On Mac, entering a bitcoin address in Contact uses ctrl-V, not command-V

[jim618]

On A Mac, when you create a new Contact and try to paste a bitcoin address into the address field you need to use ctrl-V rather than command-V as it should be.

[jim618]

@gary-rowe Could you have a look at this one please ? I have had a look at the code (MultiBitHD#initialiseUIViews() ) and cannot see anything obviously wrong with it. It was working in the past so I wonder if it the order things are done. According to this: http://stackoverflow.com/questions/7252749/how-to-use-command-c-command-v-shortcut-in-mac-to-copy-paste-text

we are doing it correctly but the app is still using ctrl-V etc.

[gary-rowe]

I've replicated the behaviour here so I'll dig in and work out what's changed. Ordering sounds like a good bet but nothing is obvious.

[gary-rowe]

Turns out it was the Themes code messing with the UIManager. I've added comments to indicate the correct ordering to avoid this in the future.

Also I've improved the method names and system property ordering in an attempt to reduce the "TimSort" problem since there was a possibility of java.util.Arrays getting called before the property was set which was not explicitly verified before. This verification has now been done and the startup sequence will definitely correctly activate the property now.

Finally, as part of this work I applied some thought as to why we don't support the clipboard in the password entry text fields. While this is the default Java configuration, I think that in our case it provides a better user experience if we do. More importantly, allowing the clipboard encourages the use of password managers like LastPass and KeyPass giving greater input entropy and reliable password entry.

The increased attack surface from allowing the clipboard as well as the keyboard is worth consideration. On the one hand both input methods are public within the machine and therefore susceptible to malware like key loggers equally - no increase there. However, there is the edge case of a user leaving a machine unattended with a password in the clipboard and therefore vulnerable to Mallory making an opportunistic spend. I think that this is countered by the fact that a user employing this method will be aware of the security risks and will always lock their machine when away from it.

On balance I think the benefits outweigh the risks so I've added supporting code. Let me know your thoughts.

Ready for review and close.

[jim618]

Code review ok. Tested command-V, C, X works on Mac ok.

I think copy-paste on the password field is OK - you wouldn't be able to use a password manager without it. Closing