Yes, that's exactly what he said in the keynote, except you can opt to allow network access after receiving the scary warning.
Gotcha.
Yeah I just watched the keynote again. I like how he said "by default, it runs in the most restricted sandbox"
At least Apple is thinking about it! Plus... any 3rd-party keyboard would have to pass Apple's app approval process. That's good.
Just curious though... what sort of stuff would you gain by letting a keyboard have network access?
well it COULD be good if we really knew what Apple checks, but we don't. I don't think it's wise to assume that Apple does any in-depth testing of third-party apps. In fact the go-to Fail issue rather suggests that the testing that ist done is not done well at all. Caution is probably necessary. But frankly I think its dumb to trust ANY company that is not open and fully transparent in software and security.
...they can request network access via a one-time popup--and then it's in your control whether to allow it or not.
To be clear, that's one-time for the app requesting access (unless you then disable that feature in Settings, presumably) and not a one-time network access session that closes after the download is complete or after a predetermined time? If the latter is an option, that would quash all my concerns, and it's not really any more complex than what they've done for years to preserve battery life with Backgrounding APIs so an app can complete a specific task before going idle.
That really isn't a lot of information. What if I install a 3rd-party keyboard and give it access to grab a special dictionary. Will it always then have internet access all the time or will that network access be immediately revoked after that task is complete, without me having to go into Settings and manually disable network access?
How has Apple sandboxed this keyboard from other apps. For instance, does allowing it to be used for Contacts also give it access to its contacts? I assume not, but again I haven't seen anything detailing how it's compartmentalizing it's functionality.
First of all, why not give Apple the benefit of the doubt here? Do you really think with all the talk of security throughout the Keynote, they would let a third party keyboard run freely throughout the OS? Honestly... If we assume anything, how about the fact that since it took so long to allow this type of feature, maybe they thought it completely through? And if they didn't... don't install 3rd party keyboards if you're that concerned.
Most modern operating systems have the ability to run code in a completely isolated fashion. The OS grabs the necessary code and resources and when a keyboard is requested by an app, the keyboard is presented. Any data entered into the keyboard can in fact be kept out of the hands of the original developer by not allowing that data to leave the device.
Using a 3rd party keyboard in Contacts is NOT going to give that keyboard access to Contacts. The keyboard doesn't know what apps are using it. All the keyboard process knows is how to display its interface and what key is pushed and then tells the OS, so the OS can send a "keydown" event to the active text field.
Another thing to consider... key logging and dictionaries could in fact be an API that's completely removed from the keyboard code itself and handled at OS level. Setting a simple property to "true" could tell the system to begin logging keystrokes and building dictionaries. Then if the keyboard wants to present the user with suggestions, it passes a block of code to the API which is used to traverse through dictionaries to determine possible matches - a list of those matches would then be returned to the keyboard on the fly, that the keyboard would display.
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
[quote name="mjtomlin" url="/t/180459/fleksy-offers-sneak-peek-of-its-third-party-keyboard-running-on-apples-ios-8#post_2545650"]First of all, why not give Apple the benefit of the doubt here?[/QUOTE]
Giving Apple the [I]benefit of the doubt [/I] does not mean I can't inquire as to how something works. I do not see Apple as altruistic, infallible or in any way a deity that needs to be worshipped so when there is information I don't have I will inquire about it. Blind acceptance is not something I possess and it's the indolent that have no desire to understand the mechanics of a system. Did we not give Apple the [I]benefit of the doubt[/I] that they had no SSL bug?
[QUOTE]Do you really think with all the talk of security throughout the Keynote, they would let a third party keyboard run freely throughout the OS?[/QUOTE]
Based on the comments here the keyboard could very well log and transmit your keystrokes if you give it network access.
[QUOTE]Honestly... If we assume anything, how about the fact that since it took so long to allow this type of feature, maybe they thought it completely through?[/QUOTE]
The problem is that an assumption is neither proof nor knowledge. Frankly I find is absurd that you're getting defensive because I wanting to know about its [I]intelligent design[/I]. [I][B]Burn the heretic¡[/B][/I]
Yes, that's exactly what he said in the keynote, except you can opt to allow network access after receiving the scary warning.
if you would've listened during the keynote, keyboards are sandboxxed. They can be given limited or full access depending on what you want. Developers can keylog, but that doesn't mean they will
I stil have concerns about security with a systemwide 3rd-party keyboard. Has Apple detailed how they plan to prevent key logging?
They explained that during the keynote. Third party keyboards have the highest level of sandboxing, so they can't send any info anywhere but to the app using it. The keyboard software can request access to the internet, but then you get the big scary warning.
Yeah, but no, at least to allowing network access to a third party keyboard. Only thing I can think of are for updates which should be handled just like app updates. The keyboard itself should never have to go to another server. I'd rather have that functionality local to the device and the device only.
well it COULD be good if we really knew what Apple checks, but we don't. I don't think it's wise to assume that Apple does any in-depth testing of third-party apps. In fact the go-to Fail issue rather suggests that the testing that ist done is not done well at all. Caution is probably necessary. But frankly I think its dumb to trust ANY company that is not open and fully transparent in software and security.
True.
Apple has caught apps that do nefarious things and booted them from the App Store.
I would hope they are extra careful when vetting these keyboards.
But I probably won't grant network access if I decide to use a 3rd-party keyboard... I don't really understand the need.
But I probably won't grant network access if I decide to use a 3rd-party keyboard... I don't really understand the need.
Building crowd-sourced databases.. it's the quickest method of building highly accurate keyboards (anything really). Something like Swipe probably has a gesture database that it can use to more accurately determine what the user "meant" to type. Also offer up the most highly used "next" word that follows what you just entered. Something like QuickType uses Apple's Siri engine to determine context and offer up words and terms that might be more applicable. Anything that complicated probably won't work locally on a device and would have to be sent and processed on a more powerful system.
Older auto-correct systems are just glorified spelling checkers and that can be done using a locally kept dictionary.
It's hard to see how anyone can have blind faith in a company's ability to protect you when this sort of blatant skullduggery occurs.
I'm surprised that whoever is working at Apple's appstore had never heard of 1Password and didn't notice that the fraudulent app was a blatant copy, just look at the icon! Even the name is the same!
As for me, I still store passwords in my head and on secure stickies, for now at least.
And the criminals behind the ripoff app should be banned for life from the Apple App store, and they should also be prosecuted and thrown into jail.
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
I'll stick with the Apple keyboard, methinks.
Ditto. Even if you can somehow convince yourself that it's ok to trust the developer with *everything* you type on your phone, are you sure you trust the company that comes along and buys that developer out? One great feature of Apple products is Apple's market cap --- it's too big for Google to buy.
If you've ever installed an app on Android or Windows Phone you'll have seen the long list of permissions requested, many of them completely unrelated to the purpose of the app. That's just how it goes. They ask for the moon and hope you'll give it to them.
I don't know what sort of hidden permissions apps get on WP, but on Android there are some things all apps have access to by default. You're not informed about them and there's no way to deny permission. Access to the phone is one example. Every Android app can watch who you call and who calls you. There is absolutely no way to prevent it other than never using your phone as a phone (or switching to iPhone).
Third party keyboards that provide intelligent suggestions obviously log everything you type. If they didn't they'd have a really tough time coming up with good suggestions. People love the convenience and never really think about what key logging really means and what things, other than suggesting words for you, the developer could be using those logs for. It's likely that every 3rd party Android keyboard transmits logs to the developer to improve their word suggestion lists. And yes those logs will include your user IDs and passwords, most likely in plain text.
A fully sandboxed keyboard is never going to be able to update its word lists based on anything but your own typing, but that's the whole point. The words I want to see suggested are the ones I'm most likely to type, not those most likely to appear in texts between 16 year old girls.
I'm sure this will get its own article but I'm posting it hear because it speaks to Apple occasionally overlooking something that could lead to a dangerous result, especially since it deals with a lack of sandboxing.
WOW. Who on earth would install a 3rd party keyboard after seeing this warning?
Apple should have designed a much better way of making sure that anything typed stays in the phone - for example by preventing network access for custom keyboard apps.
Sorry, that's not how it works. By installing a custom keyboard you are performing an invasive change to your device.
For my money, I'd just like to see Apple improve the Shift function so it is more obvious upper or lowercase is selected.
Comments
Yes, that's exactly what he said in the keynote, except you can opt to allow network access after receiving the scary warning.
Gotcha.
Yeah I just watched the keynote again. I like how he said "by default, it runs in the most restricted sandbox"
At least Apple is thinking about it! Plus... any 3rd-party keyboard would have to pass Apple's app approval process. That's good.
Just curious though... what sort of stuff would you gain by letting a keyboard have network access?
well it COULD be good if we really knew what Apple checks, but we don't. I don't think it's wise to assume that Apple does any in-depth testing of third-party apps. In fact the go-to Fail issue rather suggests that the testing that ist done is not done well at all. Caution is probably necessary. But frankly I think its dumb to trust ANY company that is not open and fully transparent in software and security.
To be clear, that's one-time for the app requesting access (unless you then disable that feature in Settings, presumably) and not a one-time network access session that closes after the download is complete or after a predetermined time? If the latter is an option, that would quash all my concerns, and it's not really any more complex than what they've done for years to preserve battery life with Backgrounding APIs so an app can complete a specific task before going idle.
That really isn't a lot of information. What if I install a 3rd-party keyboard and give it access to grab a special dictionary. Will it always then have internet access all the time or will that network access be immediately revoked after that task is complete, without me having to go into Settings and manually disable network access?
How has Apple sandboxed this keyboard from other apps. For instance, does allowing it to be used for Contacts also give it access to its contacts? I assume not, but again I haven't seen anything detailing how it's compartmentalizing it's functionality.
First of all, why not give Apple the benefit of the doubt here? Do you really think with all the talk of security throughout the Keynote, they would let a third party keyboard run freely throughout the OS? Honestly... If we assume anything, how about the fact that since it took so long to allow this type of feature, maybe they thought it completely through? And if they didn't... don't install 3rd party keyboards if you're that concerned.
Most modern operating systems have the ability to run code in a completely isolated fashion. The OS grabs the necessary code and resources and when a keyboard is requested by an app, the keyboard is presented. Any data entered into the keyboard can in fact be kept out of the hands of the original developer by not allowing that data to leave the device.
Using a 3rd party keyboard in Contacts is NOT going to give that keyboard access to Contacts. The keyboard doesn't know what apps are using it. All the keyboard process knows is how to display its interface and what key is pushed and then tells the OS, so the OS can send a "keydown" event to the active text field.
Another thing to consider... key logging and dictionaries could in fact be an API that's completely removed from the keyboard code itself and handled at OS level. Setting a simple property to "true" could tell the system to begin logging keystrokes and building dictionaries. Then if the keyboard wants to present the user with suggestions, it passes a block of code to the API which is used to traverse through dictionaries to determine possible matches - a list of those matches would then be returned to the keyboard on the fly, that the keyboard would display.
I can't think of any specifics but I also can't shake this feeling there are some legitimate and clever reasons for a networked keyboard.
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
I'll stick with the Apple keyboard, methinks.
Giving Apple the [I]benefit of the doubt [/I] does not mean I can't inquire as to how something works. I do not see Apple as altruistic, infallible or in any way a deity that needs to be worshipped so when there is information I don't have I will inquire about it. Blind acceptance is not something I possess and it's the indolent that have no desire to understand the mechanics of a system. Did we not give Apple the [I]benefit of the doubt[/I] that they had no SSL bug?
[QUOTE]Do you really think with all the talk of security throughout the Keynote, they would let a third party keyboard run freely throughout the OS?[/QUOTE]
Based on the comments here the keyboard could very well log and transmit your keystrokes if you give it network access.
[QUOTE]Honestly... If we assume anything, how about the fact that since it took so long to allow this type of feature, maybe they thought it completely through?[/QUOTE]
The problem is that an assumption is neither proof nor knowledge. Frankly I find is absurd that you're getting defensive because I wanting to know about its [I]intelligent design[/I]. [I][B]Burn the heretic¡[/B][/I]
I stil have concerns about security with a systemwide 3rd-party keyboard. Has Apple detailed how they plan to prevent key logging?
They explained that during the keynote. Third party keyboards have the highest level of sandboxing, so they can't send any info anywhere but to the app using it. The keyboard software can request access to the internet, but then you get the big scary warning.
True.
Apple has caught apps that do nefarious things and booted them from the App Store.
I would hope they are extra careful when vetting these keyboards.
But I probably won't grant network access if I decide to use a 3rd-party keyboard... I don't really understand the need.
But I probably won't grant network access if I decide to use a 3rd-party keyboard... I don't really understand the need.
Building crowd-sourced databases.. it's the quickest method of building highly accurate keyboards (anything really). Something like Swipe probably has a gesture database that it can use to more accurately determine what the user "meant" to type. Also offer up the most highly used "next" word that follows what you just entered. Something like QuickType uses Apple's Siri engine to determine context and offer up words and terms that might be more applicable. Anything that complicated probably won't work locally on a device and would have to be sent and processed on a more powerful system.
Older auto-correct systems are just glorified spelling checkers and that can be done using a locally kept dictionary.
Speaking of vetting, how the hell did this get past anyone?
It's hard to see how anyone can have blind faith in a company's ability to protect you when this sort of blatant skullduggery occurs.
edit: It appears to have finally ben removed after attention was brought to it by bloggers.
It's hard to see how anyone can have blind faith in a company's ability to protect you when this sort of blatant skullduggery occurs.
I'm surprised that whoever is working at Apple's appstore had never heard of 1Password and didn't notice that the fraudulent app was a blatant copy, just look at the icon! Even the name is the same!
As for me, I still store passwords in my head and on secure stickies, for now at least.
And the criminals behind the ripoff app should be banned for life from the Apple App store, and they should also be prosecuted and thrown into jail.
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
I'll stick with the Apple keyboard, methinks.
Ditto. Even if you can somehow convince yourself that it's ok to trust the developer with *everything* you type on your phone, are you sure you trust the company that comes along and buys that developer out? One great feature of Apple products is Apple's market cap --- it's too big for Google to buy.
If you've ever installed an app on Android or Windows Phone you'll have seen the long list of permissions requested, many of them completely unrelated to the purpose of the app. That's just how it goes. They ask for the moon and hope you'll give it to them.
I don't know what sort of hidden permissions apps get on WP, but on Android there are some things all apps have access to by default. You're not informed about them and there's no way to deny permission. Access to the phone is one example. Every Android app can watch who you call and who calls you. There is absolutely no way to prevent it other than never using your phone as a phone (or switching to iPhone).
Third party keyboards that provide intelligent suggestions obviously log everything you type. If they didn't they'd have a really tough time coming up with good suggestions. People love the convenience and never really think about what key logging really means and what things, other than suggesting words for you, the developer could be using those logs for. It's likely that every 3rd party Android keyboard transmits logs to the developer to improve their word suggestion lists. And yes those logs will include your user IDs and passwords, most likely in plain text.
A fully sandboxed keyboard is never going to be able to update its word lists based on anything but your own typing, but that's the whole point. The words I want to see suggested are the ones I'm most likely to type, not those most likely to appear in texts between 16 year old girls.
[LIST]
[*] http://goo.gl/6IWzrW
[/LIST]
Language, emoji, and skin packs. Some save your user dictionary/style to the cloud so it doesn't need to relearn them when you get a new device.
Uh… download those.
If those are the only uses I'd think a better solution is to us in-app purchases thereby making them pushable from the App Store to the keyboard app.
WOW. Who on earth would install a 3rd party keyboard after seeing this warning?
Apple should have designed a much better way of making sure that anything typed stays in the phone - for example by preventing network access for custom keyboard apps.
Sorry, that's not how it works. By installing a custom keyboard you are performing an invasive change to your device.
For my money, I'd just like to see Apple improve the Shift function so it is more obvious upper or lowercase is selected.