[cjbprime]

Then the malware would provide that confirmation to the wallet too. Defending yourself from malware running on the same (Windows) machine is mostly impossible.

[xnickb]

That's a much harder attack to pull off. Windows actually does a decent job at preventing this kind of thing from being easily achievable.

Clipboard attacks are far easier, as most modern systems treat clipboard as a non-critical resource. Which is mind blowing if you ask me.

An app reading from clipboard must ring all sorts of alarms. Let alone writing to it.

[gruez]

>An app reading from clipboard must ring all sorts of alarms. Let alone writing to it.

You realize any sort of content editing app is going to be reading from clipboard? Most apps used on a daily basis are going to be reading from clipboard.

[xnickb]

Ok let me clarify:

- An app running in the background listening to clipboard changes;

- An app without a focused/visible window reading clipboard;

- An app reading from clipboard without a corresponding user input (menu/hotkey)

All these should be detectable and controlled by the OS