• glibg10b@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    9 months ago

    Firefox has a built-in warning against pasting. I think Chromium too. I don’t think they warn about account theft, though.

      • Black616Angel@feddit.de
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        Now what most people don’t know is that websites can insert arbitrary text when you copy stuff of them. A malicious site will abuse that.

        It works like that:

        You follow a tutorial online or search for a code snippet. You copy some code/said snippet and paste it into a terminal or the browser command line. This copied text is altered by the site to be a one line command to install malware or grab passwords or cookies. All of that is followed by a line break and maybe your real command to lower suspicion.

        Some of the terminal or browser shells interpret a line break in the copied text as enter which then executes the command.

        To prevent that, get a shell, that doesn’t just execute what you paste (fish shell) or a terminal program, that warns you about line breaks (Moba xterm).
        And please check text from unknown sites before pasting it into a program that may execute it right away. (Just paste it into a text editor or look at your clipboard manager like Win+V in windows)