Vivaldi built Screenshot should be disable

CANADAEH

Should the browser be compromised screenshot can be taken without permission. There should be a disable screenshots !!

DoctorG

@CANADAEH Compromised? How?
Screenshot needs user interaction to be executed.

yngve

@CANADAEH If your browser is somehow compromised to the extent that the attacker could trigger the screenshot, it will not matter if the functionality is disabled, it won't even matter if the functionality is completely ripped out of the browser (including the screen sharing option for video calls), because the attacker would be able to get the information anyway, by reading the webpages you are viewing (and they could read/steal/modify everything on your computer at the same time). And in any case. they would be much more interested in the raw text than an image of the text.

CANADAEH

This post is deleted!

CANADAEH

@yngve

The point is to have screenshot function that can be disabled. Not go off on a worse case scenario rant !!

CANADAEH

@DoctorG

If the browser has exploitable security holes No user interaction will be necessary. Once the hacker gets elevated privileges. Look at how most browser get compromised these days !!

yngve

@CANADAEH The point is: If the system is compromised, and that was your premise, then all bets are off. The attacker can do just about anything they want to do, and disabling a feature will not work (the attacker can just re-enable it), and even removing it entirely from the source code is not going to work when the attacker has full control of the system.

CANADAEH

Then Just remove the screen shot function completely one less thing for someone to compromise !!

(including the screen sharing option for video calls)

CANADAEH

@yngve

"because the attacker would be able to get the information by reading the webpages you are viewing (and they could read/steal/modify everything on your computer at the same time). "

Then have it so the browser protects against this !!

yngve

@CANADAEH Once the attacker have control though whatever mechanism they used (zero-day in the browser, which we generally have patched within minutes or hours of Chrome getting patched, or a trojan/virus the user downloaded themselves) then the browser is defenseless. Attackers in control of the machine is not part of the security model of Browsers for very good reasons.

yngve

And just to wrap this topic up:

If an attacker has sufficient control of the computer that they can manipulate the screen capture feature in Vivaldi, then they have the capability to use similar OS-level capabilities. I don't know about Linux, but Windows have the Print Screen key, which can be used take screen captures of the entire workspace, or just an application. And that is much easier to trigger than sending a sequence of (at least 6) mouse events and/or key events to Vivaldi to use its screen capture functionality.

The Vivaldi screen capture functionality is modeled on the Print Screen functionality, but have the following benefits:

• It can save directly to file, something which with Print Screen requires pasting it into an app like Paint.

• It can be used to select a specific (cropped) portion of the document, which with Print Screen also requires you use a an app like Paint.

• It can be used to capture the entire document (which is not possible with Print Screen)

An attacker does not need to have access to your computer to steal your information, they may 1) use phishing or spearphishing to lure you to a site they control, or 2) take over a real site that you visit and trusts, or one of the external sites that they use for tooling, and get your data (including passwords) that way.

If an attacker actually compromises your system they are not going to bother with either a screen capture browser function, or the Print Screen key functionality. They are just going to download and install a bunch of tools on your computer, which may include a keylogger and a full remote control tool known as a RAT (Remote Access Tool) which lets them share and manipulate your display, keyboard, and mouse in real time, and these days they may also (Thanks, Microsoft) install a Recall look-alike without any of the limitations.

(update) BTW, If the user is using the latest browser version, the only way to be compromised (without social engineering and cooperation by the victim) is through the use of an undisclosed zero-day exploit. Those are the purview of two particular groups: Black Hats who don't care about losing access to their exploit once it has been discovered in use, and Nation States that do not deploy any of theirs unless the usefulness of the deployment outweigh the cost of losing access to the exploit because it was discovered and patched, which means that the victim will always be somebody the Nation State "dislikes", which is probably a relatively small population outside those states. Of course, the caching of such exploits by Nation States can backfire, like when the NSA lost control of the EternalBlue exploit.

(update 2) And to be absolutely clear: There is absolutely no security benefit whatsoever to removing the screenshot functionality, since an attacker with that level of access can already do that, and worse, via other means provided by the system. It might look superficially better to you, but it is not actually safer in any way. Removing the screenshot button is similar to putting a piece of cardboard over your house's bathroom window, and claiming that it somehow makes it safer. All it would do is cripple the product for everyone, without giving them any benefit (and if you absolutely insists on getting rid of the screenshot functionality in the toolbar, you can remove the icon from the toolbar, and you can also remove the relevant entries from the menus if you wish). We are happy to make changes that actually improve security, including important changes that might make some things less convenient, but this is not something that needs us to change it.