Hacker News new | past | comments | ask | show | jobs | submit login
LinkedIn is copying the contents of my clipboard on every keystroke (twitter.com/doncubed)
928 points by dondonleroy on July 2, 2020 | hide | past | favorite | 360 comments



An explanation from LinkedIn:

https://twitter.com/eberger45/status/1278843576638570496

------ Hi @DonCubed . Appreciate you raising this. We've traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box. We don't store or transmit the clipboard contents.

----------

An example of this is in a library we have open sourced, and you can find the fix here [https://github.com/linkedin/Hakawai/ (https://github.com/linkedin/Hakawai/pull/161/files/3881de368...). We will follow up once the fix is live in our app.

-----------


This should be higher, above all of the mobs teething for vengeance. It’s an innocuous comparison of text input to the pasteboard to prevent unwanted autocorrect insertions.[0] Probably the same code used by TikTok too.

the code and and comments are here: [0] https://github.com/linkedin/Hakawai/pull/162/commits/c3f8958...


LinkedIn (Microsoft) is a company that previously used man-in-the-middle techniques to move people's private emails to its servers.[1]

People no longer give them the benefit of that doubt because of the reputational damage these previous violations have caused.

They should stop making "innocent" mistakes with other people's privacy and deal with this more professionally at the highest levels.

If they don't people will continue to jump to the conclusion that this sort of activity resembles criminal behaviour.

[1] http://www.pcwelt.de/news/LinkedIn_liest_Ihre_E-Mails_mit-In...


Sure, I get it. LinkedIn's email plugin thing was a security nightmare. But in this case, the code is right there!

Take a step back and look at the entire forest: The outrage is over an app accessing data specifically designed to be shared across applications. That's what Copy fundamentally means- make this thing globally available to all my programs. You can poll pbpaste/xsel in your terminal and generate a log of the clipboard buffer without any privileges. Does this mean an untrustworthy app could, in theory, snoop your plaintext password copied from a password manager? Sure, but that's a separate discussion.

Ask yourself, does it make sense to implement clipboard snooping in a way that polls the pasteboard on every keystroke while an input form remains in focus? No, that's weird, there's obvious bug stench. LinkedIn may be nefarious, but defaulting to instant outrage and lack of critical thinking is the real concern here.


> That's what Copy fundamentally means- make this thing globally available to all my programs

Wouldn't that be:

Copy means- "make this thing go into MY clipboard".

Paste means- "make my clipboard available to THIS application".


Copy and paste are application-level interfaces; the operating system holds the data, but has always given it up on demand. I've actually seen some applications that use the clipboard as an IPC mechanism (most recently, a Python application, I don't recall what for, was wiping URLs from my clipboard to see if it was already running)


Historically, yes. But in a world of mobile OS with permissions everywhere, it would make sense to deny full read access by default.

I may be wrong but I thought that even websites cannot access clipboard content except in write mode. Even, I remember that long ago, a Flash script was commonly used to be able to copy stuff into it.


No it's not, and your thinking is completly bad from privacy standpoint.

PASTE operation is where I give consent, to MY clipboard content. Not COPY. Thinking that COPY gives consent is like all the ideas that i-take-user-date-unlsess-user-opts-out . It is not fine.

You shall NOT paste without my permission.


I am describing how things are; you are describing how you want them to be.


Do not forget the hiQ Labs case where they have alleged CFAA violations against someone scraping public data.


Seeing the mob mentality surrounding this is honestly scary. All the top voted comments have pretty much decided that this is used for nefarious purposes, with absolutely zero evidence. Same goes for TikTok and the DDG favicon saga from yesterday. Whatever happened to Occam’s (edit: Meant Hanlon's) razor?


Eh. It’s like I already punched you in the face 9 times. The 10th time I’m making a punching motion, you’re probably going to duck away. Even if I wasn’t going to punch you, but instead giving you an ice cream.

If you’re a shitty company (TikTok, LinkedIn) people are going to assume you’re acting shitty when it looks like you’re acting shitty.


Yeah, it's like The Boy that Cried Wolf - sure, people shouldn't jump to conclusions, but if we're shown something enough times it's easy to become conditioned to a particular expectation.


> Whatever happened to Occam’s razor?

The reaction from people in this thread is the result of occam's razor.

If site is caught doing shady things repeatedly over the years and then another shady thing is revealed. Most likely/simple explanation is that they are doing jet another shady thing.

Same goes for TikTok and Zoom for me.

Not sure what DDG saga you mean, i must have missed that.



LinkedIn's business model is base around surveillance.

DDG's is specifically based around providing services without surveillance.

So if DDG make a mistake I give them the benefit of the doubt because I can see it's in the their interests to fix that.

If LinkedIn make a mistake, based on previous behaviour, I assume that the mistake was getting caught and that another mistake will be announced any time now.

I don't use LinkedIn for this reason.


Linkedin has been doing lots of bad things before, like asking for users' email passwords. Occam's razor applies, and it's to Linkedin's disadvantage. By the way, maybe you mean Hanlon's razor (never attribute to malice that which is adequately explained by stupidity).


I uninstalled the Linkedin app like 30 minutes after first trying it a couple years ago because it was bombarding me with useless notifications.

Then on the Microsoft purchase they redid their site in some crap javascript framework that keeps reloading elements and is 3x as slow as the previous version of the site.

I didn't even assume malice when i read the article title, i assumed incompetence.


Just, no. There is NO possible excuse for accessing my private clipboard buffer without my involvement - as a result of a direct action I have overtly initiated.


If there is no legitimate reason for it to happen, should this be prevented at the OS level?


Yes. People copy passwords, SSNs, crypto wallet secrets, and more in a clipboard that pretty much any app or website or system service can see without permission. I'm surprised we haven't seen more attacks on it, honestly.

I have long wanted to build a secure multi-clipboard, one where you can copy with Ctrl+shift+1, ctrl+shift+2 etc and paste with Ctrl+1 and Ctrl+2

It would keep those hidden from any app until explicitly pasted. I was thinking you could co-opt the system keyboard to get the same functionality, but it clears the system clipboard instantly after any copy/paste.


Hmm good idea, maybe you can integrate that into Klipper:

https://userbase.kde.org/Klipper


> An example of this is in a library we have open sourced, and you can find the fix here

This reads for me like:

As an example of this I go to the shooting range every Friday, just for fun, as you can see it on this picture I published on FB, that's why I didn't shoot my neighbour.

He may be right, but that's not an evidence. And we are talking about a company acting like a con man since ages.


> He may be right, but that's not an evidence. And we are talking about a company acting like a con man since ages.

I don't have any reason to not believe their explanation. And I don't think my clipboard is useful to them for anything else. Many other apps are doing it as well and a few of them gave the same explanation.

But, that doesn't mean that copying clipboard is a good idea. I don't like any app to copy my clipboard. I also don't like it that apps/companies don't respect any boundaries unless it's forced/blocked by the OS. They just try too hard to reach where they don't need to reach.

If there wasn't enough restriction from the OS, surely someone has already came up with a "creative" idea to detect spammers using front camera or reading device storage and a lot of apps were using it. I don't like it that companies aren't sensitive about user rights and what users feel about what they are doing.


> I don't have any reason to not believe their explanation.

Why not? They've been engaging in very, very dark gray area things before.

> And I don't think my clipboard is useful to them for anything else.

Don't you ever copy paste anything mildly interesting, like email-addresses, phone numbers to add to your address book, form contents before submitting a form in case the site is terrible and resets the form on error etc? I'm sure they'd love to get their hand on that information, as it'll allow for data mining to better "understand you".


So we should turn our pitchforks on Apple who designed textbox component that needs hacks for autocomplete AND not tested updates with apps to notice this spammy useless notification.


Why would they do this check all the time, rather than just at the moment the text box contents changes?


New fingerprinting technique or clipboard data used to expand a user's shadow profile?


Such explanations are not reassuring. The problem for me isn't whether LinkedIn is actually using the clipboard, it's the very fact that they have access to it and can do that in principle. Why do apps even have unrestricted access to the clipboard? Do we give apps unrestricted access to cookies? No.


Actually we do. Any app that uses the in process embedded web view on iOS has access to anything that you enter on the website including passwords and they have access to cookies. You might expect that from Chrome but what about your RSS news reader?

My preferred news reader Feedly uses the out of process embedded WebView so its a moot point.


Many other apps are doing this as well. At this point, I think anyone that uses this technique should be very transparent about this and explain it to users or just remove this feature. Otherwise, it's too late when a tweetstorm is out.


LinkedIn has a history of acting like a cretin: multiple data breaches, dark patterns where they don't fix their buggy mobile site and just put up a disclaimer "problems with the mobile site - download our app" (just so that they can harvest a wider range of data).

I managed many marketing campaigns on Linkedin over the years and spent thousands each month on the platform as a corporate user. If you think that paying for the service you'd be excluded from their shitty ads and get more granular opt-out features than under a free-subscription model - but nope.

they have literally done nothing to deserve any trust from their users. People still use it because they tell themselves "I might need it one day when I look for a job". That's also wrong - if you're doing it right you build good social connections in the real world because most (if not the only things) you get from LinkedIn is scams.

The only upside where I find LinkedIn useful is for OSINT purposes. It's very easy to find all types of people there and get a rough picture how companies are run (what their employees are working on and what security problems that might imply) and build what the recruiting industry calls talent-maps (competiter analysis) which can be useful in infosec for threat & counter-intel. But it has 0 value for any legitimate purposes (that they advertise the service for).


We were trying to recruit via LinkedIn for our startup but soon realized what a shitty business model LinkedIn has.

We had to pay around ~5,00EUR for each and every click on "Apply" to our job posting, which doesn't mean they even filled out the form.

And now, where LinkedIn is full of Indian scammers (not meant in a racist way, but it is definitely perceived that way) we had costs for a "Local Area" limited job posting for hundreds of people from India because they seem to use LinkedIn via proxy.

When we had costs of over 2800EUR for an ad that was displayed less than 8 days, where literally 100% of people were not even from Europe, we decided to fuck this shit and move on to other platforms.

LinkedIn is absolutely useless. Use University job sites, local meetups (during non COVID times, of course), or open source projects to identify devs that actually care about code.

Also, stackoverflow talents is useless. Their "special startup package" of getting access to the platform for 2500EUR is only for one user, limited per email and phone number, not allowed to login in parallel. Every job posting costs additional 400EUR even if nobody applies for it.

You get nothing, as over 90% of people we have actively talked to are not even looking for a job and never clicked that on any stackexchange platform.

I didn't realize how fucked recruiting is. Srsly, somebody needs to fix this.


> Srsly, somebody needs to fix this

I've lost count of the number of devs I've spoken to, over multiple decades, who are convinced recruitment is ripe for disruption. I'm sure everyone else has the same experience.

And yet, recruitment's still here, more or less unchanged. At this point I'm pretty sure recruitment has always been terrible, and will always be terrible. There's some perverse incentive buried deep in the process that can't be shaken out. Or something.


> And yet, recruitment's still here, more or less unchanged. At this point I'm pretty sure recruitment has always been terrible, and will always be terrible. There's some perverse incentive buried deep in the process that can't be shaken out. Or something.

It probably won’t be solved by tech folk as it’s a squishy people problem that’s hard to quantify (case in point: threads on HN bemoaning robotic HR processes att FAANG)


> it’s a squishy people problem that’s hard to quantify

And where incentives to game the process are just too high for everyone involved. Ref standard practices like CV inflation, lying about what the role will really be, hiding salary rates from both sides, manipulating entitlements, etc etc.

These problems are as old as humanity and I don't think you can really fix them with code.


Same problems with the private home rental market. If someone can figure out how to match good tenants with good landlords in a way that is hard to scam and respects privacy, they would make a lot of money.


My dad is friends with a a couple of small time landlords and rents two houses himself.

They all have stories like this. I was desperate needed to rent the place and the against my better judgement rented to this this family with no nothing. Ten years later they move out and I do the walk through and the place is spotless.

Rent another place to two lawyers with spotless credit and references and 18 months later they ghost. Break the locks and go in and.. The roof leaked. For a long time. Moldy sheet rock. Holes in the walls and literal shit ground into the carpets.

Good luck with disruption.


It would be nice to have this with payments integrated or something, but the trust aspect is a lot harder to achieve. With a service like Uber/Lyft, you have riders and drivers building a reputation over time as they can make many rides over the course of their use, each one a rateable experience for both parties. For "BetterLandlord," the _ideal_ tenant is one that sticks with one landlord longer. More use of the platform intrinsically leads to a lower incentive to use it.

Though I guess you could earn "trust points" for making payments on time, and landlords for fixing maintenance issues submitted within the app in a reasonable amount of time, there's a lot of other factors that count for a "good" tenant or landlord.


This assumes there is a lot of good players, tenants and landlords and they are just waiting for a good app which will let them find each other finally. From my experience, this market is conflict driven, there is no such thing as good landlord and good tenant.


I'm a professional earning 1.5-2.5 the average national salary. I'm moving abroad to a new city and ready to pay 20-30% of my net salary on rent. I'm paying the rent and media regularly on time and the deposit on move in. I demand apartment in the price range 5-15 EUR/m^2 per month, in comfortable standard, and the full deposit back on move out.

What invalidates me as a good tenant?

Then given my requirements above, each time dealing with rental market in any even marginally desirable city in EU, it's like being hit by a train driving at full speed...

Sure it's better to rent short term to some banana youngsters from Germany, Scandinavia or other rich countries, who come over to get wasted and get free sex, then to wreck the place. Yet it's me - a person from post-Communist country, so perceived as poor, who have a bad reputation.


> What invalidates me as a good tenant?

Nothing, I believe you are a good tenant. But this competitive market with limited resources has "perfect is the enemy of good" situation. Landlords can choose and they want perfect.


> But this competitive market with limited resources has "perfect is the enemy of good" situation. Landlords can choose and they want perfect.

The same applies to (online) dating and recruitment. The life fundaments of a perfectly average individual - housing, life partner, and employment are becoming out of reach for most. We've got a deadlock situation over here.


> Yet it's me - a person from post-Communist country, so perceived as poor, who have a bad reputation.

Honestly, I have had the same issues as a Frenchman in France, in Canada and in Belgium. I don't think it's really (or not only at least) tied to your country of origin being formerly communist or poor.


There's plenty of good tenants.


Pretty much share that sense of despair and assessment of the industry. When Aline Lerner started doing things, I was really behind her, hoping she would succeed in changing the game. But I think you're right that it's just a lot harder than even the smartest people realise.


> full of Indian scammers (not meant in a racist way, but it is definitely perceived that way)

(I'm not Indian but) the non-racist way to say that is 'full of scammers', since the scammers' nationality has nothing to do with your distaste for their behaviour.


If all your scammers are from one geographical location halfway across the world, it is fine to refer to it and you shouldn't be shamed for naming it. Lest we police ourselves into ignorance.


Only if you are having a conversation where the demographics of the scammers has relevance.

In the case of discussing LinkedIn, it doesn’t matter where the scammers are from. The adjective is redundant in this context.

In this thread, almost any other adjective would have allowed the main meaning of the sentence to continue uninterrupted (“filthy scammers”, “frustrating scammers”, “purple scammers”, “fearless scammers”). “Scammers” already includes a negative connotation. By adding a redundant adjective to an already pejorative noun, you run the risk of imparting some of that negativity onto the adjective as well. This easily leads to the perception of racism.


I don't agree with that. By giving the unique location you have indicated there is a big problem that is perhaps more solvable than it would have been otherwise, since there is a limited group of people, many who are presumably organized, in a specific location. That is something much easier for LinkedIn to deal with than a generalized trend to scam the site from around the world, presumably with a much greater variety of tactics and targets.


And if all the immigrants you don't like are from the same place?


That’s completely different, because it’s based on your personal opinion/attitude towards certain people. On the other hand, calling scammers who they are is not subjective (unless you’re falsely accusing someone).


'Who they are' is scammers, it's not relevant that some of them are Indian.

My point is that it's the same because the 'personal opinion/attitude towards certain people' is that all of them are Indian.

It's as racist as saying 'I'm sick of these Poles taking our jobs'. The truthful existence of Polish economic migration doesn't make it not a racist attitude.


No, that's still not quite right. While it removes considerations of race from the comment, it also removes context since it makes it sound as if the scamming is equally distributed globally when everyone knows it isn't.


A) If you're going to throw out blanket statements about "Indian scammers" then you need to do a little better than "everyone knows".

B) Removing the context ("Indian") from OPs post does absolutely nothing to diminish your understanding of the problem (too many scammers dirtying the pool).


I don’t know how my perception came to be like this during the recruitment time... and I’m very sorry for it. I know it’s a demographic perception and in no way I’m gonna extrapolate from that experience in future.

Also, there seems to be an Angular rickandmorty heroes-like tutorial somewhere available in the Indian speaking web, as literally all of the scammers had exactly the same codebase with various differing mistakes or variable names, but with identical structure in their github profile, and all uploaded it just a couple weeks ago.

(And they all claimed to have years of experience with it, of course)


'Indian' in this case is the geography, not the demographic. They explained that, albeit with a lot of words. 'Scammers from India' would've taken care of the whole thing. Or if they wanted to gird their loins / show their work a bit more, maybe something like 'scammers with Indian IP addresses.'


Same experience here. Wanted to expand my business and posted a LinkedIn job ad. After a week I had spent 200€ and received a bunch of people outside of Stockholm, which I specified as the location. I also received a few job applications from school teachers, car salesmen and county clerks - for a senior dev position.


> I also received a few job applications from school teachers, car salesmen and county clerks - for a senior dev position.

That's not a LinkedIn problem, it's a "I've posted an attractive job ad" problem.


If LinkedIn charges per application regardless of job fit, it's LinkedIn problem.


Sounds like a great opportunity to build a website for job seekers and companies with a more rational business model.


I used honeypot.io before, which was a nice experience for someone seeking jobs.


I've actually gotten my current job and just received an offer from a FAANG due to LinkedIn cold calls. I can't speak to dark patterns, but saying the service has no value is disingenuous.


Have to agree to this as well, and add another point of view. I moved country about 1 year ago. Although I speak the language of the destination country I had trouble finding "where to look" for dev(robotics) jobs.

My first job was through recruiter page but my current job I got through a recruiter contacting me on LinkedIn. He even bumped my salary up by 15% from initial offer (because his cut was based on the salary and I also had another offer on the table).

It is a pretty valuable tool for a person moving countries for sure. Although I'm in Asia atm, I even got connected to a startup in SV while I were looking for jobs.


Unfortunately I have to agree. I also had something very similar happen to me. I guess it is a price to pay.


Indeed. In dollar terms it’s provided the most value of any service I’ve ever used.


This puts things in correct perspective. Same with me, my life savings are because of LinkedIn perhaps.


I also have had a lot of luck with LinkedIn. I suppose if you went to Stanford for SE then yeah you already have a good network!


I also started my FAANG career with someone contacting me on LinkedIn. I hate LinkedIn, but have trouble letting go of being ‘discoverable’ should I need another job.


Not LinkedIn; Microsoft.

We should blame the real owner. Maybe they'll pay more attention if these practices become tied to their overall brand.


The acquisition was 4 years ago, almost to the day: you're right, it's time to blame the real owner.


Skype used to rock before they were acquired


yeah, definitely used to rock when it killed your laptop battery in an hour while running in the background routing other people's calls through you.

skype rocked after ms acquired it, fixed these types of problems by providing infrastructure, and it rocked for a decade. it stopped rocking only when they replaced it with the app-looking cut down app, and years later killed the desktop mode program.


I remember as soon as MS switched away from P2P, the latency of my calls went up.

Actually, as far as I can tell every mainstream† voip product right now has more latency than Skype used to. This sucks; it causes conversations to flow less naturally.

† aka not Mumble, which I will never convince friends to use.


How else can you government record you?

Ask not what your country can do for you, but what you can do for your country.


Or when skype used to give away your IP to anyone who had your skype name or email without even needing to be in a call or added.


LinkedIn had dark patterns on day one. Search posts right here on HackersNews. You will see a lot of shady stuff Linkedin was doing in early 2010s.


That's what good culture fit looks like.


I think LinkedIn was one of the rare services built on Windows Servers. So culture fit from thr start.


Lol


Ugh, I won't use their phone app, they're way too slimy to live there.

They conveniently forget your mail settings periodically, too, forcing you to opt-out of various garbage again, or to just trash all the mail. They're at least as scummy as FB, if not worse.

My (related) new rule: if your site demands a phone number for an account, I will not create an account on your site.


I’m not a fan of giving phone numbers out either. When I have to I give one to sites I hold suspect I use a number from the safe fictitious range allowed for use on TV and in movies. It’s like example.org but for phone numbers

https://en.wikipedia.org/wiki/555_(telephone_number)


I usually look up the company's sales number and give them their own number. I have no idea if this has ever inconvenienced anyone but it does give me a moment of petty satisfaction.


Unfortunately many times that's not an option because they won't let you create or use the account until you verify the number (Google, Twitter, Instagram, Facebook, most of the big social networks).


Truly disposable burner emails are the best, though many larger corps block the more popular ones or require an email at specific providers. https://www.mailinator.com/


Buy a domain name and point the MX record to mailinator.


I used to do something similar when a site I visited demanded an email address. I just used "mm@disney.com" (Mickey Mouse). Eventually, sites started verifying the given email address so that didn't work anymore. Now I just have a "burner" email address for such cases.


Very cool trick! Wonder if Europe has this as well.

For email I use <site>JGM.io (my own domain). If I see that address being used elsewhere I know who's being a bad boy


Gmail let's you add tags to your email like firstnamelastname+linkedin@gmail.com. This is really useful for such purposes.


That is true, but is also blocked by many sites. No such thing can happen to a custom domain.


Do you have an example of a site that blocks this? I don’t use gmail anymore but used this trick for many years and wasn’t blocked once.


I would have thought most everybody serious about exploiting your data would be rewriting this type of email at this point.


TIL. Cool trick.


When I added phone number for OTP(2FA) couple of years back(No TOTP support then) it got automatically added to my profile and guess what? When mobile number is added to the LinkedIn profile it is made visible to all your contacts. I didn't know it was the case until some random person started messaging me on WhatsApp and told me he saw my number on LinkedIn.

Now, they have support for TOTP apps which we can use without giving LinkedIn our phone number and they claim 'Mobile phone numbers added here won't be displayed on your LinkedIn profile.'; But I'm not willing to test it, not entering my phone number in LinkedIn ever.


My first interaction with LinkedIn happened when they spammed me using my roommate's name, after getting "permission" through a dark pattern. After such a fantastic first impression, I have no intention of ever using LinkedIn.


I finally gave up - I deleted my existing LinkedIn account and replaced it with one that says “I do not use LinkedIn and will not accept your invites or read any message you send to me. If you’d like to learn more about me or get in touch, please see my personal website at (me).com” I’ve been off social media for years, but for some reason I still maintained a LinkedIn site which never actually delivered any value.


I mean I've definitely been contacted by FAANG companies out of no where and got interviews through that.


I was contacted by Google and interviewed based on my profile page on the crufty, tag soup website of my employer at the time. shrug


I interviewed with all the FAANGs except Netflix over the last 5 months through internal recruiter contacts on LI.

Probably half the interviews I’ve had over the past decade have come from LI, and I think at least 4 or so jobs (including my last and most recent) started there.

It was largely useless in the aughts for me, but not lately.


Same.


I've recently found that they're really pushing people toward the paid tier. I connected with someone a few weeks ago, and when I look at his contacts, I can only see people who are contacts to him AND other contacts of mine.

Why won't LinkedIn let me see contacts that are 2nd-degree contacts via only him? I have no idea. But this mentor specifically asked me to go through his contacts and look for people I'd like to be introduced to, and I literally can't see a single new person as a result of connecting to him.


You'd think that the paid tier would at least make the platform respect you and not waste your time. But no, LinkedIn will still waste your time with ads and dark patterns all over the place regardless of whether you pay or not.


I got my current (very well-paid) gig from a cold call from my LinkedIn account. That said, I agree with your view. I feel like taking a shower after each monthly login.


Sunlight is the best disinfectant.

The more people see this user-hostile practice in action, the faster we'll be rid of it.


This is true. I've often used it to price services/software once I figure out how big the company is.


> they don't fix their buggy mobile site and just put up a disclaimer "problems with the mobile site - download our app"

I would agree with this one most of the time, but even their desktop web is horrible in Firefox. It wouldn't load the pages/header with buttons, wouldn't show new messages from time to time.


Desktop LinkedIn is terrible too, it's absolutely unusable in Safari, lags and stutters constantly and seems to have a memory leak or similar where the page will get even slower (as if it wasn't already slow) proportional with the amount of content you have loaded. It pretty much instantly triggers the "page uses too much energy" warning.


Their UX dark patterns are incredibly scummy, but I’ve actually found it really useful for quickly reaching the right person for biz dev deals/partnerships.


"I might need it one day when I look for a job" is not accurate at all for me, it finds jobs for me without me even having to interact with it beyond messaging recruiters back if I'm interested. I wouldn't be at my current employment if not for a recruiter finding me on Linkedin.


Half assed mobile sites for "big providers" is a growing issue. It can also be observed with reddit. Web technologies are at a point where apps often times don't increase the user experience for technical reasons, so companies deliberately castrate their online offers.


I got my current job that I am happy with through LinkedIn.

I might dislike the platform but it helps me keep contact with my past coworkers and keeps valuable offers come to me for basically no cost.

This is likely why LinkedIn thinks they can be shitty to their users, because their users are motivated to stay.


If you build good relationships with people in the real world this can actually help you on LinkedIn.

I have had many job discussions/offers come through my LinkedIn mailbox from competitor companies.


what a one-sided POV. I kept "in touch" with multiple recruiters who "discovered" me via the Linkedin and when the time came I leveraged these connections to land multiple interview loop invites.

It also is a great place to add the colleagues when they or you depart with the same idea to "keep in touch".


Based on the amount of ads and spyware embedded in modern Windows, I don’t think this problem is exclusive to LinkedIn. It seems to be par for the course for most things Microsoft runs.


You have to imagine the Apple engineers who implemented this new clipboard notification knew this shitstorm was coming.


Part of me wishes they dropped this feature in a random dot release, to give these developers a well deserved public flogging.

Of course, the responsible part of me knows that’s a bad idea. Sigh.


tbqh, why would that be a bad idea? It's a minor feature from a technical standpoint.


It would annoy their (Apple's) users more than necessary.


I actually really like how Apple implemented this though. If apps aren't doing something very clearly nefarious, it's not annoying at all.


It's not necessarily nefarious though.

https://twitter.com/twolivesleft/status/1275776460918157315


Maybe apple should implement some more APIs around clipboard metadata, they could allow queries on content type and length or something without that notification. Or even check the hash of clipboard contents. Anything to protect privacy but still allow useful features.


In fact, they did.

For querying content type, there are pre-existing APIs (e.g. `hasStrings` [1]), which AFAIK don't trigger the banner. In fact, the documentation already recommended using those methods over querying the actual clipboard contents, for performance reasons. But they're relatively new compared to the rest of the UIPasteboard API, having been added in iOS 10.

For going beyond content type, there are new APIs in iOS 14 that let you check if the clipboard contents are a "ProbableWebSearch" or "ProbableWebURL" without triggering the banner. [2] Doesn't seem like there's more flexibility beyond those two options, although I found a thread [3] suggesting that more might be added in the future. I wonder what ProbableWebSearch does.

[1] https://developer.apple.com/documentation/uikit/uipasteboard

[2] https://developer.apple.com/documentation/uikit/uipasteboard...

[3] https://developer.apple.com/forums/thread/649996


Ah, thanks, that's a case I didn't think of. And a pretty good reason to keep this out of a point release!


I mean, hn users aren't exactly normal, and while I'm sure many people like this feature that doesn't mean they want their day to be unnecessarily and repeatedly interrupted when that could have been solved by giving the sites a few days notice.


I'm guessing that's part of the reason they didn't implement a clipboard permission. It would probably have broken a TON of stuff in weird ways.

I expect to see an actual clipboard permission at some point.


Maybe I'm missing something but a clipboard permission seems to be pretty useless for most apps.

When I want to login I have to paste my password, when I want to paste an email address into a Linkedin chat I need the clipboard.

So everyone would just grant that permission anyway as it makes a lot of apps useless without and they'd just continue their harvesting after that. It would be a very small percentage to selectively enable/disable the clipboard permissions for certain tasks.


Being able to accept pastes wouldn't require any permission.

Being able to read the clipboard without the user knowing would.


The clipboard is controlled by the OS. When you 'paste' the OS sends the contents to the app. There is no need for an app to have access to the clipboard.


I'm curious - have you ever actually looked into how clipboards work across various OSes? Because programmatic clipboard access is the norm pretty much across the board.


Except on the most popular application platform available of today: the web. Imagine if every website could read your system clipboard at will.

I'm honestly amazed and horrified to learn that smartphone apps on the 2 OSs have this capability. This capability, used legitimately, can only bring a very, very slight UX improvement.

At this point, we know smartphone apps exploit any avenue they have to extract data from their users, regardless of the perceived ethicality of their vendor. The smartphone vendors more than any others know this. If there's an entity to direct the blame towards it's Apple and Google for allowing this, when fixing it on their part would be so trivial.


> Except on the most popular application platform available of today: the web.

The web is not an operating system, for goodness' sake. A browser is itself an application no different from a terminal emulator + shell (which also is capable of running arbitrary other applications within its context).

> I'm honestly amazed and horrified to learn that smartphone apps on the 2 OSes have this capability.

Prepare to be even more "amazed" and "horrified": I am willing to bet that whatever desktop OS/distro you use does the same damn thing (providing apps with programmatic access to the clipboard or clipboards).

If you don't want other applications to access some data, for heaven's sake don't put it in what is literally a shared buffer between applications.


It doesn't have to be though. Especially on a platform that only has one UI toolkit, controlled by the vendor.


Ah, so _now_ we're asking Apple to disallow any UI development whatsoever outside of using the components in the UIKit and AppKit SDKs (and screw you if you want to develop any sort of interface that's not supported or intended to be supported out of the box by the above)? Very interesting indeed.

I understand the outrage over programs abusing the resources they have access to, but frankly this is just approaching hysteria. This is the equivalent of reading an article about an app snooping at documents you didn't open for sensitive data and jumping to the conclusion that operating systems should not support programmatic access to the filesystem.


You seem pretty moved by this discussion. What is your use case that is broken by protecting the clipboard and filesystem?

using the components in the UIKit and AppKit SDKs

Yes, if you want to provide a native feel, with native features like clipboards, and native accessibility features, use the native widgets. They usually tend to be stylable any way you want (my UI experience is with HTML, Qt, Swing, Win32, Winforms, and Gtk; I'd be very surprised if Android and iOS don't support widget styling). Just like on the web, it's a big problem when people reimplement a text input box from scratch.

operating systems should not support programmatic access to the filesystem.

This is the direction desktops are going, and it's where Android and iOS started. I shouldn't have to give a chat app access to all of my photos, videos, music, and documents just to let it download messages. And to upload a photo, both Android and iOS provide system file pickers. Desktop/laptop OS sandboxes should also provide file pickers to give an app access to one file or one directory.

An app doesn't need to access my clipboard until I'm trying to paste something in that app, or I know that it does something useful (and nothing nefarious) with clipboard snooping. It looks like iOS has provided clipboard notification events for different media types so that apps can show a Paste button without having to read the actual contents until the user is ready.


> You seem pretty moved by this discussion. What is your use case that is broken by protecting the clipboard and filesystem?

Yes, I am pretty moved, because this is ostensibly a technical audience and the level of sheer "I don't know how my operating system works" I'm seeing here is quite alarming indeed.

I don't have to have a particular use case to point out that "applications should not be able to access the filesystem at all" is plain silly.

> Yes, if you want to provide a native feel, with native features like clipboards, and native accessibility features, use the native widgets.

So basically any application that does not use native widgets should have zero accessibility or platform functionality. That's most of the gaming industry out the window then, as well as anybody building user interfaces that an operating system does not (yet) support. Additionally, god forbid you be able to copy and paste on operating systems that don't have native widget toolkits (such as, say, Linux), or even implement toolkits for such platforms in the first place.

Am I permitted to call this a hysterical overreaction yet?

> This is the direction desktops are going, and it's where Android and iOS started.

Neither Android nor iOS have ever prevented programmatic access to the filesystem. You seem to constantly conflate programmatic access and permissions/sandboxing, which is precisely the sort of mistake that "moves" me to see from people who develop software.

> Desktop/laptop OS sandboxes should also provide file pickers to give an app access to one file or one directory.

I'm _very_ interested in how exactly the command-line tools you use would work with using file pickers to grant them access to single files and folders.

Also very interested in how Linux, an operating system that explicitly does not provide a widget toolkit, is supposed to provide file pickers to the variety of programs that run on it.

> An app doesn't need to access my clipboard until I'm trying to paste something in that app

A clipboard is a shared buffer. If something is supposed to be secret, don't put it in the shared buffer between all applications. Applications will continue to have the ability to query/read clipboards they have access to (for, amongst other things, actually implementing a paste), much like computers will continue to have the ability to read/query network drives that they have access to - that's the literal point of having a clipboard/network drive.

Discussing permissions and sandboxing (which most clipboard implementations already do, with app-local and/or named clipboards distinct from the system-wide clipboard) is one thing, but claiming that programs should not be able to interact with clipboard contents via code is frankly rather ridiculous.


I think you're being a bit pessimistic about OS developers' abilities. Also I think you are reading more into what people are saying than they are actually saying with respect to permissions vs "programmatic access", and "applications" vs any code whatsoever.

Just to clarify my perspective on the situation: I have developed a significant amount of software for DOS, Win9x, WinXP and later, cross-platform JVM (UI and server-side), Linux (CLI, framebuffer, X11, Gtk, Qt, OpenGL, kernel modules, backend servers), HTML5+JS, embedded devices in ASM, Oracle/MySQL/Postgres/MSSQL DBs with stored procedures, probably other things I've forgotten, and a tiny bit of mobile native. I have worked with a few sandboxing/containerization systems like Docker, simple chroot, etc. Cloud hosting, AWS, OpenStack, bare metal, local systems. I have seen viruses, worms, hacks, spyware, malware, etc. affect anything with a network connection or a floppy disk drive.

I know what I am saying is possible when I say that arbitrary code should not have arbitrary access to the system-wide clipboard or filesystem until the user grants it, and that the usecases that require such broad grants are extremely uncommon.

Android provides Intents instead of FS access, but app devs all have to have their "custom experiences" that just conveniently give them significant fingerprinting, snooping, and tracking abilities.

Some Linux GUIs will already use the Gtk file picker in GNOME, and the Qt file picker in KDE.

X11 though I love it (I am working on an Xlib project right now in fact) is already a security nightmare, never mind that even highlighting text without choosing "copy" puts it into one of the system clipboards, or at least used to do so.

Even Signal now wants to force everyone to add a (likely easily brute forced by unsavory intruders) PIN so they can upload your contacts to their servers.

So yes, all the evidence points to a safer system for filesystems and clipboards and contacts and whatever else is possible, and all the evidence in threats points to it being necessary.


I'll give a similar reply as I did to your other comment: the most popular platform for interacting with low-trust applications, the web, sanely does not allow apps to access your whole filesystem. It would have never thrived as it did if users had to limit themselves to a small selection of vendors they can thrust with their whole system.

There's a huge difference in usage between apps on desktop OSs, which are often of less commercial nature, open-source, and more carefully vetted by centralized gatekeepers, and the mobile app ecosystem, where any random fast food chain will entice you to install their app to make an online order. The smartphone app ecosystem has to be low trust, like the web.


> the most popular platform for interacting with low-trust applications, the web, sanely does not allow apps to access your whole filesystem.

Yes, obviously, arbitrary code that is executed from over the network at a time you can't fully control and programs that you install and run on the device that you own have different levels of trust. Are you seriously making the argument that code from https://facebook.com running within your browser cannot access your filesystem then that means every single executable on your machine should be incapable of doing that as well? Wasn't this the same site that complained to high heavens about the constant permission prompts in macOS Catalina?

> which are often of less commercial nature, open-source, and more carefully vetted by centralized gatekeepers

I'm sorry, this is just blatantly false (as literally decades of malware on the desktop can attest).


Pasting to the clipboard into a standard widget is different than reading/writing it. Hopefully in mobile OS as well.


a tinfoil hat tip: imagine the shitstorm if Apple would allow proper introspection instead of suing these companies who offer such a service. that storm would be much harder to manage now. if I'd really believe it myself I'd even say controlling the messaging was part of the reason why they sued these companies and instead are providing limited subset of such features themselves.


Wait what, they show the pop-up, but there is no permission toggle for access?


I feel like a copy/paste permission would be useless and the notification is 100x better.

Most people would click "accept" on the permission and never think about it. "Oh of course I need the ability to copy/paste on tiktok, how else will I paste 90sMusicChallenge in the search bar?"


Now if only they would finally Sherlock Little Snitch for iOS; the amount of spyware embedded in almost every single app in the App Store is astounding. I make a point of knowing about this stuff and even I was flabbergasted the first few times I ran my iPhone via a proxy.

Apple claims that you consented you this when you agreed to the App Store TOS.


There are so-so approximations of it, like the guardian vpn/firewall: https://guardianapp.com/


Unfortunately the approximations are not that great, requiring you to route all your network traffic through an unknown company.


There's also https://lockdownhq.com/ which should work on device. There really should be something like Screen Time directly integrated in the OS.


I'm sure there are open-source versions you can self-host


Can you share how you did this? I would like to try it.


For a free alternative I’ve got a blog post[0] detailing how to do it with the excellent mitmproxy utility. There’s also Burpsuite community edition which is pretty decent

0: https://hugotunius.se/2019/01/23/going-spelunking-with-mitmp...


Charles Proxy on App Store.


I've used plenty of software before that offers to do something based on clipboard contents, often when there isn't even anywhere to paste.

E.g. a phone dialer app that asks if you want to dial the number in the clipboard when you start it, an image editor that asks if I want to create a new image size the dimensions of the clipboard, a torrenting program that when I choose to import a torrent automatically grabs it from the clipboard before I even get the choice to pick another option (though I still can).

I would be very surprised if this wasn't originally part of something like that, and maybe the feature was removed but the detection function wasn't.

Because if we put down our pitchforks for a second, LinkedIn is owned by Microsoft, which also owns a major browser and the world's most popular operating system. Microsoft sure as hell doesn't need to sniff your clipboard in LinkedIn, if it wanted to do something for nefarious purposes.

Never attribute to malice that which is adequately explained by stupidity.


> Because if we put down our pitchforks for a second, LinkedIn is owned by Microsoft, which also owns a major browser and the world's most popular operating system. Microsoft sure as hell doesn't need to sniff your clipboard in LinkedIn, if it wanted to do something for nefarious purposes.

The original report is a combination of iOS and MacOS so Microsoft does not have any kernel level leverage.

I don’t doubt it’s not malicious. More likely a holdover from an older or related feature.

The real story here is how easy it’s been for apps to spy on your clipboard. Seeing it in something by a large company like Microsoft just adds to the sensationalism. The TikTok version of this story is the real deal.


This is exactly it. I have seen app developers who were "caught" by this use the same explanation. There is a new API that can be used instead that does not trigger the notification (and does not disclose the clipboard content)


Negligence from a trillion dollar corporation is a form of malice. They have the money to audit their products for quality and privacy issues. Instead they choose to not give a shit unless the media calls them out (and sometimes not even then.)


I feel like many of the people that has this opinion never worked at a big company in a big code base. It's probably a poorly coded feature from an intern that was left in because it had some value but operated in a way it shouldn't. Nobody is ever going to touch it until something like this happens. Then someone will go. "Oh shit we better fix this. Tell the product manager feature x is delayed so we can fix this shit storm."


> I feel like many of the people that has this opinion never worked at a big company in a big code base.

Well you're wrong about that.

> Nobody is ever going to touch it until something like this happens.

And that's the problem. A problem a company like Microsoft has the cash to avoid. They could hire more QA staff, but instead they've sacked tons.

Note that malice on the part of the corporation does not necessarily imply any individual at the corporation had malicious intent, although that can never be ruled out. Specifically, I am not claiming the intern who wrote the shitty code and forgot about it had malicious intent. Rather the organization itself is malicious, because it's a paperclip maximizer.


"Never attribute to malice that which is adequately explained by stupidity.”

This.


This is apparently coming from an open-sourced component called Hakawai.

Somebody had to scramble to remove the clipboard code ASAP: https://github.com/linkedin/Hakawai/commit/fa7e8497040f5c36e...

Edit: Don't do mobile, but seems like it was a hack to distinguish between text that was pasted and text added by autocorrect


As I understand, it is closed-source code causing the problem described. Erran Berger linked to that Hakawai commit as an example of a different, open-source project under the LinkedIn umbrella that has the same problem.


Guess I'm never copying and pasting anything sensitive on my phone ever again. Still don't understand why clipboard-sniffing isn't behind a permissions flag.


Not a fan of any of the big tech companies, but Apple needs to be applauded for this feature. Can't wait to see how many such behavior is exposed by iOS 14


I would save my claps for people who are really working to improve the world, not for corporations who sometimes accidentally do the right thing while pursuing profit.


Why should they be applauded if they knew about the problem? notifying you about it is not enough... they need to let you act on it.


Or they need to be lambasted for not making it a permission like it should be.


I'd love to know what OS you use that has a clipboard access permission for the foreground application.


I’d say “and” not “or”.


iOS isn't free from this kind of snooping[1][2].

[1] "How popular apps can read your phone's clipboard without permission": https://www.mysk.blog/2020/03/10/popular-iphone-and-ipad-app...

[2] "Popular iPhone and iPad Apps Snooping on the Pasteboard": https://www.telegraph.co.uk/technology/2020/03/30/popular-ap...


> iOS isn't free from this kind of snooping

They didn't say it was. They're saying they're looking forward to the next major release which alerts the user when this happens. That's why all these stories are coming out right after the release of the beta.


Well, once upon a time you trusted the code running on your device.

In Chrome on Android, the flag you want is under Settings | Site Settings | Clipboard | Ask before allowing sites to read text and images from the clipboard, and I think it's on by default.


Does that setting affect other Android native apps' clipboard access? It wouldn't seem so.


Funny how you are promoting Chrome and Android when I've known for a fact that Google Maps has done this since forever because when you open the app immediately if and only if it's an address it suggests whatever is on your clipboard as a destination. This means 1) there's code running somewhere grabbing the clipboard and deciding if it's an address (might ping home) 2) it has to copy the clipboard all the time to do that.


Maps doesn't run inside Chrome.


I'm not promoting anything.


iOS very early-on took on a model of not trusting the software you install on it, and for good reason. Android and the web followed soon afterward. This is the expectation today. Doubly so given Apple's chest-beating about privacy. This clipboard scandal is unacceptable.


Which is the whole point behind giving a notification about it. Clipboard use is so core and fundamental, literally every app with any kind of entry box would need to ask ahead or you'd hit that so randomly all the time nobody would pay any attention to the warning.

The current feature being added allows this to happen, for awareness to be raised.

To be honest, I'm surprised we haven't heard of more snoopy apps already, but, I guess that will come when the feature's out of beta.


Apps wouldn't have to ask ahead for a text entry box.... you just have to only grant paste read access when a user explicitly chooses to paste by hitting a button.


> Clipboard use is so core and fundamental, literally every app with any kind of entry box would need to ask ahead or you'd hit that so randomly all the time nobody would pay any attention to the warning.

That's, one way to implement it...

Alternatively, and how I'm pretty sure it already works, is that on paste the clipboard could insert content directly into the control, never involving the app in the process.

Apps with completely custom inputs would need to see the contents, but that's both rare and usually a bad idea in the first place.


Android also had permissions from the beginning.


It only declared and didn't let you individually toggle permissions until version 6.0. You just had to take-or-leave the app as-is. I don't know whether or not it declared them from the very beginning.


It did have them from the beginning, and the set of supported permissions was quite substantial compared to what iOS offered. But you're right, iOS was first to have the ability to grant/revoke individual permissions at runtime


I remember giant take-it-or-leave-it permission warnings for apps back on 2.1 when I had my Nexus One. Updates that changed permissions would just give you the whole list again with no hint as to what had changed, it was awesome in its user-hostility.


> This clipboard scandal is unacceptable.

What do you expect when the CEO holds an MBA?


I think i saw that some of the new betas of ios pop an alert whenever software sniffs your pasteboard.. maybe i'm wrong. Seems like I saw somethng during the tiktok stuff earlier this week.


This would be a great feature for Firefox too! Doesn't look like there's interest though https://bugzilla.mozilla.org/show_bug.cgi?id=1013165


I assume thats because sites dont have access and need a ctrl+v from user to see content


The question is, does Android itself have that flag?


No, in Android the app that is in focus can read from the clipboard without restriction


Background stuff?


I’m not sure why they didn’t add a permissions flag for it either to be honest. Most apps are going to stop doing it because of the notifications, and presumably those that continue will make some effort to explain it somewhere so people don’t panic and uninstall their app when they’re told about it. Seems like a permissions flag with the usual app’s explanation of why would work well.


> Still don't understand why clipboard-sniffing isn't behind a permissions flag.

Screw permissions flags. Clipboard-sniffing is never justified. Moving data out of the clipboard should only ever happen by direct user request via the OS interaction layer.


And what, exactly, constitutes "direct user request" that both 1) does not break common programming techniques (e.g. an application rolling its own GUI, or implementing its own modes/keybindings) and 2) is not trivially spoofable by the enterprising developer?

I understand the outrage over apps abusing their access to the clipboard but what I don't understand is the people acting as though the OSes they use on the daily don't have the exact same "flaw".


> what, exactly, constitutes "direct user request" that both...

> 1) does not break common programming techniques (e.g. an application rolling its own GUI, or implementing its own modes/keybindings)

A callback method that you can define to do anything you want in your program when the OS hands you the result of a user initiated paste operation because your program had focus. If you want custom keybindings to initiate the paste operation, you can register that desire with the OS. Want something perpetually backgrounded that exists exclusively to steal your secrets? Make _that_ a special permission if you must. Or just don't allow it.

> * 2) is not trivially spoofable by the enterprising developer?*

Ignoring the _minor_ contradiction of mixing "trivially" and "enterprising", rolling your own GUI and defining keybindings doesn't mean that you control access to the interface. The operating system mediating the hardware does that.

Could someone root your system and blahblahblah? Sure. But let's stop making "steal my secrets" part of the fucking standard system API and start working toward a brighter tomorrow.


> A callback method that you can define to do anything you want in your program when the OS hands you the result of a user initiated paste operation because your program had focus. If you want custom keybindings to initiate the paste operation, you can register that desire with the OS.

Wonderful! Now how does this brilliant little solution account for applications that don't centre their operations on the keyboard?

How does this work for clicking on a UI element to paste?

How does this work for using non-tactile forms of input - say, a voice command?

How does this work for any method of interaction that's not "press a combination of keys"?

How does this interact with the very real and undebatable need to allow programs to simulate keyboard events?

What happens to operating systems that have the implementation of a system clipboard as out of scope (like a little-known operating system called Linux)? How does, say, the X window server then manage to implement a clipboard on top of it?

> rolling your own GUI and defining keybindings doesn't mean that you control access to the interface. The operating system mediating the hardware does that.

I am very curious indeed: what, exactly, do you think happens when (for example) a C program calls `getchar()`?

> But let's stop making "steal my secrets" part of the fucking standard system API and start working toward a brighter tomorrow.

If you consider something a secret, then may I suggest that you don't (both as a user and as a developer) put it in the general shared buffer for applications? The whole point of a buffer for temporarily storing and transferring data between applications is for said applications to actually access it. You are doing the equivalent of saving your "secret" in plaintext in your home folder and then complaining about the OS if/when a program peeks through your generally accessible home folder and finds it.


> How does this work for clicking on a UI element to paste?

The same way as designating keybindings. Registration with the OS. I don't care if you have to do it by defining hotspot outlines for bespoke-from-raw-pixels interface elements.

> How does this work for using non-tactile forms of input - say, a voice command?

Voice interface is mediated by the OS. Register your desired custom paste command.

> the very real and undebatable need to allow programs to simulate keyboard events?

False. I'm happy to debate it. But before we do, I have to ask you to try to not be stuck in the "how things are done now" mindset.

> What happens to operating systems that have the implementation of a system clipboard as out of scope"

Then they have decided to punt on user safety. Be angry at them and demand better. Also, you're derailing.

> what, exactly, do you think happens when (for example) a C program calls `getchar()`?

What do YOU think happens? You think that your program talks directly to your keyboard buttons? And why do you think that this question is relevant?

> If you consider something a secret, then may I suggest that you don't (both as a user and as a developer) put it in the general shared buffer for applications?

Frankly, I think this is a bullshit user-hostile copout. Treating the clipboard as "general shared buffer between applications" is exactly what caused this madness. The clipboard is an extension of the user, like writing something down on paper so they can then reading it back later, and should be treated as such with sanctity.

Try approaching from the perspective that all of your "what if"s have a safe non-almost-100%-of-the-time-user-hostile solution. Because the freewheeling "steal my secrets" API is almost 100% of the time extremely user hostile and computers are meant for people to use.


Although I understand your point on the shared buffer, I don't see how else I can share information between two arbitrary apps not explicitly designed for it. Perhaps I should be able to use settings to require an os confirmation dialog, at least for info not copied into the clipboard by the same app, much as users can use noscript. As for Linux, if they don't want to deal with the clipboard, then users need to understand (and should have already) that a buffet style open source ecosystem does come with some risks and rewards that make it a different security paradigm from a centralized os with a lot of basic tools/apps made by the os provider.

Do you have some idea of a better, more secure way to share information between two apps the user alone has decided should be in communication?


Between two or more known apps, a solution already exists - don't put in the system-wide shared buffer, put it in a buffer whose access is restricted to apps that you know. For example, on iOS you've been able to create team-local (only accessible from apps with the same team ID) and app-local (created with a unique identifier so only your app knows & can interact with it) clipboards since...a very long time, definitely pre-iOS 8 because that's when I encountered the API the first time.

To some extent, a solution does exist for arbitrary (iOS and Android) apps, which lets you explicitly pick what application you want to receive some data - the sharesheet. It's criminally underused in my opinion.


This is so obviously, blindingly true that I am amazed it’s even possible for apps to do this.


Launchbar and Dash on the mac both have great clipboard features. I use it many times a day. For example, a snippet to drop a markdown formatted link with the title from the first clipboard stack entry and the URL from the second clipboard stack entry.


Nothing that you just said requires sniffing the clipboard contents without you initiating the transfer.


I would tend to agree, but a handful of people have a handful of reasons why they like it, and so removing it completely isn't as much of a no-brainer as adding a permission dialog is.


Sure, but the reasons are always so...contrived and frivolous...and none of them require accessing the clipboard automatically without the user invoking a system command. And the consequence of these poorly considered objections is what we have now.

It's like people have either been gaslit into thinking that there's no sane alternative to the current nightmare or are so shortsighted that they don't understand the horrors lurking around every corner that wouldn't be there if they stopped to consider the consequences of [checks notes] "google maps doesn't require you to to paste the address in before it starts to route" and "dash can drop a markdown formatted link". Because saving you one click is surely _so_ important that it's worth giving up everything for.


I think it's not your phone though in this case, it's the MacBook Pro where the copying is happening


The screen capture is from an iPad Pro. It's not clear how it was getting the Macbook clipboard; via AirDrop maybe? Really that just makes it even more concerning.

Edit: Apparently it's Just A Thing: https://support.apple.com/guide/mac-help/copy-and-paste-betw...

But you can turn it off by turning off "Handoff", which luckily I already had. Nowhere is it mentioned in the settings UI that this extends to your clipboard.


Handoff really is awesome though. You start browsing a website on your phone, unlock your Mac and boom you can switch to the big screen. Copy a phone number from a website on your Mac, pull out your phone and paste it into the phone app. Once you’re used to it, it seems so obvious


That's great when my threat model is "there's a firm boundary between my devices and everything third-party". Now that that's been punctured, it's a nightmare.


Definitely


LinkedIn has had so many privacy disasters over the years, and it's kinda crazy how we kinda tend to forget most of that eventually. I definitely wouldn't trust them with much of your data.


Very not cool. I am a medium LinkedIn user, but now it is going to be limited strictly to a PC browser, where I have some control. I just uninstalled it from my cell. I got caught in the siren song of convenience.

Now how many other apps do this.


If someone steals your wallet, my advice is don’t let them drive you to the airport.


I hear you, but I do get some value from LinkedIn ( few prospects, interviews and so on ). In my little corner of the world, it has become defacto online resume. I stand by my initial reaction. I am not sure I am ready to drop it altogether.


But the thing is you need to get to the airport and there's no other way without missing your plane and forfeiting money paid for your ticket. Now what?

That's where we are with the market power of the big players. Google, facebook, apple, linkedin etc. Use the competition to linkedin in this space? You lose. The end.

The way we have always dealt with market power abuse in the past is via a combination of breaking up dominant players and regulation. The longer this wild abuse of market power goes on the more likely that this will be done in a bad way with pitchforks rather than a sensible, measured, outcome driven way carefully weighing the competing intrests to get what is best for the wider population in the medium and long term.

Also the fact this is legal at all is another case of everyone in law making, courts and enforcement having their brains fall out of their ears as soon as the words "using computers" are uttered. Do the exact same thing in any business where a computer is not used to do that thing and you are going to jail. It's break and enter. But "using a computer" so it's fine with the laws all no longer applicable.


I uninstalled it from my phone years ago when I started getting cold calls, and was told directly they got my information from linkedin (where I never put in my phone number)


My hunch is these things are more boneheaded than nefarious. Probably looking for URLs to share or something silly like that and just implemented poorly. Obviously not good for the PR, but say sorry and fix the bug. Luckily this shouldn't happen much longer once iOS 14 is properly released.


A few years ago, linkedin purposefully changed their notification emails to have less information so you're forced to log in and read the notification on their platform. Linkedin is also widely known for when they scraped users contacts and then spammed them.

Call it incompetence if you want, but there's a certain flavor of evil incompetence here.


I have no dog in this fight, but I was at LinkedIn at the time, on teams that worked closely to this. I can assure you that these changes were not made to force log in. It was a recommendation from the security team.

I know it's Hacker News and it's easy to criticize LinkedIn for shady growth practices and get praise for it. They often deserve it, but assigning malicious/growth intent for every change they make is misguided.


Clicking on links on linkedin emails on android would redirect to the appstore every few clicks. Was that also recommend by the security team?

Fixed by switching to firefox and blocking redirects.


That’s how deeplinking works.


I'm not an expert, but i understand that redirecting to the app store is an explicit decision on part of the developer (and in Fact it only happens randomly), and a very anti-user one.

The security excuse is used as a way to increase conversion.


Facebook (including Messenger) does it too.

There might be a thin guise of "security" (i.e. email isn't a secure place to send your top-secret inbound message) but I'm inclined to suspect the main motivation is to drive people back to the platform and drive up their stickiness metrics.

It's user-hostile.


For Facebook, the worst part is that it shows more in the gmail message preview than it shows when you click through to the message. There is no security explanation for that; it's clearly deliberate manipulation.

I'm sure in A/B tests it increased engagement...


It is not just Facebook and LinkedIn. I've seen this from random small sites.

Some other silly shit that come to mind - having the unsubscribe link after half/full page of white space, once you click on unsubscribe "give us 24 to 48 hours to remove your email" etc. Really? they need 24 hours to delete (or change a flag) in the database?


Sometimes it’s some freaky ETL script that runs daily to put your address in a marketing message integration system. Not that it’s a great excuse, just usually more than a single flag update.


If you have access to the email account, you have access to the linkedin account (via a password reset). The security argument is entirely baseless.


What I love is Reid Hoffman then going on about that move like he invented the fucking wheel. Like congrats, you stole some e-mail addresses and spammed them...you are now a genius growth expert? Joker.

His book is also staggering insight into how little ability he has an executive and investor (some of the stuff is intern-level mistakes, like maybe juniors who are in their first week and got the job because of daddy...but even then...rare).


Microsoft has perfected being both boneheaded and nefarious simultaneously.


It's intentional and has been happening on other platforms for years.

Give it a few weeks and people will start posting articles about how it happens on PC / Mac platforms too.


I wouldn't give the benefit of the doubt to Microsoft...


Hanlon’s razor shows up once again.

Though some apps I trust more with how they use the clipboard data or only restrict it to certain types, eg: image data for a photo viewer, urls for a browser, tracking code for a delivery app


Yeah, I tend to agree. There seems like there'd be a ton of noise in clipboard content to actually make use of it.


One little weird trick I found is to use the browser for websites.

All the limitations I found on web pages that asks me to download the app are artificial. What is reddit doing that requires an app? What is facebook doing that requires an app? There is even less reasons now to use the YouTube app.


can't use reddit enhancement suite on mobile browser. however linkedin, amazon, twitter, etc all work well enough on mobile browser.


Can't speak for others, but LinkedIn's web is annoyingly slow on mobile.


You can use res in FF mobile.


I thought I was safe if I blocked all of the permissions these apps "require" like Contacts on Android.

I'm uninstalling this app from my phone now. This isn't acceptable!



Ever copy and paste sensitive data on your laptop? Clear that clipboard before using your iPhone.

Apple's Universal Clipboard may share your clipboard across devices.


You can disable it by turning off "Handoff" in your iOS settings


One of my hobbies is looking at url strings with GET key/value pairs. Programmers must forget that they're visible to users. LinkedIn has a search workflow that shows "origin=TYPEAHEAD_ESCAPE_HATCH" which I've always found humorous.


> Programmers must forget that they're visible to users.

GET parameters aren't usually visible to users; with the deemphasis of the URL bar, you'd have to have an incredibly short URL for that to even be a possbility. Right now I'm looking at

    https://news.ycombinator.com/reply?id=23717577&goto=item%3Fi .......
That's one visible parameter. There's PLENTY OF SPACE for firefox to show the rest of the URL, but it won't; instead, a bunch of icons are unhelpfully crammed into the same horizontal layout.

In the larger sense, where users can see the parameters if they intentionally look for them, despite the fact that they are normally invisible, POST parameters are just as visible.


> That's one visible parameter. There's PLENTY OF SPACE for firefox to show the rest of the URL, but it won't; instead, a bunch of icons are unhelpfully crammed into the same horizontal layout.

Right click on the "crammed" icon area, pick "customize", and then you can drag and drop the icons crammed into the space into another bar (or out of the UI entirely if they are icons for things you never use), which should then recover much of the lost space.


As a marketer, there's valuable competitive info that is sometimes inadvertently included in these around targeting, testing, etc.


Yeah I noticed that too. If you go to the profile page of someone who has the LinkedIn pro version and hover over the gold "in" symbol next to their name, it links to a URL containing

    upsellOrderOrigin=premium_badge_profile_upsell


That's pretty funny. It might as well say “sucker”.


Haha I worked on that flow. It's the escape hatch because we didn't find what you were looking for in the typeahead, so we have to let you escape to the full SERP results page.


Admittedly, all because I don't want to ding the user that I viewed their profile, but the search results shows enough...


Discord throws the warning every time you tap on the text box. https://www.reddit.com/r/discordapp/comments/hfcvbu/is_disco... fixed with a single line change. They were trying to determine if the paste button should show up or not.

I am curious what LinkedIn is actually doing with the data. Is it being exfilled somehow? Or is it just doing something in a really dumb way? I don't trust them at all to not be taking the data, but what purpose does it have?


This is precisely how Chinese authorities track down activists using apps without Location data, it was disclosured few weeks ago.

They patiently read user's clipboard data and wait for a picture taken and copied to clipboard, then extract its EXIF geoloc tags and send the coordinates to the police.


Mind linking to a news source for this? Curious to read more about it.


I tried but it was lost in my twitter feed.

Damn those non-chronological timelines.


hypothesis: "technology" is largely data collection platforms with thin veneers on top (social networking, dating, food delivery, etc)

if you agree with that premise, then it's no surprise that every possible source of data that can be collected upon, will be collected upon.


That's a near restatement of Zuboff's Third Law:

Every digital application that can be used for surveillance and control will be used for surveillance and control, irrespective of its originating intention.

Coined in the early 1980s, in The Age of the Smart Machine.

https://en.wikipedia.org/wiki/Shoshana_Zuboff


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: