July 10, 2020

Digital Privacy: “TikTok and 53 Other iOS Apps Still Snoop Your Sensitive Clipboard Data”

From ars technica:

In March, researchers uncovered a troubling privacy grab by more than four dozen iOS apps including TikTok, the Chinese-owned social media and video-sharing phenomenon that has taken the Internet by storm. Despite TikTok vowing to curb the practice, it continues to access some of Apple users’ most sensitive data, which can include passwords, cryptocurrency wallet addresses, account-reset links, and personal messages. Another 53 apps identified in March haven’t stopped either.

[Clip]

In many cases, the covert reading isn’t limited to data stored on the local device. In the event the iPhone or iPad uses the same Apple ID as other Apple devices and are within roughly 10 feet of each other, all of them share a universal clipboard, meaning contents can be copied from the app of one device and pasted into an app running on a separate device.

That leaves open the possibility that an app on an iPhone will read sensitive data on the clipboards of other connected devices. This could include bitcoin addresses, passwords, or email messages that are temporarily stored on the clipboard of a nearby Mac or iPad. Despite running on a separate device, the iOS apps can easily read the sensitive data stored on the other machines.

Read the Complete Article, Review List of Apps

Gary Price About Gary Price

Gary Price (gprice@mediasourceinc.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. Before launching INFOdocket, Price and Shirl Kennedy were the founders and senior editors at ResourceShelf and DocuTicker for 10 years. From 2006-2009 he was Director of Online Information Services at Ask.com, and is currently a contributing editor at Search Engine Land.

Share