cablehead
feat: privacy and security
Stacks should give users as much control as possible to prevent data they don't want being stored out of the clip store, and make it as easy as possible to locate, and permanently delete data that's accidentally captured.
For reference these are the options the excellent PastePal gives you h/t @0n0mat0p03ia
I think these are our available tools to prevent sensitive data entering the clipboard:
- respect http://nspasteboard.org
- allow users to specify apps that shouldn't be captured from
- allow users to specify patterns to ignore. look to Atuin for inspiration for default filters https://docs.atuin.sh/configuration/config/#secrets_filter
I think the clip store api might be simplest way to let users locate data across stacks (and versions of clips that may now be obscured, after being edited) and to permanently delete it. https://stacks.cross.stream/releases/v0.15.6
it looks like the mac keychain doesn't set org.nspasteboard.ConcealedType 😭 Although my password manager does. The better bang for buck would be to add app filtering first
Yeah, app filtering to ignore password managers sounds reasonable. Also everything from Universal Clipboard (shared from iphone/ipad devices) automatically goes to stacks, great to have option to disable this (dunno if its possible).
If we can pick up a mac specialist to look at ability to paste directly from Stacks and improve window "spotlight"-ness, they might be able to advice us on adding an option to ignore the Universal Clipboard (without a corresponding phone app yet, I currently really like being able to get clips via Universal Clipboard 😅)