A small change from Apple in iOS 14 has in many ways opened the pandora’s box and revealed the shady tactics employed by many apps of silently reading clipboard data in the background. A number of popular apps including TikTok were caught constantly reading clipboard data and with Apple’s name and shame approach in iOS 14, they were forced to acknowledge and fix the issue. Now, the LinkedIn iOS app has also been found reading and copying content from the clipboard on iPhones and iPads in iOS 14.
As discovered by @DonCubed and revealed on Twitter, the LinkedIn app on his iPad Pro was copying the clipboard content from his MacBook Pro after every keystroke thanks to the Universal Clipboard feature that’s available across Apple devices.
Hi @DonCubed. Appreciate you raising this. We’ve traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box. We don’t store or transmit the clipboard contents.
— Erran Berger (@eberger45) July 3, 2020
A LinkedIn spokesperson reached out to ZDNet and confirmed that this is a bug and not the app’s intended behavior. LinkedIn’s VP Engineering of Consumer Products, Erran Berger, also took to Twitter to clarify the bug. He noted that they traced this bug to a code path that “does an equality check between the clipboard contents and the currently typed content in a text box.” He also confirmed that the app was not storing or transmitting clipboard content in any way.
Many times, people tend to have sensitive content in the clipboard of their device including login credentials for banking services or other online accounts. Apps silently reading clipboard data is a major privacy risk that has sadly been a widespread practice across the app industry. This is why the change in iOS 14 from Apple to inform users whenever an app reads clipboard data is a big move as it will force developers to fix this behavior or at least be mindful of how they use it.