An iOS developer noticed last week that the LinkedIn app is copying data from the clipboard with every keystroke in the background for no reason (via Pocketnow). Moreover, the app can easily read data that has been copied on all devices linked with the same iCloud account, and it can include anything from ordinary text to sensitive details such as passwords and more.
Apple has recently rolled out a new iOS 14 privacy feature called paste notifications to developers that notifies users when unauthorized apps try to access text copied to the Apple clipboard. The clipboard feature has already exposed apps like AliExpress, AccuWeather, and TikTok that have been reading users’ clipboards on iPhone and iPad for a while.
LinkedIn is copying the contents of my clipboard every keystroke. IOS 14 allows users to see each paste notification.
I’m on an IPad Pro and it’s copying from the clipboard of my MacBook Pro.
Tik tok just got called out for this exact reason. pic.twitter.com/l6NIT8ixEF
— Don 𝘧𝘳𝘰𝘮 urspace.io (@DonCubed) July 2, 2020
In response to the report, a LinkedIn spokesperson explained in a tweet that it's a bug, and also promised a fix to address this issue. "We've traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box. We don't store or transmit the clipboard contents," said Erran Berger, VP Engineering of Consumer Products at LinkedIn.
It’s not hard to imagine that LinkedIn isn't the only iOS app that will receive a fix to address the unauthorized clipboard access problem, and we do hope that many high profile apps will probably get new updates to stop this suspicious behaviour before the public release of iOS 14 this fall.
Have you noticed a similar activity on your devices? Let us know in the comments down below.