Maybe it would be useful for the OP to reveal the final
requirement for his/her planned product. Is that supposed to be
a copy protection, or data protection, or something else ?
So far the OP didn’t even say if (s)he wants to filter
file based clipboard operations (we all just assumed it).
And if yes, the question is why to watch only clipboard
and not to watch “normal” copy operations, like in Total
Commander or command line “copy” command.
L.
It supposed to be a clipboard monitor. I’m making a project that doesn’t allow the users to copy/paste sensitive data(user can’t copy/paste confidentials documents to storage drives (USB)). The clipboard monitor is usefull if the users copy / paste parts of a document in other document. If the data in the clipboard is sensitive the operations is blocked.
You don’t really need to hook those APIs when you can use the
SetClipboardViewer API
http://msdn.microsoft.com/en-us/library/ms649052(VS.85).aspx
What “Issues” are you experiencing in user mode with this?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@yahoo.com
Sent: 17 October 2008 09:37
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Clipboard Monitor
Hello!
I want to create a file system filter driver that monitors the clipboard.
In user mode are some issues. Can someone help me? 
NTFSD is sponsored by OSR
For our schedule debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
You are currently subscribed to ntfsd as: xxxxx@blocksoft.co.uk
To unsubscribe send a blank email to xxxxx@lists.osr.com
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3530 (20081017) __________
The message was checked by ESET NOD32 Antivirus.
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3530 (20081017) __________
The message was checked by ESET NOD32 Antivirus.
I need to intercept copy/paste. I need the PID of the process that makes the copy and the PID of the proccess where the paste is made. Optionally the handls of the windows.
With SetClipboardViewer you can see when the clipboad is changed. You can’t know where the paste is made.
Are you going to burn out the eyes of the person reading the document
and cut off their hands so that they cant just re-type/draw the
sensitive information to another document without using copy/paste.
We really need to know what you are hoping to achieve.
Ben Lewis
Head of Software Development
Data Encryption Systems Ltd.
http://www.des.co.uk
http://www.deslock.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@yahoo.com
Sent: 17 October 2008 11:21
To: Windows File Systems Devs Interest List
Subject: RE:[ntfsd] Re[2]: Clipboard Monitor
It supposed to be a clipboard monitor. I’m making a project that doesn’t
allow the users to copy/paste sensitive data(user can’t copy/paste
confidentials documents to storage drives (USB)). The clipboard monitor
is usefull if the users copy / paste parts of a document in other
document. If the data in the clipboard is sensitive the operations is
blocked.
NTFSD is sponsored by OSR
For our schedule debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
You are currently subscribed to ntfsd as: xxxxx@des.co.uk
To unsubscribe send a blank email to xxxxx@lists.osr.com
I’m working at a confidential project for a firm. I can’t burn eyes or cut of hands :). That is the objective of the project (blocking copy/paste of confidential data) .
If all clipboard operations are based on a specific file (probably a memory
mapped file), you can create a FS filter to control it. You can use Filemon
or other utility to analyze all activities which write or read data from
clipboard in order to detect whether a specific file is used as clipboard.
Shangwu
wrote in message news:xxxxx@ntfsd…
> I’m working at a confidential project for a firm. I can’t burn eyes or cut
> of hands :). That is the objective of the project (blocking copy/paste of
> confidential data) .
>
I can do a harcopy of the screen with the keyboard and save the confidential
data in a graphic file and then extract the text ? so filtering the
clipboard is not enough I guess.
I would also expect the data to land in the cache manager, another weak
point of attack?
Jerome.
wrote in message news:xxxxx@ntfsd…
> I’m working at a confidential project for a firm. I can’t burn eyes or cut
> of hands :). That is the objective of the project (blocking copy/paste of
> confidential data) .
>
More questions/issues:
How do you determine if data is confidential or not?
What about images/other non textual formats?
Multiple files/folders?
Zip/rar compressed files?
Encrypted files?
Print Screen key (IIRC SetClipboardData doesn’t get called for this)
Pasting text data into other odd things…e.g. the name of a file or
folder
Office Clipboard
Other COTS that use their own clipboard mechanism
Someone can read the document and retype it
Someone can take a photo of the screen using an external device
etc
I hope the objective of the project is more specific!
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@yahoo.com
Sent: 17 October 2008 13:09
To: Windows File Systems Devs Interest List
Subject: RE:[ntfsd] Re[2]: Clipboard Monitor
*** WARNING ***
This mail has originated outside your organization, either from an
external partner or the Global Internet.
Keep this in mind if you answer this message.
I’m working at a confidential project for a firm. I can’t burn eyes or
cut of hands :). That is the objective of the project (blocking
copy/paste of confidential data) .
NTFSD is sponsored by OSR
For our schedule debugging and file system seminars (including our new
fs mini-filter seminar) visit:
http://www.osr.com/seminars
You are currently subscribed to ntfsd as: xxxxx@baesystems.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
********************************************************************
This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.
********************************************************************