Hello, welcome to the Monday, March 2nd, 2020 edition of the Sansonet Storms on us Stormcast.

My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

A couple interesting diaries from this weekend.

First, Xavier took a closer look at the Windows clipboard.

What inspired him here was a vulnerability was discussed last week,

and I think I mentioned it here in the podcast as well,

that on iOS applications have access to the global clipboard.

So if you're copying some text in one application,

other applications may read that text from the clipboard.

Well, in Windows, of course, we don't even expect kind of any separation like this.

So very logical that, yes, any application can read the global clipboard.

And what Xavier here did as an experiment is a little PowerShell script that will essentially

monitor the clipboard every 0.1 seconds and then display whatever text it finds.

A couple more sort of interesting items that he ran across here was virtual machines.

If you do integrate the virtual machine

with the host, then the virtual machine does have access to the host. Clipboard, that's

part of that copy-paste functionality into the clipboard. Of course, this could become a problem

if you're using that virtual machine to analyze malware. But for malware analysis,

you definitely want to keep those virtual machines isolated. Secondly, also iOS devices clipboard

was visible on his machine. The trick here is iCloud. ICloud has this feature where it does help

you synchronize clipboards. So again, that leads to content

that you copied on the iPhone or iOS device to show up on your desktop. It doesn't really

...