In the beta version of iOS 14, the full release of which is planned for the fall of this year, a new function has appeared that alerts the user if an application checks the contents of the clipboard.
Using a new feature last week, users noticed that the Chinese TikTok mobile application, at short intervals, checks the contents of the clipboard. TikTok developers hastened to explain that this was due to the work of the fraud detection mechanism, and the company never stole information from user clipboards. At the same time in TikTol promised get rid of this functionality in the near future.
Now, users have found that LinkedIn for iOS is showing similar behavior. Yesterday, Urspace.io, the developer of the portal, posted a video on Twitter that demonstrates how LinkedIn reads the contents of the clipboard after each keystroke, and also accesses the shared buffer function, which allows iOS applications to read contents from the macOS clipboard. The researcher emphasized that this is not a bug, but the normal behavior of the application.
LinkedIn is copying the contents of my clipboard every keystroke. IOS 14 allows users to see each paste notification.
I’m on an iPad Pro and it’s copying from the clipboard of my MacBook Pro.
Tik tok just got called out for this exact reason. pic.twitter.com/l6NIT8ixEF
– Don 𝘧𝘳𝘰𝘮 urspace.io (@DonCubed) July 2, 2020
Today, July 3, 2020, LinkedIn Vice President Erran Berger made an official statement on behalf of the company and promised to rectify the situation. He writes that LinkedIn does not store or transfer the contents of the clipboard in any case, and this function only checked whether the content entered in the text field matches the contents of the clipboard. Obviously, we are also talking about protective functionality, because the malware often replaces the contents of user clipboards, for example, replacing the address of a real cryptocurrency wallet with a purse of malicious users.
Hi @DonCubed. Appreciate you raising this. We've traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box. We don't store or transmit the clipboard contents.
– Erran Berger (@ eberger45) July 3, 2020