Shulou(Shulou.com)05/31 Report--

Benshaw found that many friends were interested in iOS 13.4 not preventing applications from reading clipboard information. Benshaw collated some information about iOS 13.4 to prevent applications from reading the clipboard and sharing it here.

The iOS Security duo Mysk has confirmed that the problem that caused popular iPhone and iPad applications to snoop on the iOS clipboard has not been fixed in iOS 13.4.

In a blog post on March 10, Mysk detailed the following revelations:

This article examines some popular applications that often access the pasteboard without the user's consent. These apps range from popular games and social networking applications to news apps of major news organizations. We found that every time we open an application, many applications quietly read all the text on the pasteboard. The words on the sticker may be as simple as the shopping list, or they may be more sensitive: passwords, account numbers, etc.

The IOS clipboard (also known as the clipboard) is the place where information is stored, copied, and pasted when in use. Therefore, it may contain any information you might copy or paste, such as a phone number, a message from a friend, a password, or a credit card number.

From Mysk:

We explored the popular apps in the App Store and observed their behavior using standard Apple development tools. The results show that although there is only text-based data, many applications often access the pasteboard and read its contents without the user's consent.

After the release of iOS 13.4, we caught up with Mysk, and they confirmed that Apple did not solve this problem in iOS. According to Say, tests showed that Apple did not make any changes to minimize the risk of snooping or even prevent widgets from accessing the clipboard. While this is disturbing, other developers are aware of the problem and have been working on it.

In one tweet, the developer told a confused user 10% that he asked if he wanted to monitor the following:

We attach great importance to privacy and understand your concerns about accessing the mobile clipboard. We have determined that this behavior is caused by the software of one of our suppliers. We don't track content, and we're working with them to disable this feature completely.

Maersk also said that "we have to know" that Google's mobile advertising SDK is one of the libraries that caused the problem. Until recently, Google said it was used to help developers debug SDK and integrate it into applications, a problem it fixed in version 7.44.0 released last year.

As mentioned earlier, guilty applications include Tik Tok, ABC News, CBS News, Consumer News and Business Channel, Fox News Channel, New York Times, Reuters, Wall Street Journal, eight Ball Pool, etc. You can read the complete initial report here. At the end of the study, Mysk pointed out that "many popular applications will read the text contents of the pasteboard," but it is not clear what the data is doing, and Apple must act.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.