After the discovery back in March that popular video-sharing service TikTok was accessing content held on iOS users’ clipboards, the company promised to address the issue.
However, it has now come to light that TikTok continued to engage in clipboard snooping practices – along with a further 53 iOS applications.
The phenomenon was first uncovered by researchers Talal Haj Kakry and Tommy Mysk, but the full extent of the problem was revealed last week with the release of the iOS 14 developer beta, which notifies users whenever an application accesses the clipboard.
Services found guilty of the invasive practice span a variety of genres and include high-profile apps such as New York Times, Fox News, Fruit Ninja, Bejeweled, Viber, AliExpress and more.
It is unclear whether the same selection of apps also scrape the clipboard data of Android users.
iOS clipboard data
While much of the data copied to clipboards is likely to be innocuous, a problem arises if a user has copied sensitive personal information, login credentials, cryptocurrency wallet addresses or any other form of private data.
The issue is also aggravated by Apple’s universal clipboard feature, which sees a single clipboard shared between all devices with a common Apple ID that are within a few metres of each other.
The feature is designed to allow Apple fans to easily copy and paste data back and forth between multiple iOS devices, but in this instance could also allow an invasive app installed on one device to read data copied from another.
Despite having promised to put a stop to the practice months ago, it was found that TikTok still accesses clipboard data – and much more frequently than first thought. The app scrapes information whenever the user enters a punctuation mark or presses the spacebar; in other words, every few seconds.
“Following the beta release of iOS 14 on June 22, users saw notifications while using a number of popular apps,” a TikTok spokesperson told The Telegraph.
“For TikTok, this was triggered by a feature designed to identify repetitive, spammy behavior. We have already submitted an updated version of the app to the App Store removing the anti-spam feature to eliminate any potential confusion.”
“TikTok is committed to protecting users’ privacy and being transparent about how our app works.”
The developers of 10% Happier: Meditation and Hotel Tonight quickly joined TikTok in promising to address the invasive practice, but the remaining offenders have yet to comment.
The full list of clipboard-scraping applications is as follows:
News
– ABC News
– Al Jazeera English
– CBC News
– CBS News
– CNBC
– Fox News
– News Break
– New York Times
– NPR
– ntv Nachricten
– Reuters
– Russia Today
– Stern Nachrichten
– The Economist
– The Huffington Post
– The Wall Street Journal
– Vice News
Games
– 8 Ball Pool
– AMAZE!!!
– Bejeweled
– Block Puzzle
– Classic Bejeweled
– Classic Bejeweled HD
– FlipTheGun
– Fruit Ninja
– Golfmasters
– Letter Soup
– Love Nikki
– My Emma
– Plants vs Zombies Heroes
– Pooking – Billiards City
– PUBG Mobile
– Tomb of the Mask
– Tomb of the Mask: Color
– Total Party Killer
– Watermarbling
Social
– TikTok
– ToTalk
– Truecaller
– Viber
– Weibo
– Zoosk
Other
– 10% Happier: Meditation
– 5-0 Radio Police Scanner
– Accuweather
– AliExpress Shopping App
– Bed Bath & Beyond
– Dazn
– Hotels.com
– Hotel Tonight
– Overstock
– Pigment – Adult Coloring Book to Color
– Sky Ticket
– The Weather Network
Via Ars Technica