After the release of Apple’s iOS 14 developer beta for iPhone last week, it has been quite clear that many iOS apps, TikTok being one of them, are reading the user’s clipboard data even when not required, and they can also do so from the nearby Apple devices.
The alarm bells first rang in March, when researchers Tommy Mysk and Talal Haj Bakry published a report suggesting, that popular iOS and iPad apps can access user’s data copied to the clipboard without their permission. Also, as per the recent report by Ars Technica, the data copied could be a Bitcoin address or other sensitive financial information.
Apple iOS 14 Beta Release
This research is now confirmed by the developer beta release of iOS beta 14, which includes a unique feature giving a banner warning to the user, each time an app reads clipboard contents. TikTok, in particular, is requesting data every couple of keystrokes, even when not initiated by the user. After several people tested this beta release, they realized at once, just how many apps copy their private, sensitive data, even when it is not required.
Also, Apple’s devices, iPhones, iPads, and Macs share a Universal Clipboard feature. When devices sharing Apple ID are within 10 feet of each other, they can read clipboard data of others as well.
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
Even after the research report release, Tik Tok and the other apps never really stopped monitoring.
When Tik Tok was called out in March for snooping, it had told the UK publication, The Telegraph, that it would end the practice in the coming weeks. But, Mysk has recently revealed that the app has continued with the monitoring. Mysk and Haj Bakry have identified more than 50 major apps that include Tik Tok, The New York Times, Accu Weather, Hotels.com, utilizing this functionality.
This clipboard reading is also likely to extend to Android and other operating systems. It is worse in Android than iOS because the OS APIs are more lenient.
Mysk urges Apple and Google to do more
The developer beta release of iOS14 is a good start, said Mysk, but he said that Apple and Google should do more. He suggested two possibilities. One could be standard access permission, every time a clipboard reading is required. Other could be a complete disclosure of what clipboard data access would be required and what the app intends to do with it.
Having said the same, users should hereon be aware of any sensitive data available on the clipboard, and regularly flush it by copying a character, word, or other unimportant data instead.