Reddit, LinkedIn and TikTok updates to stop copying the clipboard in iOS

Reddit, LinkedIn and TikTok updates to stop copying the clipboard in iOS Cybersecurity

Since the last beta version of iOS 14, it has been revealed that several applications copy – like Reddit, Linkedin or TikTok – the data from the clipboard without the users’ knowledge.

iOS 14 , Apple’s next major update for the iPhone and iPad operating system, has a security feature that tells users if an application copies data temporarily stored on the clipboard. This may not seem like a big deal, but think of the times when, for example, you copied a password from a password manager and pasted it into an app to access an account, or copied a credit card number and pasted it on a website to buy something. When you copy this information, it is temporarily stored on the clipboard.

With the latest beta version of iOS 14, it was revealed that several applications were copying data from the clipboard. Reddit, LinkedIn, TikTok and many other apps are just a few that triggered the iOS 14 alert. LinkedIn , Reddit and TikTok have immediately announced that they will update their applications so that they no longer have access to the clipboard. LinkedIn and Reddit say it is a bug, while TikTok says it was for monitoring “spam behavior”.

A violation unveiled last March

This security breach was discovered by Talal Haj Bakry and Tommy Mysk, and detailed in a report originally published in March. The report explains how, in earlier versions of iOS, applications can freely access the clipboard and why this is a security risk. The report by Messrs. Bakry and Mysk contains a list of popular apps found to access the clipboard, and the list is frequently updated when a developer fixes the problem.

While it is easy to assume that applications that copy the contents of the clipboard are not to be trusted, it is more likely to be due to programming errors, as pointed out. John Gruber of Daring Fireball (Mr. Gruber calls this “botched programming”). If an app has not been updated to resolve this issue, you can remove the app from your device until the fix is ​​available.

Source: www.lemondeinformatique.fr

Rate article