Using copy and paste to save text from websites is something all of us commonly do. Nothing could be simpler, right? Highlight your text, then <ctrl> c, and <ctrl> v. It turns out that this can be dangerous.
A new article on Naked Security tells how it is now possible to use copy and paste to inject malware code from a web site into your computer. This is, of course, something you don’t probably want to do, but evidently there is an exploit that uses Java or CSS code to inject malware using copy and paste. This is called pastejacking, if you are trying to keep up on your jargon list.
If you want the specifics, I recommend you click through to Naked Security, but if you just want to avoid this problem, I have a simple solution. Use Notepad.
In my work as a web site designer, I have used Notepad as a tool to remove embedded formatting and font styles from text in Word and other document formats that I wanted to use on the web site. Copying from the source and pasting into Notepad removes all formatting and leaves simple text behind. Then copy from Notepad and paste the text into your web page, and the website formatting takes over and everything looks like it should, without a lot of tedious re-typing.
Perhaps you have had to borrow clips of text from the web for a project and had the same problem with the embedded format changing the look of your document. Now you know how to make that work better.
Notepad will strip out the hidden Java and CSS scripting, too. So the best way to prevent this sort of exploit is to copy from your web page, paste into Notepad, then copy from notepad, and paste into your destination document. Extra step in there, I know, but there are additional benefits beyond security as we have shown.Share