During Apple’s WWDC 2020 keynote, we learned that iOS 14 will lock down your iPhone’s clipboard. We’re learning, a few third-party apps at a time, why that’s so important. A developer using the iOS 14 beta has discovered that Reddit and LinkedIn are among a handful of apps that spy on the iOS clipboard.

Spy on iOS Clipboard

Your iPhone clipboard is prone to apps spying on it, bit iOS 14 makes that more obvious

What We’ve Learned About the Clipboard Problem

We learned that the iOS 14 beta includes a feature that detects when a third-party app is found to spy on the iOS clipboard. For those who don’t know, the clipboard is where iOS stores data when you copy it from one app to another.

When we dove into the iOS 14 beta, we quickly discovered that we were getting notifications when certain apps were snooping around the iOS clipboard. Apps like TikTok and Accuweather were caught snooping. This means those apps could copy things like your PIN numbers, credit card information, Social Security Numbers, and more. Those apps aren’t necessarily doing this, but they could.

Even More Apps that Spy on the iOS Clipboard

Developer Don Morton has discovered even more apps that spy on the iOS clipboard. Microsoft’s networking app, LinkedIn, is a notable culprit, as is the social networking app Reddit.

That means three apps, just since the beta released to developers on June 22, have been caught red-handed in the iOS clipboard. TikTok, Reddit, and LinkedIn are on Don Morton’s list. Others have noted that Google News, Patreon, Call of Duty, Fruit Ninja, and Philips Sonicare App will also start copying clipboard data once the apps are opened.

Some Developers’ Response to Being Caught in the iOS Clipboard

A spokesperson from LinkedIn told ZDNet that the app could spy on the iOS clipboard as part of a bug. LinkedIn is fixing it in an update. The site’s engineering vice president, Erran Berger, stated that the app does not “store or transmit the clipboard contents.”

TikTok claimed that the spying activity was because of an anti-spam “fraud detection mechanism,” and that it never copied any content from anyone’s iPhone. Nevertheless, TikTok has removed that mechanism in an update.

Finally, Reddit says it will be issuing its own software update. This will remove the code causing it to access the iPhone user’s clipboard without good cause. Users can expect that update around July 14, 2020.

Steps You Can Take to Protect Your iOS Clipboard

There are some steps you can take to protect your data, and more could be forthcoming. First of all, some password manager apps automatically clear your clipboard after a certain amount of time has passed. For example, 1Password has a feature that will automatically clear any field copied from that app in 90 seconds. Any of these features can help stop an app from being able to spy on the iOS clipboard.

A group of developers and users are taking things a step further. They will be asking Apple to further restrict iOS clipboard access. They want it to be a permission that users must agree to give to an app.

Subscribe
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
wab95

Jeff:   One of the jobs I briefly held during my hiatus between university and medical school was with a correctional system. My job was to entice employers to hire previously incarcerated youth, which meant that I had to read their files, interview them and then find an appropriate venue of employment. One of those files regarded a fellow who accidentally entered a house and inadvertently left with some property belonging to said house. Forgot he had it. And then repeatedly stumbled into other houses throughout the neighbourhood over a series of weeks. When I asked him if he felt… Read more »