TP9 just crashed whilst doing an export, and offered to send a crash report to Cerious.
I had a look through the files it was going to send to see if there was anything that might have helped me to fix the problem myself.
In amongst the usual log and dump files was a .png. THIS IS A SCREEN DUMP OF EVERYTHING ON YOUR SCREENS (YES, BOTH OF THEM) AT THE TIME OF THE CRASH!
At the time I had my online banking open on my second monitor, and there for all to see was my full account details!
Now I am not suggesting that Cerious would take advantage of this, but it could be a potential security risk if the message was intercepted.
Before sending your crash report, either exclude the .png, or at the very least edit to redact any sensitive information.
I can see how a screen dump might be useful as fault diagnosis tool, but this is a serious breach of security and privacy.
Cerious can we please have the .png omitted by default, or at the very least a prominent warning on the crash dump submission form that the .png could contain personal information. The dump creates a new .png for each crash, so if it was deemed neccessary for Phillip to see it he could always request it later.
