During Apple’s WWDC 2020 keynote, we learned that iOS 14 will lock down your iPhone’s clipboard. We’re learning, a few third-party apps at a time, why that’s so important. A developer using the iOS 14 beta has discovered that Reddit and LinkedIn are among a handful of apps that spy on the iOS clipboard.
What We’ve Learned About the Clipboard Problem
We learned that the iOS 14 beta includes a feature that detects when a third-party app is found to spy on the iOS clipboard. For those who don’t know, the clipboard is where iOS stores data when you copy it from one app to another.
When we dove into the iOS 14 beta, we quickly discovered that we were getting notifications when certain apps were snooping around the iOS clipboard. Apps like TikTok and Accuweather were caught snooping. This means those apps could copy things like your PIN numbers, credit card information, Social Security Numbers, and more. Those apps aren’t necessarily doing this, but they could.
Even More Apps that Spy on the iOS Clipboard
Developer Don Morton has discovered even more apps that spy on the iOS clipboard. Microsoft’s networking app, LinkedIn, is a notable culprit, as is the social networking app Reddit.
That means three apps, just since the beta released to developers on June 22, have been caught red-handed in the iOS clipboard. TikTok, Reddit, and LinkedIn are on Don Morton’s list. Others have noted that Google News, Patreon, Call of Duty, Fruit Ninja, and Philips Sonicare App will also start copying clipboard data once the apps are opened.
Some Developers’ Response to Being Caught in the iOS Clipboard
A spokesperson from LinkedIn told ZDNet that the app could spy on the iOS clipboard as part of a bug. LinkedIn is fixing it in an update. The site’s engineering vice president, Erran Berger, stated that the app does not “store or transmit the clipboard contents.”
TikTok claimed that the spying activity was because of an anti-spam “fraud detection mechanism,” and that it never copied any content from anyone’s iPhone. Nevertheless, TikTok has removed that mechanism in an update.
Finally, Reddit says it will be issuing its own software update. This will remove the code causing it to access the iPhone user’s clipboard without good cause. Users can expect that update around July 14, 2020.
Steps You Can Take to Protect Your iOS Clipboard
There are some steps you can take to protect your data, and more could be forthcoming. First of all, some password manager apps automatically clear your clipboard after a certain amount of time has passed. For example, 1Password has a feature that will automatically clear any field copied from that app in 90 seconds. Any of these features can help stop an app from being able to spy on the iOS clipboard.
A group of developers and users are taking things a step further. They will be asking Apple to further restrict iOS clipboard access. They want it to be a permission that users must agree to give to an app.