Reddit app update incoming after triggering iOS 14 clipboard snooping notice

Posted:
in iOS edited July 2020
Reddit has become the latest high-profile service to confirm it will be updating its iOS app to stop copying data from the clipboard, following complaints of it repeatedly triggering iOS 14's new privacy-focused clipboard monitoring system.

Reddit logo on a clipboard
Reddit logo on a clipboard


Apple's clipboard snooping feature included in iOS 14 alerts users to instances when third-party apps attempt to access the clipboard on an iPhone or iPad. The triggering of alerts by apps used in the current developer betas has led to companies scrambling to make changes to stop the alert from popping up at times when users aren't consciously expecting the clipboard to be accessed.

On Saturday, Reddit confirmed it was releasing a fix for code that copied text from a clipboard to its iOS app. Users had discovered the app attempted to copy clipboard data with every keystroke a user made.

UPDATE: Seems like Reddit is capturing the clipboard on each keystroke as well

Seeing the notification come up just as much. pic.twitter.com/nzbElmRG2a

-- Don urspace.io (@DonCubed)


In a statement to The Verge, Reddit explained "We tracked this down to a codepath in the post composer that checks for URLs in the pasteboard and then suggests a post title based on the text contents of the URL."

The spokesperson went on to assure there was no breach of privacy as Reddit does not "store or send the pasteboard contents." The code relating to the feature has reportedly been removed, with a proper fix anticipated to be made available on July 14.

Reddit is only the latest iOS app provider to be affected by the iOS 14 notification. On Friday, LinkedIn blamed a software bug for its app triggering the notification, while long-time culprit TikTok has assured it will be updating its app to cease the activity, one that it was caught doing in March.

It remains to be seen if other major apps found to be doing the same thing will be making similar changes.
«1

Comments

  • Reply 1 of 30
    lkrupplkrupp Posts: 10,557member
    Funny how the cockroaches scurry when the rock is lifted and light falls upon them. Go Apple!
    svanstromBeatschasmmike54watto_cobra
  • Reply 2 of 30
    Rayz2016Rayz2016 Posts: 6,957member
    lkrupp said:
    Funny how the cockroaches scurry when the rock is lifted and light falls upon them. Go Apple!
    And the developers who highlighted the problem. 
    CloudTalkinchasmmtrivisowatto_cobra
  • Reply 3 of 30
    svanstromsvanstrom Posts: 702member
    Bye-bye apps, hello webapps/links.
    williamlondonmtriviso
  • Reply 4 of 30
    BeatsBeats Posts: 3,073member
    Haha Apple cracking the whip on bad developers!
    mtrivisowatto_cobra
  • Reply 5 of 30
    bonobobbonobob Posts: 382member
    Should we assume that the fix will only apply to iOS 14?  Will they conytnue to read the clipboard on earlier releases?
  • Reply 6 of 30
    bonobobbonobob Posts: 382member
    svanstrom said:
    Bye-bye apps, hello webapps/links.
    But Safari in iOS 14 blocks tracking.  How will that help?
  • Reply 7 of 30
    eriamjheriamjh Posts: 1,630member
    bonobob said:
    Should we assume that the fix will only apply to iOS 14?  Will they conytnue to read the clipboard on earlier releases?
    Well, how will the earlier releases get blocked?   So, yes.  They will continue to snoop.  However, an app update that you run on iOS 12 or 13 won’t snoop, if it’s compatible.   

    For example, I’m still running ios12 on my 7+.   I update apps all the time, but not the OS.   
    edited July 2020 williamlondon
  • Reply 8 of 30
    chasmchasm Posts: 3,273member
    Even if I buy LinkedIn/Reddit’s similar “bugs” and claims that they weren’t collecting the information — which I don’t — this just seems like such a major potential vector for stealing potentially valuable/identifiable information that while iOS 14 makes users more aware of it, Apple should really consider at least hashing clipboard contents until pasted. I occasionally have to copy-paste strong passwords from the Keychain or programs like 1Password when the auto fill function is confused by a site or app’s login layout (which happens more often than I’d like, but not that often).

    Possibly I don’t understand the full technical details of it well enough and it is less of a attack vector than I think it is, but the convenience vs possible abuse factor seems to be high on the latter versus the former (particularly for malicious websites and/or scamware). I think Apple may need to consider going further than a warning — and indeed I would at least make this notification retroactive to the other supported OS versions, I think the risk is that high.
    mike54Ofermuthuk_vanalingamwatto_cobra
  • Reply 9 of 30
    hexclockhexclock Posts: 1,243member
    Maybe we will get improved battery life without all these stupid apps checking the clipboard all the time. 
    anantksundaramBeatsmtrivisowatto_cobra
  • Reply 10 of 30
    donjuandonjuan Posts: 61member
    Chinese spies 
    anantksundaramBeatssvanstromwilliamlondonmtrivisowatto_cobra
  • Reply 11 of 30
    lkrupplkrupp Posts: 10,557member
    hexclock said:
    Maybe we will get improved battery life without all these stupid apps checking the clipboard all the time. 
    All this proves is that if you are on the internet your life is an open book, no matter what your carrier, hardware brand, apps. Even the concept of privacy is an illusion, and I don't care what Apple or any other tech company says about their commitment to "your security and privacy". Our tastes, preferences, locations, habits, etc. are extremely valuable commodities and will be pursued by any means necessary, legal or not. 
    anantksundaram
  • Reply 12 of 30
    anantksundaramanantksundaram Posts: 20,403member
    lkrupp said:
    hexclock said:
    Maybe we will get improved battery life without all these stupid apps checking the clipboard all the time. 
    All this proves is that if you are on the internet your life is an open book, no matter what your carrier, hardware brand, apps. Even the concept of privacy is an illusion, and I don't care what Apple or any other tech company says about their commitment to "your security and privacy". Our tastes, preferences, locations, habits, etc. are extremely valuable commodities and will be pursued by any means necessary, legal or not. 
    Unfortunately, there is a sufficiently large number of sheep out there that doesn't care, and makes any type of privacy gains an uphill battle.

    Thank God Apple exists: while certainly not perfect (I don't think anyone could be), they constantly raise the costs for these jerks. It's important to celebrate whatever little victories we can get as informed consumers that value the privacy of our tastes, preferences, locations and habits.
    gregoriusmbadmonkkiltedgreenwatto_cobra
  • Reply 13 of 30
    BeatsBeats Posts: 3,073member
    donjuan said:
    Chinese spies 

    You're calling HIM out to play.....
    StrangeDays
  • Reply 14 of 30
    wg45678wg45678 Posts: 47member
    svanstrom said:
    Bye-bye apps, hello webapps/links.
    Figured that out long ago.  No Facebook or Linked-in or other social app On my mobile devices because of snooping.  First my address book in early iOS, then locations—And now this. 
  • Reply 15 of 30
    mattinozmattinoz Posts: 2,299member
    wg45678 said:
    svanstrom said:
    Bye-bye apps, hello webapps/links.
    Figured that out long ago.  No Facebook or Linked-in or other social app On my mobile devices because of snooping.  First my address book in early iOS, then locations—And now this. 
    wg45678 said:
    svanstrom said:
    Bye-bye apps, hello webapps/links.
    Figured that out long ago.  No Facebook or Linked-in or other social app On my mobile devices because of snooping.  First my address book in early iOS, then locations—And now this. 
    Could this be why some web apps text field don’t handle auto correct and word completion very well. FB and related sites always double post the corrected word or shortcut completions to only the part I typed..
  • Reply 16 of 30
    I welcome this spying. Got my clipboard set to “F•ck you assholee Silicon Vallye giants” every other 30 secs via Siri Shortcuts
    badmonkmtrivisokiltedgreen
  • Reply 17 of 30
    crowleycrowley Posts: 10,453member
    It's a shame that some apps that are genuinely using the clipboard to offer features are going to be made to look like they're on the same level as scummy actors like TikTok.  I think that may actually be the majority, as I'm inclined to believe Reddit; their explanation is plausible, and it's hard to see what they have to gain by snooping on clipboards.
    watto_cobra
  • Reply 18 of 30
    StrangeDaysStrangeDays Posts: 12,834member
    svanstrom said:
    Bye-bye apps, hello webapps/links.
    Wut? Why would they want to lower the user experience and transmit more markup over the wire? Do bugs not also exist in web apps? They do.
    edited July 2020 watto_cobra
  • Reply 19 of 30
    StrangeDaysStrangeDays Posts: 12,834member

    lkrupp said:
    hexclock said:
    Maybe we will get improved battery life without all these stupid apps checking the clipboard all the time. 
    All this proves is that if you are on the internet your life is an open book, no matter what your carrier, hardware brand, apps. Even the concept of privacy is an illusion, and I don't care what Apple or any other tech company says about their commitment to "your security and privacy". Our tastes, preferences, locations, habits, etc. are extremely valuable commodities and will be pursued by any means necessary, legal or not. 
    This argument could be made about just about any idea -- just a concept, an illusion, there will always be bad guys, etc etc. And..? So what?
    watto_cobra
  • Reply 20 of 30
    command_fcommand_f Posts: 421member
    Call me old fashioned but this just seems unacceptably rude to me. It's a bit like you invite someone into your house to do a particular job and then, when you can't see, they rummage through your private documents that have nothing to do with the reason they are there. The same thought applies to those apps that, given access to Contacts for a particular address, read/copy all the others too. And 'this is how we make it free' is no excuse!

    So well done Apple.
    svanstrommtrivisowatto_cobra
Sign In or Register to comment.