Information Security
web-browser password-management browser-extensions screen-capture
Updated Wed, 21 Sep 2022 22:41:23 GMT

Credential theft by browser conferencing software?

While using the webex conference software, I noticed that simply pressing a "share content" button allows me to share my full screen. There was no security confirmation from my webbrowser (chrome): enter image description here

I am very reluctant to installing extensions and use essentially a plain webbrowser.

As someone who has applications as online banking and password managers open all the times (although these often mask passwords, but still show a lot of confidential information) I am very alarmed about this.

I do not see how this feature is working or why the browser should be allowed to access screen content. Is there a way to disable this or at least pop up a confirmation? And is there a general way to secure some applications from being screen captured?


it will be much easier for you to switch to another desktop (all modern OS support multiple desktop). and start a clean session there when you are on a conf call. this way you will not accidentally switch to another app/window that can reveal confidential information.

Comments (3)

  • +0 – Sorry if the question was not clear enough, my fear is rather that the browser has the ability, without asking, to transmit the image of a full screen or apps. And that some sites may abuse this to obtain private information, rather than leaking anything by accident. — May 13, 2020 at 09:43  
  • +0 – I thin that is mainly because of the browser extension of webex ! otherwise if they are using the native browser API you will get a confirmation box ! — May 13, 2020 at 10:03  
  • +0 – I just checked and really found a "Hangouts" extension. I do not recall installing it but you are right, thanks. — May 13, 2020 at 10:11  

External Links

External links referenced by this document: