[security] The default of Save History should be disabled

[attila-lendvai]

context

the basic idea of the clipboard is that it's an ephemeral storage, not readable by any app without explicit user action. as such, it often contains passwords and other sensitive information in its regular use. saving the history in clear text increases the attack surface in at least two ways:

1. boot from a pen drive and steal the clipboard history (from any unencrypted installation, which is still too often the case).
2. any app that has disk access can steal the passwords, even if it has no access to the clipboard.

request

please set the default value of the Save History setting to disabled to minimise any unintended exposure to these attacks.