
LinkedIn, Reddit, GoogleNews and others caught spying on iPhone clipboards - phront
https://www.phonearena.com/news/more-iphone-clipboard-snoopers-surface_id125733
======
rs23296008n1
I've removed them. Is there any justification why these apps shouldn't simply
be listed with a spyware warning? I've tried to see the "innocent
misunderstanding" angle but I just can't.

Linkedin. Not sure why it needed to snoop the clipboard. Anyone care to
explain why it needed that access?

I can't see any reason why Reddit needed it either. Reddit broke their web
experience as well.

Can't these apps rely on paste? Or it is a tooling/sdk issue?

I also found the app I use to top up phone credit was demanding camera access
on android. Removed that as well. Spyware.

~~~
loljabab
If this is spyware and the actual contents are being sent somewhere, you’ll
hear about it.

This seems pretty overblown. Here is a simple explanation: the apps exhibit
different behavior when a relevant URL is on the clipboard. Reddit does this.

That being said, I’m glad apple is giving the clipboard some privacy
attention. Tons of people send their passwords thru the clipboard.

~~~
rs23296008n1
I don't think its overblown.

Snooping the clipboard is usually either spyware activity or utility behavior.
Its not as if its a password manager expiring a copied password. Its not even
something grabbing text from the clipboard because I've set it up to do so in
some text processing utility.

Linkedin doesn't need this kind of functionality. They simply got caught.

Plenty of other shenanigans going on. This is likely just one of many.

------
josephcsible
This kind of thing is why I insist on using Reddit via mobile Web instead of
their app, no matter how much they nag me to switch. Native apps allow lots of
invasions of privacy like this. Web apps inherently don't, and they can still
do everything that I'd want for sites like Reddit.

~~~
lopis
There are multiple Reddit apps on F-Droid too.

~~~
Topgamer7
That way someone else can steal your data instead of the Reddit org, woo-hoo!

~~~
sudosysgen
They're open source on F-Droid. You could literally just grep for the
clipboard access method in 5 minutes.

~~~
josephcsible
There's other ways an app could invade your privacy than just the clipboard.

~~~
sudosysgen
sure, and for all of them you can find if they do or not by looking at the
source code.

------
dang
[https://news.ycombinator.com/item?id=23725556](https://news.ycombinator.com/item?id=23725556)

[https://news.ycombinator.com/item?id=23716451](https://news.ycombinator.com/item?id=23716451)

[https://news.ycombinator.com/item?id=23634138](https://news.ycombinator.com/item?id=23634138)

[https://news.ycombinator.com/item?id=23691190](https://news.ycombinator.com/item?id=23691190)

------
namanaggarwal
Genuine Question: Can/Does apple allow some apps to not show this warning. I
don't have an iphone but if safari has a feature like Chrome to show the
copied url then this should pop up every time I open safari. Which is not good
for apple and is a good enough feature I guess.

------
Jyaif
Some of these apps offer suggestions based on the content of the clipboard.
How else can they do that without looking at the clipboard?

~~~
p49k
Should work like all other privacy settings. The first time the app tries to
access the clipboard, the OS should prompt “Reddit is trying to access the
clipboard [Allow / Deny]”. Then the preference is set and can be changed in
settings.

~~~
Topgamer7
They have this for certain things. MyFitnessPal asks me incessantly to have
access to my "step" permission. I vehemently agree we should have more access
to fine-grain permissions. Although apps should be punished for nagging me to
change my settings every time I open the app.

