
iOS14 reveals that TikTok may snoop clipboard contents every few keystrokes - georgespencer
https://twitter.com/jeremyburge/status/1275896482433040386
======
SirensOfTitan
It seems like a ton of apps are abusing this feature:
[https://www.youtube.com/watch?v=pRSWdtoUAjo](https://www.youtube.com/watch?v=pRSWdtoUAjo)

I categorize this as another reason why "just trust us," just isn't acceptable
enough when it comes to data privacy and ownership. Companies just cannot be
trusted to treat their users' data with respect given the option of: profit or
privacy.

(sourced from reddit:
[https://old.reddit.com/r/apple/comments/hejb9i/ios14_catches...](https://old.reddit.com/r/apple/comments/hejb9i/ios14_catches_apps_spying_on_your_clipboard/))

~~~
alfalfasprout
People love to hate on Apple but the fact is, they continue to release
features to better showcase or restrict developers that abuse your privacy.
The "walled garden" also ensures they apply a ton of checks to apps to better
restrict abuses. Sometimes it's overly sensitive and bad things happen, but in
general it's awesome that over time it becomes harder and harder to get away
with apps blatantly spying on you.

~~~
WA
I am certainly happy about the steady pro-privacy process. I personally
consider Apple full of shit until two features are released:

1\. Contact sharing needs a complete overhaul. Some apps need to have access
to my contacts. I get this. But they only need the name and the phone number.
They don’t need addresses, birthdays and additional notes I put in m contacts.

Sure, I could have a separate contacts app with "meta data", but this would
break the integration of Contacts in other Apple products.

2\. Photos. It is either full access or no access. For example, I don’t trust
WhatsApp. I share photos through WhatsApp by opening the Photos app, tap
share, share via WhatsApp. This works okay.

But generally speaking: why can’t Contacts and Photos have the same
sophisticated access control system like Health? Heck, make it optional for
iPhone users, but at least offer it.

~~~
tomduncalf
Looks like photos is addressed in iOS 14
[https://appleinsider.com/articles/20/06/24/apple-fine-
tunes-...](https://appleinsider.com/articles/20/06/24/apple-fine-tunes-photos-
privacy-in-ios-14-to-tailor-access-to-specific-images)

Agree tighter control over contacts sharing would be nice but I don’t think
it’s malicious on Apple’s part that this isn’t possible - they’ve quite
clearly shown they are on the side of user privacy, but they do also tend to
move at a fairly slow pace

~~~
lifeisstillgood
The choice of only allowing access to specific actual photos seems an unusual
one.

I would have thought there was a big debate in Product Mgmt over this vs the
more obvious allow an app access to a given album.

One presumes the sticking point came when someone took a photo _out_ of an
album. Does that mean they are explicitly removing access? I don't see it as a
huge issue... maybe there is some kind of technical hurdle involved as well,
otherwise the choice seems unusual

~~~
iso1631
Do normal people really use albums? Other than the autogenerated ones I have a
single one, from 2013.

~~~
jtbayly
Nailed it. Using albums is the engineer’s answer to what is technically best.
In the real world it doesn’t work because nobody knows how to, much less
actually uses albums. And even if you do, what are the chances you have an
album with exactly the photos you want to share? So you’ve got to select the
pics you want anyway, but now you’ve also got to create an album first to put
them in. It just adds to the work and confused and irritates people.

------
PatrolX
Here's a test you should run.

Create a bitly account if you don't have one and login and create a bitly link
for anything, it doesn't matter what it is.

Copy that bitly link to your clipboard and repeat what you're doing in that
video.

Monitor the bitly link for clicks.

Better still do it on a website you control with a unique URL that won't get
indexed by a search engine and monitor the web server log files for hits and
keep a record of the IP addresses.

~~~
xvector
It is honestly still kind of crazy that Apple still hasn't fixed this gaping
hole in their security model, along with others. A notification is not solving
the problem.

I wonder if Apple is playing 4D chess here though. As people learn about this,
they will become outraged and care more about privacy. This in turn benefits
Apple since that's their marketing stance.

I wish they just cut the bullshit and fixed these holes though, they've been
around for years. It's really depressing to see Apple's fantastic security
work in other parts of the stack be completely and utterly compromised by OS
design decisions like this.

~~~
greggman3
Agreed. Reading the clipboard should require the user to choose "paste" just
like the browser does. You can't read it unless the user expressly trying to
paste into your app.

~~~
dylan604
JavaScript can manipulate the contents of your clipboard without any
interaction from the user. It's not just apps that can do this.

~~~
greggman3
Manipulating the clipboard is not the problem, reading it is. AFAIK there is
no way to read the clipboard from JavaScript without user interaction. If
there is please post a repo.

It used to be true but all that was fixed like 10 years ago.

~~~
spideymans
I’m curious, how does Google Docs paste from the clipboard when I click the
“paste” button from within the Google Docs UI?

~~~
shakna
Reading from the clipboard is allowed on a user-triggered event.

It's somewhat similar to how Firefox has disallowed auto-playing videos except
on user permission or a user-triggered event.

Which has been mostly worked around by the bad actors, who use things like
mouse-over or scroll to trigger the event.

~~~
gorgoiler
> user-triggered event

“Click _Reject All Cookies_ to exercise your GDPR rights!”

~~~
andy_ppp
This is a really good point. Those popups are disgusting and this is yet
another reason to not disturb your users. I'm fine with a button in the footer
of every page to do this, I think displaying a popup for this is terrible and
I won't do it unless compelled to. Does anyone know what the rules are, I
think they are much vaguer than most people suggest.

------
llacb47
Using fiddler I briefly looked and didn't see tiktok sending my clipboard
contents anywhere.

Edit: However, tiktok is one of the chattiest apps I've looked at. They have a
huge number of tracking/logging/collection endpoints constantly slurping data
in the background. See my hosts list which aims to block this:

[https://github.com/llacb47/mischosts/blob/master/tiktok-
host...](https://github.com/llacb47/mischosts/blob/master/tiktok-hosts)

~~~
xvector
Genuine question, why don't companies proxy tracker data through a single host
that the app also depends on to serve data?

That way it wouldn't be possible for users to block individual hosts to
prevent tracking. I guess it's not worth the effort though because laypeople
won't care either way?

~~~
cleverpebble
Most trackers are 3rd parties that require you to go through their hosts.
Additionally, these trackers are usually picked out by business analysts /
product managers on different teams - so marketing my have their own tracking
solution, sales might have their own, and engineering might have their own.
Tends to be faster/easier to plop javascript on a page than engineering your
own tracking/analytics pipeline at early stage startups

~~~
Xorlev
> Additionally, these trackers are usually picked out by business analysts /
> product managers on different teams

This. I remember at my last company, we ended up with 8 or 9 different
analytics tools all getting different data and showing one or two "cool views"
the PM had put together.

It's such a big problem that solutions like segment.io exist to broker your
events to N different downstream solutions.

Truly, this is the darkest timeline.

------
speedyapoc
I know there are a few apps which will check the clipboard in order to provide
functionality to the user. For example, some shipping apps will check the
clipboard to see if the user has a copied tracking code and if so, ask the
user if they want to track their copied code.

Not sure if TikTok does something similar, but there are certainly innocent
reasons for checking the clipboard.

~~~
patrickyeon
I'm disappointed that so many people think "hey they could just be doing this
for innocuous reasons" instead of "oh maybe nobody should be doing this even
if it's the absolutely most straightforward way to do it."

Even _if_ you're only looking for a shipping tracking number and then _only_
so that you can provide useful auto-populate, will you lose out by only
checking the clipboard when the user hits your text input field? Is it that
much to ask that you find the least offensive way to serve your user?

On the other hand, what will you lose when the news gets out that you've
created a keylogger? What about when someone else at your company pushes you
to monitor for something else for strategic advantages? Or what about when
another developer doesn't understand the implications and now your app is
responsible for revealing passwords or other sensitive information? Are all of
these worth saving one click?

~~~
greggman3
This is a OS bug not an app bug. You can't expect millions of app developers
to get this right. An app should not be allowed to read the clipboard until a
user chooses to "paste". That's on the OS for allowing this behavior. It's
silly to think that making it possible to read the clipboard at any time that
some how all millions of app developers will use it correctly even if they
have no malicious intent.

~~~
013a
A high speed collision happens on a freeway, killing both drivers. This is a
car manufacturer bug, not a human bug. You can't expect millions of drivers to
get driving right. A car should not be allowed to drive fast.

How about: stop apologizing for billion dollar corporations. Fault can be
placed on both the OS and applications. I expect better, from everyone.

~~~
greggman3
The difference is one problem is trivially solvable. If an app isn't allowed
to read the clipboard the problem is solved. Smart people choose solutions
that actually solve the issue when those solutions exist rather than just
making some guideline and praying people read it.

~~~
jamaicahest
Companies developing apps should be held accountable for their decisions, i.e.
spying on the clipboard in this case. Don't excuse them with the reason "well
it was easy to do, so it's ok" that's like saying "well my car was stolen, but
it was easy to break the lock so it's ok"

~~~
kkarakk
By this logic, how do you trust Apple? they're a famously blackbox company
with access to all your data. just because they say they're not data mining
you, doesn't mean they are not.

slippery slope arguments go all the way to the bottom

------
OldHand2018
In the coming days I feel as if we are going to see a lot more threads about
the new privacy features in iOS 14. Apple has a video overview of a lot of the
new stuff [1]. I suggest watching it (at 2x speed - they talk very slowly).
Especially at 16:30 where they emphasize that SDKs are part of your app and
that you the developer are fully responsible for the data collection of any
SDK you include in your app. This is going to be a huge problem for a lot of
developers.

[1]
[https://developer.apple.com/videos/play/wwdc2020/10676/](https://developer.apple.com/videos/play/wwdc2020/10676/)

~~~
aneutron
That's it. I'm switching to iOS. Android is like child's play when it comes to
privacy compared to the features introduced just in this version of iOS. I'm
sure I'll hate the lack of customizability but at least the privacy features
are solid.

------
harpastum
It looks like there could be a reasonable explanation for this. There are apps
that have different behavior whether or not there is text in the clipboard
(e.g. enabling a "paste" button), and they're only checking that the text
exists, not what it is. There's a new API that will let devs do that without
triggering the user notification.

If TikTok is actually constantly loading the clipboard, that's obviously
terrible. I'd bet this behavior is gone by the next release, and that shows
how useful this new notification is.

Same issue with notes from that app's developer saying what's going on and how
they will fix it:
[https://twitter.com/ecormany/status/1275903947899797505](https://twitter.com/ecormany/status/1275903947899797505)

~~~
_bxg1
> There are apps that have different behavior whether or not there is text in
> the clipboard (e.g. enabling a "paste" button)

People keep saying this but I've _never_ seen one of these app-specific paste
widgets. And even if I did, I wouldn't miss it in the slightest for the sake
of not allowing _every app to be reading my clipboard at all times_.

It's inexcusable to me that there isn't a permissions prompt for this. Two of
my most common types copy-pasted strings are URLs and _passwords_.

~~~
jborichevskiy
> I've never seen one of these app-specific paste widgets

IIRC having an address (or address-looking string) in your clipboard will
cause it to show up as the first result on the search screen in Google Maps.

~~~
guug
So google also sends the contents of my clipboard to their servers when I use
their app? Wonderful.

~~~
xvector
I can't imagine being one of the PMs/higher-ups that decided to allow
clipboard content to be shared willy-nilly like this. Like, what must be going
through their minds when they make decisions like this? "User experience at
all costs?" Seems contrary to their stance on privacy.

~~~
anchpop
Personally I couldn't care less about google seeing whatever junk I sometimes
have in my clipboard if it means I can more quickly go to the address I'm
looking for

~~~
guug
and I'm sure there are many who couldn't care less about the malware running
on their windows machine as long as they can browse facebook. What's your
point?

------
gentleman11
I use bitwarden as my password manager. Out of paranoia, I have been logging
into Bitwarden only while an empty tab is open in case some random website is
able to access my keystrokes while I use the plugin.

I am a web developer, but I wasn't actually able to find information about
whether this is a real risk or not last year when I began doing it. Can
anybody clarify?

~~~
riskable
The problem is that iOS doesn't differentiate between a call that merely
checks for the presence of a clipboard entry (e.g. so you can enable "Paste"
in a menu/submenu) and _actually_ copying the contents of the clipboard.

The workaround (for legitimate apps) is to simply always keep that "Paste"
option enabled--even if the clipboard is empty. That way you won't freak out
your users and only suffer the most minor of usability consequences.

Having said that I don't think TikTok has any relevant functionality such as
enabling a "Paste" option so... Most likely nefarious!

~~~
selsta
iOS differentiates between this since iOS 10:

[https://developer.apple.com/documentation/uikit/uipasteboard...](https://developer.apple.com/documentation/uikit/uipasteboard/1829416-hasstrings)

Also iOS 14 has new clipboard related APIs to further check the content
without actually accessing it.

~~~
BoorishBears
If iOS 14 adds new APIs to check, then I wouldn't be surprised if the codepath
hasStrings uses triggers the warning

The purpose of hasStrings was performance not indicating intent, so that
wouldn't be surprising

------
willhay
Crazy thing is that I would open TikTok on my phone and occasionally see a
loading dialog that said "Pasting Clipboard" (from MacBook Pro). I finally
freaked back in March and Googled it and found this...
[https://www.forbes.com/sites/zakdoffman/2020/03/12/simple-
ap...](https://www.forbes.com/sites/zakdoffman/2020/03/12/simple-apple-
security-hack-if-you-have-tiktok-on-your-iphone-look-away-now/#6d5081731d61)

------
kstrauser
iOS already prompts for other things like "app Foo would like to know your
location: Never, Only when open, Always". Users are use to this. I'd love a
popup like:

"TikTok wants to see what you've copied into your clipboard: Never, Once,
Always, Uninstall that spyware".

Then I could make informed decisions, like sure, my package tracker can see if
there's a FedEx URL in my clipboard. I'm OK with that. There's literally no
reason why I'd ever want Instagram to check my clipboard, though. May you do,
and you could give it permission.

~~~
spaetzleesser
There should also be a log “App foo has used your location at these times:
<list of dates>}

~~~
Sprakle
They actually have this, and I think its intentionally very creepy:
[https://support.apple.com/library/content/dam/edam/applecare...](https://support.apple.com/library/content/dam/edam/applecare/images/en_US/iOS/ios13-iphone-
xs-app-using-location-in-background.jpg)

~~~
spaetzleesser
Can I as the user see these logs?

------
navinsylvester
Chinese investment money is everywhere so they try to control the narrative. I
have seen for sometime that on HN, we are open to criticize but don't take a
standpoint unless its something to do with western government.

I think this is due to the flame war or rating system of HN, where active
discussions are relegated to oblivion. Instead of trusting biased and funded
media - we here need to introspect, without us being silenced.

May be we are mostly left so we don't have a much stronger opinion unless its
right - is that the case?. Just curious - why the slack?.

------
Abishek_Muthian
Apps abusing clipboard can steal the passwords from the password managers when
user copies it and associate with the user account via parallel construction.

e.g. Time of stealing password from clipboard + time of my HN comment.

I've been long weary of this, android 10 has made some changes like allowing
only IME & in-focus apps to access the clipboard. Not a fool-proof way to
prevent the issue.

One more reason to destroy app duopoly, switch to pure Linux OS [1][2][3] and
force app publishers to stick with web apps/PWA with more user control.

[1][https://store.pine64.org/product/pinephone-community-
edition...](https://store.pine64.org/product/pinephone-community-edition-
ubports-limited-edition-linux-smartphone/)

[2][https://postmarketos.org/blog/2020/06/15/pinephone-
postmarke...](https://postmarketos.org/blog/2020/06/15/pinephone-postmarketos-
community-edition/)

[3][https://puri.sm/products/librem-5/](https://puri.sm/products/librem-5/)

~~~
brianush1
Apps can still read the clipboard at any time they want on Linux. A pure Linux
OS is definitely better, but for other reasons.

------
makecheck
Perhaps there should be a separate security level for “access whatever was
just Copied in the last 4 seconds, if the only other action taken was to
switch to the app requesting the clipboard”. Almost any app could clear that
bar, since under those conditions it probably means “user grabbed something
and wants to use it here”.

What is the use case for “read whatever was copied from anywhere for any
reason at any time”? If there is one (e.g. full-fledged word processor maybe),
that should _still_ be a separate entitlement and require a higher bar, e.g.
extensive app review.

~~~
vsareto
That's probably not going to work well because people use devices at different
speeds

------
vxNsr
Appears that a lot of third party apps are just using an older api that forces
this notification to show. a lot less nefarious than it originally appears.

Seems that iOS14 offers a specific new API to check if there's something on
the clipboard without actually seeing it which is what all these apps are
trying to do.

~~~
RandallBrown
The API to check if the clipboard has contents has existed since iOS 10.

> Starting in iOS 10, the UIPasteboard class provides properties for directly
> checking whether specific data types are present on a pasteboard, described
> in Checking for Data Types on a Pasteboard. Use these properties, rather
> than attempting to read pasteboard data, to avoid causing the system to
> needlessly attempt to fetch data before it is needed or when the data might
> not be present.

[https://developer.apple.com/documentation/uikit/uipasteboard](https://developer.apple.com/documentation/uikit/uipasteboard)

~~~
cynix
That doesn’t seem to stop the app from checking for, say, string content, and
getting access to a copied password.

------
waltpad
I wonder how the clipboard API could be fixed.

I suppose that the current scheme is that apps are monitoring paste events,
and when it happens have a look at the clipboard for copied data.

Perhaps the clipboard shouldn't be visible at all, and only when the user
decides to paste content should the targeted app receive a "paste" message
with the copied data (or perhaps some more complicated selection mechanism
with a list of recent copies à la emacs). This would essentially merge the 2
steps process outlined above into a single operation.

It's probably more complicated than that though.

~~~
wslh
I think we should have some kind of "clipboard firewall" where you can
restrict if a clipboard copy operation in an app X could be pasted in app Y.

We have developed a free Windows app and will release it soon.

------
nullc
I was shocked to find out that firefox enabled websites to access the
clipboard sometime in the last five years or so. .. and I'm left stressed out
that I could have had important passwords or key stolen this way.

This can be disabled by setting a preference:
[https://www.ghacks.net/2014/01/08/block-websites-reading-
mod...](https://www.ghacks.net/2014/01/08/block-websites-reading-modifying-
clipboard-contents-firefox/)

~~~
lucasmullens
Firefox prompts for your permission to read from the clipboard:
[https://developer.mozilla.org/en-US/docs/Mozilla/Add-
ons/Web...](https://developer.mozilla.org/en-US/docs/Mozilla/Add-
ons/WebExtensions/Interact_with_the_clipboard)

But I'm not sure if that's always been the case.

~~~
gruez
that's for addons, not websites

------
ogre_codes
I'm certain Apple knew in advance that a fair number of apps would trip this
up and which ones were going to run into issues in advance. It's interesting
that they went ahead and turned this on immediately without warning developers
it was coming. Perhaps they wanted people to see what they were preventing.

~~~
xsmasher
This is in a beta of iOS14. It's expected to have changes, sometimes breaking
changes.

This is the beta process working exactly as it should.

------
pdimitar
I applaud Apple for the continued privacy efforts, including finer-grained
Photos access (linked by another poster in this thread:
[https://appleinsider.com/articles/20/06/24/apple-fine-
tunes-...](https://appleinsider.com/articles/20/06/24/apple-fine-tunes-photos-
privacy-in-ios-14-to-tailor-access-to-specific-images)).

But at the same I can't help but be bitter. The smartphone scene is very
active ever since, I don't know, 2011? All the companies and shady information
dealers have gathered _mountains_ of private information.

Is this not too little, too late? This would have been welcome at the iPhone 5
release. Nowadays I wonder what difference would these measures even make.

~~~
Majestic121
It is steps in the good directions, and as far as I know they are way more
advanced than Android on this point.

Those features would have been welcome a few years ago, that's for sure, but
let's not blame them now that they do what's right.

What's out there is already out there, you're right, but we can hope that
those shady information dealers will have much more trouble in the future.

~~~
pdimitar
> _It is steps in the good directions, and as far as I know they are way more
> advanced than Android on this point._

I have the same impression. Which is saddening because I thought of going back
part-time to Android and experiment with homelab builds and p2p architecture
with a few spare Android devices. But I am not comfortable with how much and
lower-level Google and the phone's vendor have and I am sure that no matter
how I secure an app with access to photos/contacts/etc. then the kernel could
likely still extract the info it needs... Don't know, but I am quite paranoid
about smartphones lately.

> _let 's not blame them now that they do what's right._

Agreed. Better late than never. I simply feel that marketing trumps privacy
concerns here. Apple wants to have what to brag about every year so features
that should come once every 2-3 months are coming annually instead.

------
thekyle
It does make me wonder how many apps on Android also do this and go completely
undetected. Hopefully Google adds something similar.

~~~
yen223
In my Android 10 phone, if I copy a piece of text that looks like an address
and open Google Maps, Google Maps will immediately offer the copied text as a
search option. Google Maps doesn't do this if I copied, say, some random
numbers.

I'm not sure how the Google Maps app can do this without snooping at my
clipboard.

~~~
jankiehodgpodge
I'm pretty sure that's the OS itself analysing the highlighted text and
offering suggestions on which app to open it with.

------
dreamcompiler
TikTok is known to be Chinese malware. Is anybody on HN surprised by this?

[https://www.military.com/daily-news/2019/12/30/army-
follows-...](https://www.military.com/daily-news/2019/12/30/army-follows-
pentagon-guidance-bans-chinese-owned-tiktok-app.html)

~~~
kpennell
I know this and I get it....but damn it's so much more entertaining than
Instagram now. The content is more varied, more raw, and the for you page
filtering is so well-tailored.

------
mobilio
hm... seems that privacy issue: [https://developer.apple.com/app-
store/review/guidelines/#pri...](https://developer.apple.com/app-
store/review/guidelines/#privacy) can led to ban from AppStore

~~~
dan-robertson
Fortunately for tiktok, such rules only apply to small apps. They will
probably get a polite phone call from a VP asking them to please stop doing
that but noting more.

------
rurban
This needs legislation. Apps should not be allowed to inspect foreign private
content if they don't manage it. Only a few apps would need that.

That new technical solution in the beta certainly comes handy, but legislation
is better.

------
_jal
The clipboard belongs to the user. It is quite obvious how clipboard-snooping
could disclose sensitive information, and as far as writing to it, I should be
able to expect the thing I copied last to be there when I hit paste next.

I'd be in favor of banning application-initiated access entirely. I realize
this would interfere with 1PW and similar. That was always a hack, and the
fact that so many apps snoop on the clipboard is a great reason for it to
stop! Sensitive dataflows for things like passwords need far better
protection.

------
davidajackson
clipboard access should really be permissioned just like mic access etc

~~~
anticensor
Real solution is to make the clipboard behave like a channel (both must be
running and target must be on foreground), not like a buffer. No permission
mess.

------
nerdjon
Woke up this morning thinking...

There is a part of me that is little sad Apple did not just wait to add this
feature until iOS 14 released or one of the last GM's.

If only because it would be a huge wakeup call for users about what their apps
are doing and possibly collecting, instead of it all being patched out now.
Instead we are seeing basically no traction on this outside of tech circles.

------
vecio
TikTok and many popular Chinese apps, including Taobao, Baidu, and Alipay, to
name a few, snoop clipboard contents, because Tencent censors and forbids
almost all kind of links sharing in WeChat and QQ.

[https://news.ycombinator.com/item?id=23654345](https://news.ycombinator.com/item?id=23654345)

------
uptown
I've been trying to bring the clipboard privacy issue to people's attention
for awhile.

[https://news.ycombinator.com/item?id=21383241](https://news.ycombinator.com/item?id=21383241)

Happy to see it's going mainstream. I'm hopeful that iOS 14 will provide a way
to limit this behavior on a per-app basis.

------
jayp1418
At least signal messenger doesn't do this behaviour. Still keep incognito
keyboard turned on from settings for extra protection:

[https://community.signalusers.org/t/ios-14-catches-apps-
spyi...](https://community.signalusers.org/t/ios-14-catches-apps-spying-on-
clipboard/15254/2)

------
jwiley
It seems like this is nothing new:

[https://www.forbes.com/sites/zakdoffman/2020/03/12/simple-
ap...](https://www.forbes.com/sites/zakdoffman/2020/03/12/simple-apple-
security-hack-if-you-have-tiktok-on-your-iphone-look-away-now/)

------
keyle
It would be easy to see foul play here... But I can only imagine the size of
the development team behind such app and it's probably some dumb feature
commit implemented by someone who isn't there anymore that checks to insert
"Tok" every time someone types "Tik".

Or some other evil purposes.

------
BFatts
I find it interesting that people automatically assume nefarious reasons for
accessing the clipboard... If your privacy is so important, don't use
platforms you cannot trust. If that means not using a smart phone, then maybe
you will do something positive for yourself.

------
ipiz0618
Zoom, WeChat, Weibo has all been exposed of sending users' data back to
Chinese servers. Why would TikTok be different? It's already alarming enough
that a Chinese social media app is at the top of the App Store.

People need to learn to stop trusting these apps.

------
gorgoiler
Can one app copy data into the clipboard and then another app paste it out?

They could even collude behind the scenes, once they’ve communicated over the
clipboard as a channel to establish a link, to replace the original data in
the clipboEOF[CITIZEN:8EF7720=FLAGGED]

------
ed25519FUUU
This is actually a big reason why I always prefer to use the mobile site
instead of the app. The modern browser treats the web much more as an “unsafe”
place. Not to mention I prefer standard ways to do things like “go back”. Plus
you get Adblock.

------
Ptrulli
Do most of these apps mention this in their privacy terms? I would imagine
it's somewhere in there, but who has the time to read all of that. This
reminds me of HEY.com Apple is following suit in terms of notifying the user
on privacy...

------
deadbacon
Lyft is doing the same thing. But it seems the frequency is lower compared to
TikTok

~~~
guug
People were saying the Google Maps also does it.

------
ngold
Why is this still on their store? I assume it breaks their walled garden
approach. It seems Apple is putting kids at risk, in fact it looks like kids
are having their privacy actively abused.

------
teekert
My bank (bunq) offers me to pay the iban (european bank account number) as
soon as I open the app with an iban on te clipboard. That's the same, isn't
it?

~~~
giarc
In the twitter video Tik Tok is pasting _from_ Instagram though. I also don't
know why Tik Tok would be looking for text on the clipboard (to be fair I've
never used Tik Tok though).

------
jasonlingx
I use Bitwarden on my iPhone and sometimes copy passwords to the clipboard for
some reason. Does this mean any app could have snooped on it without me
knowing before?

~~~
scarlac
Yes, that's probably part of the reason why 1Password clears the clipboard
after a minute or so

~~~
jasonlingx
That’s crazy. IOS prompts before giving apps your location, clipboard data is
many times more sensitive

------
kinnth
Is it even clear whether this data is being sent back to Tiktok or any company
or is it simply to check for activating keywords to add app functionality?

Is it all done locally?

------
maartn
It’s a shame that this turned into a discussion about iOS. It’s still the
burglar that’s faulty, not the homeowner that leaves a window open

------
coronadisaster
LoL... Why doesnt it block it in addition to revealing it? I don't think that
it would break any features that I want to use.

------
dana321
It also revealed to me that that Dropbox was tracking my location in the
background while i was traveling on a train..

------
giancarlostoro
I wonder what this sort of spam does to your battery life. This really should
be a permission configuration.

------
beamatronic
Why does any app have access to the clipboard? Seems like a big security hole.

~~~
csa
In order to know when you should enable the paste option.

It can be an elegant design choice, but also a design choice that appears to
be or is an abuse of privacy.

~~~
landryraccoon
Couldn't IOS just have a peek API that tells the application if the clipboard
is empty or not without revealing it's contents?

~~~
RandallBrown
They've had one for several years.

[https://developer.apple.com/documentation/uikit/uipasteboard...](https://developer.apple.com/documentation/uikit/uipasteboard/1829416-hasstrings)

------
andrewPP
It might be that an API that many of these apps use is using this feature.

------
etaioinshrdlu
Yet another reason web apps are generally better for security than native!

------
feelix
if only they'd do this for apps accessing the microphone, or do the same thing
as they do with the camera making the application visibly request access

------
NN88
Apple is really setting the tone.

------
andy_ppp
Is there any logical reason to do this apart from harvesting things people
have copied. Seems purely evil to me?

------
KaoruAoiShiho
Hopefully we can turn this off, this is going to destroy usability be very
annoying.

~~~
adamhearn
You mean so you can snoop from the user without being detected?

~~~
KaoruAoiShiho
There are a lot of valid usecases for clipboard saving, I don't have an iOS
app but I run CopyClip which would be kinda ruined by this "feature".

~~~
remmargorp64
Then there should be a setting that has to be manually approved to allow the
clipboard interactivity feature.

I use a password manager on my iPhone and I am copying and pasting my
passwords all the time. If some random app is scraping my clipboard silently
and sending the data to a third party, that means my passwords are
compromised. I am very much NOT OK WITH THIS.

Keep in mind, this permission should be fundamentally different than the
permissions for just manually copying and pasting. I don't want to have to
deal with permissions to "allow clipboard use" that I have to approve every
time I want to paste something. That would be obnoxious. I am only worried
about restricting permissions for invisible passive snooping.

------
jedberg
Here is an explanation from a 3rd party reddit app developer:

tl;dr: Since Apple doesn't give a way to open URLs in 3rd party apps, he
inspects the paste buffer for reddit URLs, but he aptly points out that he
could read anything in the paste buffer if he wanted to:

"Hey! I make Apollo for Reddit and a few people asked me about this and if
Apollo does anything with the clipboard so I wanted to answer.

Since iOS doesn't have a mechanism to open URLs in a specific third party app
Apollo has a feature where if you open the app with a Reddit URL on your
clipboard it'll offer to open that URL in Apollo, I think I copied this from
Instapaper awhile ago. This does cause a potentially creepy looking
notification with Apollo sometimes, but just wanted to explain why/what it's
doing. It's literally just like "Hey iOS, is there a URL on the clipboard? Oh
there is, is it a Reddit one? Okay cool let me ask them if they want to open
it." Obviously at no point does anything else happen like it leaving the
device or anything. It'll show this banner even if there's not a Reddit URL
because it needs to check the URL to see if it's a Reddit URL in the first
place. Schrodinger's Reddit URL.

But the clipboard API (prior to iOS 14) was very open, as someone else said,
what if medical records were on your clipboard as text? Well in Apollo's case,
that doesn't qualify it as a URL, so it wouldn't even "look". (And even for
URLs, it doesn't store a list of them even on the device, it just opens it if
you ask to, and then saves the most recent URL so it won't keep repeatedly
prompting you if you say no.)

But that doesn't mean other apps couldn't be! They could be doing some Creepy
Shit™ so I think this API change is good. It means I'll have to be more clear
with Apollo doing this, and I've already had a few Apple engineers reach out
with ways, but I think it's a very good change for user security."

From:
[https://old.reddit.com/r/apple/comments/hejb9i/ios14_catches...](https://old.reddit.com/r/apple/comments/hejb9i/ios14_catches_apps_spying_on_your_clipboard/fvscjyz/)

~~~
unityByFreedom
We need an answer from TikTok not Apollo.

~~~
jedberg
Of course. The point is there are legit reasons for this to happen.

~~~
xvector
Sure, and the counterpoint is that those legit reasons are not worth the
breach of privacy. The average user is horrified when they learn this happens,
and "just trusting the developer to not abuse your clipboard" isn't an
acceptable security model.

~~~
jedberg
I agree. It’s also why they changed the api.

------
MintelIE
We can expect every security hole possible to be exploited by these Chinese
military apps. Heck, Fortnite intalls a rootkit on your PC for "anti-cheat"
and that's even more egregious, yet it is allowed. The situation on Android is
probably worse, most apps request access to everything these days and users
are afraid to say "no" because of fear of breakage.

------
hilyen
This is unacceptable.

------
ferest
running old app on new OS can cause unpredicted behavior is normal, and here
is assuming it is not iOS14 bug

~~~
RandallBrown
iOS 14 added this feature (the clipboard notification) to catch this type of
behavior.

It's _possible_ that TikTok isn't doing anything and this is a bug, but it's
more likely they're using the clipboard in a way they shouldn't.

------
triceratops
Let's be real. Is anyone honestly surprised?

~~~
rhizome
"Surprise" is not a good standard for concern.

~~~
avh02
Depends on what you're doing, driving or flying - you don't want surprises,
they'd definitely be concerning. Privacy too in my opinion.

~~~
rhizome
You're driving along and get t-boned by a semi. Someone says, "I don't know
why anybody's surprised, the crash happened at an intersection where two roads
cross perpendicularly, and vehicles are traveling on those roads," are you
going to nod at their profound observation?

------
itsbits
Apple is fine with this but have a problem with hey.com's own charging
structure!!!

------
austincheney
TikTok users seem to be incredibly young, like children, so I doubt they care
their privacy is violated.

------
ycombonator
Chinese Communist Party [1] [1] [https://www.vox.com/open-
sourced/2019/12/16/21013048/tiktok-...](https://www.vox.com/open-
sourced/2019/12/16/21013048/tiktok-china-national-security-investigation)

------
statictype
Whats the point of having an App Store as the gatekeeper for installing apps
if you aren’t going to catch this shit?

~~~
CardenB
I believe iOS14 has features to detect this:
[https://www.reddit.com/r/apple/comments/hejb9i/ios14_catches...](https://www.reddit.com/r/apple/comments/hejb9i/ios14_catches_apps_spying_on_your_clipboard/)

~~~
statictype
Yes - I mean why hasn't the App Store review process already caught this in
previous versions of iOS? Why do we need to wait for the technical capability
to be surfaced to users?

How are we supposed to know if the app's continuous request for clipboard
access is ok or not?

I feel like that was literally the only value-add in the App Store review
process and the fact that its a feature in iOS seems to indicate that Apple is
throwing in the towel here and saying "we don't know if this is a privacy
issue or not so we will just notify you about it".

------
lxe
Is this really news? Google maps suggests to navigate to an address you copied
to the clipboard. No app should have permissions to access the clipboard
without you explicitly selecting 'paste'

------
spaetzleesser
I think in general operating systems shouldn’t just ask the user for
permissions when an app wants to do something. But they also should provide a
log about when, to what extent and how often apps are using that permission.
For example when I give an app permission to read message I still have no clue
how often the app does it.

------
product50
This is the problem with Chinese apps. You just can't rely on them. They
simply don't have the same principles of privacy like US companies do. Even
Facebook won't do something like this.

~~~
filleduchaos
Plenty of US companies build apps that do the exact same thing (checking your
clipboard).

~~~
xbar
Do you like TikTok reading your clipboard?

~~~
filleduchaos
I don’t even have a TikTok account. I simply pay enough to have realized a
long time ago that the contents of the system clipboard are available to the
application that’s in the foreground on pretty much every OS I’ve used. Hence
I have no need to jump to pearl-clutching xenophobia over it.

------
bigphishy
As society cannot allow this impunity of powerful corporations, a nation-state
sponsored Corporation in this case.

Why do members of our own society not know the negative effects of using this
technology?

------
bigphishy
Fu*king A... uh maybe we need to make Open Source required by law... just
anything but this.

WE as society cannot allow this impunity that is occurring by a very well
powerful corporation, a nation-state sponsored Corporation, no less. Where
does it end? Why do we allow this to occur? Why do members of our own society
not know the perils of using this technology?

~~~
opan
Finally someone tackles the real issue here. You can't trust proprietary
software, no matter which country or company is behind it. Aim for free
software instead of putting your trust in a company's black box.

------
grecy
Fairly impressive if true - they must have already gobbled up tens of millions
of passwords and other sensitive data that users had no idea was being stolen
from their clipboard.

~~~
radomysisky
To the coffers of the CCP.

~~~
dang
Since you're obviously using this site primarily for ideological battle, and
that's against the rules here, we've banned the account.

No, not because we're communists. Rather, this is an existential issue for HN:
if we want to have a forum for curious conversation, we have to limit the
amount of damage people can inflict on it in this way.

Please don't create accounts to break HN's guidelines with.

[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)

