23@lemmy.world 16 points 2 months ago (1 children)
[–] fosho@lemmy.ca 4 points 2 months ago (1 children)

easier than typing out a long string

[–] xthexder@l.sw0.com 4 points 2 months ago (1 children)

And here I wrote an AutoHotKey script to type out my clipboard a character at a time so I can paste stuff into this remote desktop software I'm using that doesn't support paste...

It's kinda necessary when the server's unlock password is 256 characters long and completely random.

[–] GreenKnight23@lemmy.world 1 points 2 months ago

if it's citrix you used to be able to modify the local connection config file to allow access to the clipboard regardless of what the server allowed.

been a few years since I needed to do it, but it was possible at one time.

[–] sugar_in_your_tea@sh.itjust.works 1 points 2 months ago (1 children)

Or just delete the "readonly" bit. I did that on Treasury Direct for years until they finally removed that nonsense.

[–] dsilverz@thelemmy.club 1 points 2 months ago (1 children)

Sometimes it's not "readonly", but a Javascript thing that "event.preventDefault()" and "return false" during the "onpaste" event. As the event is generally set using elm.addEventListener instead of setting elm.onpaste, it's not possible to remove the listener, as it'd need the reference for the handler function that was set to handle the mentioned JS event. So simply setting the value directly using elm.value bypasses the onpaste event.

That's fair, not sure why they'd go through that much effort when DOM attributes exist.

[–] trolololol@lemmy.world 1 points 2 months ago

That sounds fun on mobile

[–] DelightfullyDivisive@lemmy.world 15 points 2 months ago (1 children)

It takes way less Delta V to push them into solar escape velocity.

[–] atocci@lemmy.world 12 points 2 months ago (1 children)

Anger is no excuse to be inefficient with propellant after all

Idk, it might delay the sun imploding a smidge. Or maybe it would accelerate it. Eh, they know what they're doing...

[–] a2part2@lemmy.zip 7 points 2 months ago

Think of the environment!

Less Delta-V to eject them from the solar system.

[–] kalpol@lemmy.world 3 points 2 months ago

Don't forget you save lots of fuel by firing out of the solar system instead