REMOVE CLIPBOARD FUNCTIONALITY: Protect users from accidentally sharing screenshots and exposing personal info.

C

cuckybetaBFF

New Member
chat-av developers should consider removing the ability to paste images from the clipboard using CTRL+V

users of chat-avenue accidentally upload screenshots of their desktop to the main room. it happens frequently, and it's dangerous. I've seen people share their real names, street address, bank account details, phone numbers, and all sorts of sensitive personal information. in the main room I've seen a screenshot of a wedding planner, which included the user's real name, names of family members and guests, and I've seen a screenshot of someone's work email, with his job title, company name, and the name of his employer right there in the main chat for everyone to see.

this happens when a user accidentally pastes the contents of their clipboard to the main room, using CTRL+V or other shortcut / hotkey. this function should be modified or removed from chat-avenue to protect users from doxxing, blackmail and similar acts of malice. I suggest that users should be forced to click the "+" button and manually browse for content that they want to share. alternatively, develop a confirmation window that the user must accept before they quick-paste stuff from the clipboard onto a chat-avenue window
 
Upvote 0 Downvote
cuckybetaBFF said:
chat-av developers should consider removing the ability to paste images from the clipboard using CTRL+V

users of chat-avenue accidentally upload screenshots of their desktop to the main room. it happens frequently, and it's dangerous. I've seen people share their real names, street address, bank account details, phone numbers, and all sorts of sensitive personal information. in the main room I've seen a screenshot of a wedding planner, which included the user's real name, names of family members and guests, and I've seen a screenshot of someone's work email, with his job title, company name, and the name of his employer right there in the main chat for everyone to see.

this happens when a user accidentally pastes the contents of their clipboard to the main room, using CTRL+V or other shortcut / hotkey. this function should be modified or removed from chat-avenue to protect users from doxxing, blackmail and similar acts of malice. I suggest that users should be forced to click the "+" button and manually browse for content that they want to share. alternatively, develop a confirmation window that the user must accept before they quick-paste stuff from the clipboard onto a chat-avenue window
Click to expand...
how is disabling the control v forcing them to use the img upload button gonna change the screen shot? theyve already taken the screen shot. if they were stupid and didnt edit out their shortcuts or tabs the screen shot is still going to post the same way. c/a nor the system has a edit s/s function. user would still need to do that elsewhere.

as for your doxxing claim, i do not suggest using the direct upload option. those that want to can take the info shared from the direct upload option to see image details such as time date computer path (file path) and personal names and in cases people dont have location turned off on images.. direct location to the computer/phone.. cuz no one has their computer/phone labelled Fuzzy Wuzzy Blue Computer. its all labeled John's Laptop / Jane's Iphone 200.
 
Luka said:
Or idiots could be careful when posting in chatrooms?
Click to expand...
what's the point of this smart-ass reply? there's a reason I'm posting developer feedback rather than making a PSA to the userbase.
obviously users should be more careful. if they use the site recklessly, that's on them. however, even the most careful user can make a mistake. human error is always a factor. developers have a responsibility to improve security wherever they can, and to minimize the risk to users. chat-avenue's developers are equally as reckless if they think it's a-okay for users to accidentally doxx themselves so easily with one keypress. it's bad design. it should take 2 keypresses (with a confirmation window) to ctrl + v off the clipboard. if user security is of any concern then this behavior would be classed as a bug.
 
cuckybetaBFF said:
what's the point of this smart-ass reply? there's a reason I'm posting developer feedback rather than making a PSA to the userbase.
obviously users should be more careful. if they use the site recklessly, that's on them. however, even the most careful user can make a mistake. human error is always a factor. developers have a responsibility to improve security wherever they can, and to minimize the risk to users. chat-avenue's developers are equally as reckless if they think it's a-okay for users to accidentally doxx themselves so easily with one keypress. it's bad design. it should take 2 keypresses (with a confirmation window) to ctrl + v off the clipboard. if user security is of any concern then this behavior would be classed as a bug.
Click to expand...
The point of my smartass yet valid reply was why should a business have to change the way things are because some incompetent user on the internet can’t take care when posting in a PUBLIC CHATROOM.

Hope that answers your question.
 
  • Like
Reactions: Kim
Luka said:
The point of my smartass yet valid reply was why should a business have to change the way things are because some incompetent user on the internet can’t take care when posting in a PUBLIC CHATROOM.

Hope that answers your question.
Click to expand...

because misdelivery is a serious data security threat and it is part of a developer's job to minimize every category of security threat (including human error). this is the reason why we have confirmation windows in computer systems. "are you sure you want to close this window? are you sure you want to exit without saving? are you sure you want to send this document? are you sure you want to install this program?" etc. misdelivery (unintentionally sending sensitive data to an unauthorized recipient) is a reasonable case of human error and should not be overlooked or scoffed at. it ought to be treated as a data security threat and raised as a security bug, which is exactly what I'm doing in this thread.
 
Last edited:
cuckybetaBFF said:
because misdelivery is a serious data security threat and it is part of a developer's job to minimize security threats. cases of reasonable human error, such as this one, should not be overlooked or scoffed at. it should be treated as a data security threat and raised as a security bug, which is exactly what I'm doing in this thread.
Click to expand...
chat avenue leases/buys/rents/got its software from other companies. you would have to trace it back to the other company if youd want changes development wise to be implemented.
 
purplerose said:
chat avenue leases/buys/rents/got its software from other companies. you would have to trace it back to the other company if youd want changes development wise to be implemented.
Click to expand...

yeah, chat-av is based on Node.js which is open source. chat-av has its own administrator to implement the software and make changes. I'm sure they'd be able to add an extra confirmation window. plenty of other chat sites use the same software with some minor differences and tweaks depending on their needs
 
Cat94herine said:
What? Is this a thing people can do?
I thought you had to click in on that menu first to post any pictures at all.
Click to expand...

yes. you will fire off the contents of your clipboard when you press ctrl + V. you don't even get any feedback to say "image uploaded". it simply fires without warning. it's why most clumsy users don't even notice when they've sent a screenshot of their entire desktop to a thousand strangers! other chat systems, such as sChat2, have a much safer way of uploading from the clipboard: when you ctrl+v in sChat2, the image is dropped inside your input bar (the bar you type in) so that you can preview the image before you hit the "send" button or press enter
 
NOTED. I will bring it up in the next governing board meeting xx
We THANK you for the suggestion, and your loyalty to the site.
bored gravity falls GIF
 
You must log in or register to reply here.
Top