LinkedIn blames bug for clipboard snooping discovered by iOS 14
LinkedIn claims that clipboard snooping behavior, recently revealed in the firm's iOS app by a new iOS 14 data privacy feature, is caused by a software bug.
Credit: LinkedIn
On Thursday, a portfolio portal developer testing Apple's iOS 14 beta release discovered that the LinkedIn app was copying the contents of their clipboard after every keystroke. When ZDNet reached out to LinkedIn, the company said the issue was tied to a bug in its software.
A day later, LinkedIn product engineering head Erran Berger added more detail about the issue on Twitter, writing that the company had traced the bug to a "code path that only does an equality check clipboard contents and the currently typed content in a text box."
"We don't store or transmit the clipboard contents," Berger wrote, adding that a fix for the issue is on the way.
With iOS 14, Apple will introduce a simple mechanism that notifies users when an app reads contents from their system clipboard. The feature was introduced at WWDC just three months after a pair of developers revealed that the practice was rampant among popular apps.
The LinkedIn controversy comes a week after TikTok, one of the most popular apps in the world, said it would stop snooping on user clipboards after iOS 14 revealed that it was doing just that. TikTok said that the snooping was an anti-spam measure.
Although the iOS 14 feature is raising awareness of clipboard snooping, many apps still carry on with the practice. On Sunday, 54 out of 56 top apps that were found to read the contents of a user's clipboard were still snooping.
Credit: LinkedIn
On Thursday, a portfolio portal developer testing Apple's iOS 14 beta release discovered that the LinkedIn app was copying the contents of their clipboard after every keystroke. When ZDNet reached out to LinkedIn, the company said the issue was tied to a bug in its software.
A day later, LinkedIn product engineering head Erran Berger added more detail about the issue on Twitter, writing that the company had traced the bug to a "code path that only does an equality check clipboard contents and the currently typed content in a text box."
"We don't store or transmit the clipboard contents," Berger wrote, adding that a fix for the issue is on the way.
With iOS 14, Apple will introduce a simple mechanism that notifies users when an app reads contents from their system clipboard. The feature was introduced at WWDC just three months after a pair of developers revealed that the practice was rampant among popular apps.
The LinkedIn controversy comes a week after TikTok, one of the most popular apps in the world, said it would stop snooping on user clipboards after iOS 14 revealed that it was doing just that. TikTok said that the snooping was an anti-spam measure.
Although the iOS 14 feature is raising awareness of clipboard snooping, many apps still carry on with the practice. On Sunday, 54 out of 56 top apps that were found to read the contents of a user's clipboard were still snooping.
Comments
Woof.
Owned by Microsoft.
Apple then made excuses as it being ‘intended behavior’.
That said, Apps frequently do things they’re not supposed to like collect location data, or send information unencrypted.
I install as few apps as possible and use websites instead. Location services are disabled unless needed for a trusted app (banking).
Every App in this list is permanently banned. I don’t care if it’s 50 years from now, they will NEVER be installed on one of my devices.
It even shows a map where the information is being sent - shocking number of data sent internationally.
I used to store private information in Contacts, only to find out that none of that is private. And now of course anything cut and pasted is apparently open to all.
I applaud Apple for their privacy efforts, but worried that we are all way behind on this issue.
btw, apple’s messages app has a problem with the clipboard on the Mac. When I open messages, it fills my message line with some words from either the clipboard or some other source, before I have a chance to enter my message. Disconcerting.
it’s very possible the classes many of the developers used included code that did this process without them knowing, and is only now being discovered with iOS14.
i suspect the majority of the apps did nothing with it. The ones to worry about are those nefarious developers that discovered it, said nothing, and did something with the copied clipboard.
This is good actually. Means code will be that much more tightened.
iOS would need to maintain a record of the last clipboard copied/cut to, and then paste from that one. The other problem is that maintaining a separate clipboard for every running application would exhaust the phone's memory in about a day.
These.
In most cases, we're just looking at bad programming, though it's good that it's being highlighted.