ControlC is an interesting new site that takes normal copy and pasting (Ctrl-C) and runs it through a web service.
At its most basic, after you create an account and install the software, any time you hit Ctrl-C, the information is saved to the ControlC website as well as your local clipboard, as simple text or as a URL link if what you’ve copied is a link. The information is both private and encrypted, although you can make any item public if you like. Public information can be accessed by friends on the site, via RSS, or an API, commented and rated. This is done via a small download that’s available for Windows or Mac machines. The entire project is open source.
What can it be used for? Well, the most obvious use is a simple way to permanently store anything you copy to your clipboard onto the web as well. It’s comparable to some social bookmarking applications that also allow copying of selected text from a website. The main difference is that ControlC works on any application, not just the browser and web pages.
Because people tend to copy so much personal information without thinking about it, security of data is a focus of the startup. Founder Ron Myers says that’s why they make data default private and also encrypt it:
Anything that is not marked as public, will be private and only readable to you. It is without question that everyone puts extremely sensitive data through their clipboard such as passwords and credit card #’s, and assuring someone this data will be safe when its being stored remotely is no easy task. Almost half of the development time that went into ControlC was to make sure that under no circumstance can private data ever be exposed, via SQL injections, XSS, or even someone breaking into the datacenter and stealing the servers with the data on them. What we do is we 2 way encrypt all private data with a unique key, per user- thats based off of their plain text password (which we do not store anywhere, only a md5) – Because we do not store this variable (and you enter it when you want to view sensitive items) even if a attacker was able to ‘hack’ a server, the data would be safe. I suppose most startups wouldnt bother acknowledging that its possible a website can be hacked, as it would make them feel ‘amateur’ but it definitely feels important enough to put out there how we secure data.
The business model is similar to WebMynd, which I covered last week – free access for a limited period of time, with a required paid upgrade if you want to access older data.
The core service is extremely simple, which is why I like it. Since it’s open source, we may see come creative variations of the service emerge. Some of the online office startups like Zoho may find a use for ControlC, for example.
Some readers may remember Microsoft’s Ray Ozzie promoting a service called Live Clipboard in March 2006. Live Clipboard allows the copy and pasting of data, including dynamic, updating data, across and between web applications and desktop applications.
ControlC is in private beta, but you can sign up using the code: beta4040. Each new account gets five invitations, so we’ve also added this to InviteShare.
Wow! What a great idea.
Thanks for the invite mike.
Small correction it is not “beta4040.” it is “beta4040″ remove the dot and it will work.
Cheers, Nag
yeah, well, punctuation goes inside of the quotes, so the typo monsters always tell me. but you’re right, it’s confusing. changed it to remove the quotes.
“thats based off of their plain text password (which we do not store anywhere, only a md5) ”
They spent so much time worrying about “security”, and they hash their passwords using md5? MD5 has been completely disregarded by the security industry for being insecure. Collisions can now be found with ease on a standard computer.
While their “security” scheme sounds tough, they are clearly security amateurs trying to sound more experienced than they are.
I wouldn’t put secure information into these sites with a 10-foot pole.
Where is the tough questioning Mike?
Wow. Why didn’t I think of that? Turning Cut & Paste into a web service is really unique.
Mars M.
http://www.iphone-codes.com
ControlC team: FWIW, I’d never guess the name of your company was “ControlC” from your logo.
This idea is really phenomenal. There are so many windows functions that could follow this same model and work very well.
Regarding security, I don’t see this as a problem at all. People are becoming more and more comfortable with secure information online. Look at Mint.com for example how quickly they grew after their debut here on TechCrunch, and that was financial information.
This company will be fine!
http://actionstalk.com
Check out how a public ‘log’ looks-
http://controlc...rofile&id=1
Way better than twitter, bar none.
Michael, I’ve had a need for this service for a long time. Always on the back of my mind. But i ahve to say I am extremelly impressed with the way they handle the data. Their encryption model is superb, and although i don’t necessarily keep CC #’s in my clipboard, I didn’t realize other would.
This is plain and neat. I feel the success just as i did when flickr surfaced.
I love companies who go after a niche and execute it in the utmost genius style.
Anyway, great find and all the best to the ControlC team.
- Faramarz
p.s. Are these guys funded?
Why do I care what fokes have on their clipboard?
Stupid.
In what way is this idea phenomenal? Either I am completely missing something or you guys will love my new idea: http://www.controlv.com.
I could see the use of this startup if I could get the active “clipboard” text to copy to another computer.
So, if I copy “My text here” on my MacBook Pro. I can paste on my iMac “My text here.”
That would be very useful.
It sounds like a good idea but I am wondering whether it would be of much use to me.
I don’t normally want to trace what I copied to the clip board during the course of the day and maybe when I do I will consider signing up to the site.
Ever copied your credit card number, your social security number, or your phone number?
If you haven’t, then you’re likely not thinking hard enough.
MD5 is a total giveaway that this group knows nothing about computer security.
Since 2004, MD5 has been (even by Microsoft) known to be a weak hash, with the SHA family of hashes proven to be far superior.
My point is, is that much of that quote was related to their security system, however with such a glaring flaw why would you trust any of their work?
*Down-mogg*
what was the name of that website that has all my clipboard stuff on it? i think i copy-pasted it to someone…oh well.
p.s. #11 Neil go get something called Synergy – not only does it allow cross-computer copy/paste but you can share a keyboard/mouse across computers as well.
What would make this a killer app is if I could tell it only to monitor certain applications. I dont necessarily want it monitoring every app nor do I want to start and stop it. Allow users to specify specific apps like Word, FireFox, ect and I would use this often.
great idea, i always loose my copy and over ride it with a new copy
How do you rate? http://www.yupnup.com
This is great and spammers gtfo he is not rating your site.
MD5 salted can be broken no matter what. There is a secuirty vuln because they are using 3rd party database software
What happens if your copy a large file (like a video or similar) to the clipboard – does that get uploaded too? I can see how this service could be useful to some but to me it would be a nightmare since I work with lots of large files and often move them around.
@Chris-
Seems like its text only (Links & text)
here is another great idea: Ctrl-Alt-Del as a web service
love it.
Founder:
Let’s accept for the moment that I cannot hack your two-way encryption by knowing a plain-text password that md5 collides with a users password. This is an extremely dubious assertion, but we will allow it.
Supposing that I was able to grab the MD5 keys for a selection of user-names (by somehow comprimising your datacenter, or more likely stealing the mac-book of one of your devs at the Starbucks which has a development instance of the database).
Now, a user can authenticate using their login (stored as plain text) and password (stored as md5). Once they have authenticated, then they can see all of their private and public pastes.
So, if I have their logins, and can find passwords (using an md5 reverse-lookup) which when md5 hashed are equivalent to the hash stored in your database then all I have to do is login to the compromised accounts and grab all the private data.
A salt will make this scheme more difficult to crack (however it is still possible).
This may seem like a convoluted scheme, but the claim that your data is secure even if the datacenter is compromised is ludicrus! No good security dev would ever say such a thing.
Why not use better password encryption? Sounds awfully amateurish.
Double Down-Mogg
@ChrisW #19: it appears as though this service is for copying and pasting of plain text only. With respect to how much, I haven’t played with it or read their docs enough to know whether or not I can copy 500MB of text to the service.
Nice tool….see lots of potential for this. I heavily right click content and save to my Google Notebook using the Firefox extension.
I gather lots of great data for research this way and it retains the URL and images.
Mostly I use this to then generate google docs and other more formal bits of information.
ControlC sounds like it would work great for harvesting of information and allowing for programmatic consumption.
> @John Quinn
> The way they are using MD5 collisions have no impact on its security.
+1
However the description in the quote is quite wishy-washy. They have to realize that dumbing down security descriptions and watering it down with some unrelated trivia (”half of time used on .. blah blah”) not helping to establish their security credibility AT ALL.
Just publish the damn spec, and let people take it apart. If they in fact spend 50% of dev time designing the security architecture, it should be rock solid and withstand any public scrutiny with ease.
@John Quinn, January 29th, 2008 at 8:06 pm
You do realize that what you just described is not specific to the MD5, so Founder’s absolutely right – “collisions have no impact on its security”.
Based on the info available in the OP it is hard to speculate what their exact implementation is and whether it is “awfully amateurish”. There’s just no enough information.
Just awesome! My favorite webservice!
I just used this shit to find a lost copy from earlier in the day, fucking awesome!
can anyone say “command v” coming soon?
john
dishonestrealtor.com
“What can it be used for? Well, the most obvious use is a simple way to permanently store anything you copy to your clipboard onto the web as well. It’s comparable to some social bookmarking applications that also allow copying of selected text from a website. The main difference is that ControlC works on any application, not just the browser and web pages.”
I could actually here Mike Arrington groaning as he wrote this paragraph. Why bother covering services that don’t make any sense? Maybe I’ll invent a service that logs all of my bluescreen ram dumps so people can see the random lines of OpenGL code that crash my video card drivers, AND SUBSCRIBE TO IT VIA RSS!!!
You mention that this is open source, but I see no reference to the open source project that it’s based on. Any clues? Hints?
Absolutely positively creative genius.
Great.
http://www.jhatak.com
Blazing Fast Internet Web Meetings : Free
The idea to have a snapshot place on the net has some advantages, though this will not be usuable for anybody working middle to heavily with the clipboard due to speed reasons.
Also to interact between web and ‘offline’ is fine. But if I want to get used to it, I need net access everywhere and I may online be a casual user.
I remember the enterprise I was working in controlling for installed citrix while forbidding to have local apps. It took my boss half a day of me getting more and more frustrated over the problem of copy and paste not working in the smooth flow I was used to to present me with an order for a laptop so that I would be allowed offline access.
The problem is that if you really work with the clipboard, you will use it heavily. This goes from c&p of data colums to text to files to images, at least several times an hour. The speed of a connection cannot keep up with this as you want to work fast – which is why you hit ctrl-c and ctrl-v. And that even with encryption?
Therefor, the naming is a bad choice and I wonder if they ever consulted somebody working heavily with the keyboard; as ctrl-c/shift-ctrl-c and alt-c have meanings already (and limit them to the windows world – isnt copy on the mac apple-c?)
There are many interesting ways one could work around this issue (and really be bought up *cough* have a nice exit) but this does not seem like one of them.
Seems useless to me. I can’t recall a time where I ever wanted to remember what was on my clipboard two weeks ago. Or ever wanted to share contents of my clipboard publicly.
This is something I would definately never use. Just another technology tidbit that doesn’t solve a real problem.
This is really cool, I like it.
It’s a well done service and the open source code shows that i can trust them. But I am going to switch logging off when I copy private data.
So we can call it Bookmarking for copy & paste, it looks good idea if they keep the data safe.
I remember the enterprise I was working in controlling for installed citrix while forbidding to have local apps. It took my boss half a day of me getting more and more frustrated over the problem of copy and paste not working in the smooth flow I was used to to present me with an order for a laptop so that I would be allowed offline access.
Controc:
You do NOT have permission to store and disseminate my company’s copyrighted content.
Michael:
How many of these comments are from the same user? Too many raving groupies loving it.
The comments are being abused by SEOs. Look at the “I think [insert company here] is a great idea! Thanks! [link to site]” comments in #4, #6, #16, and #33.
SEOs employ people to make relevant-looking comments with links on high-traffic blogs, in order to increase their own page rank. These clowns just add a generic blowjob comment to every post to drum up traffic.
Then again, every TC post is essentially a blowjob comment devoid of any critical analysis.
Hmmm…Doesn’t seem very useful to me?
I wouldn’t want to risk accidently uploading sensitive data.
I just tried this with the Print Screen (screen capture) and it’s a no go.
I’m looking for something that will easily paste screen shots to the internet, I was thinking either Gspace or some other photo hosting website would have a firefox addon, or maybe this would do the trick.
No such luck. Works for text though.
(The paid account says media is supported [http://controlc.com/forums/features-paid-version-t5.html], FYI)
@justin-
http://www.file...us/download.php
This looks like an interesting idea, I just wonder how useful it is. e.g. who wants to record the fact that they’ve copied certain words/phrases, taken out of context/some time later they would be meaningless