Tech2 news teamJune 30, 2020 6:30:15 PM
After IOS 14 beta developer recently launched, it was found that TikTok was accessing data from the users' clipboard. However, the software's anti-spam feature forced the application to release an update to prevent the application to do so, according to a report from The telegraph.
This report led us to a research by Talal Haj Bakry and Tommy Mysk, reported in ArsTechnica, according to which 53 other iOS apps were also found spying on users' clipboard sensitive data passwords, addresses and anything else on the clipboard.
In addition, the ArsTechnica The report also states that, although TikTok claiming to have released an update to end the practice, "it continues to access some of the most sensitive data for Apple users, which may include passwords, cryptocurrency wallet addresses, account reset links and personal messages."
According to researchers Bakry and Mysk, these iOS apps "deliberately called an iOS programming interface that retrieves text from users' clipboards".
1. Have something on your clipboard. For example, copy some text from Notes or from a website
2. Open TikTok and start typing in any text field
3. You learn with iOS 14 beta whenever a "glue" app – but in this case I didn't request it and no text appears in the user interface
– Jeremy Burge (@jeremyburge) June 24, 2020
Allegedly, this practice has also been observed in some important news applications, such as Fox News, New York Times, and The Wall Street Journal, as well as in game apps like Bejeweled, Fruit Ninja and PUBG Mobile. Some social media apps are also on the list, including Viber, Weibo, and Truecaller. (The complete list of applications is at the end of the article.)
It is also currently unclear how these applications behave on Android.
"It's very, very dangerous," said Mysk in an interview on Friday, referring to the indiscriminate reading of the applications by the clipboard data. "These apps are reading clipboards and there's no reason to do that. An app that doesn't have a text field for entering text has no reason to read text from the clipboard.”
The researchers also mention that the problem is not just limited data stored on the local device. Because Apple universal transfer feature, these applications can access clipboard data on users' iPhone, iPad, and Mac.
The video below explains how these applications exploit Apple's universal clipboard feature:
Although the survey was originally published in March of this year, the problem has now arisen after Apple released the iOS 14 developer beta update.
A new feature in the new iOS iteration shows users a warning whenever an app reads the contents of the clipboard. Due to the feature, users who were testing the beta version began to realize how many applications are involved in practice and how often they do it.
One of those initial testers is Ryan Jones, who posted a video on Youtube (embedded below) showing some apps that triggered the warning on iOS 14.
Complete list of apps that are supposed to access iOS users' clipboard data:
Al Jazeera English
New York Times
The Huffington Post
Wall Street Newspaper
8 Ball Pool
Classic Bejeweled HD
Plants vs. Zombies Heroes
Pooking – Billiard City
Mask Tomb: Color
Total Party Kill
10% happier: meditation
5-0 Radio Police Scanner
AliExpress Shopping App
Bed Bath and Beyond
Pigment – adult coloring book
Recolor the coloring book for coloring
The Weather Network
Find the latest and future technology gadgets online at Tech2 gadgets. Get tech news, reviews, and gadget ratings. Popular gadgets, including laptop, tablet and mobile specs, features, pricing and comparison.