After the discovery back in March that popular video-sharing service TikTok was accessing content held on iOS users’ clipboards, the company promised to address the issue.
However, it has now come to light that TikTok continued to engage in clipboard snooping practices - along with a further 53 iOS applications.
The phenomenon was first uncovered by researchers Talal Haj Kakry and Tommy Mysk, but the full extent of the problem was revealed last week with the release of the iOS 14 developer beta, which notifies users whenever an application accesses the clipboard.
- Check out our list of the best business smartphones on the market
- We've built a list of the best iPhone VPNs around
- Here's our choice of the best iOS productivity apps out there
Services found guilty of the invasive practice span a variety of genres and include high-profile apps such as New York Times, Fox News, Fruit Ninja, Bejeweled, AliExpress and more.
It is unclear whether the same selection of apps also scrape the clipboard data of Android users.
iOS clipboard data
While much of the data copied to clipboards is likely to be innocuous, a problem arises if a user has copied sensitive personal information, login credentials, cryptocurrency wallet addresses or any other form of private data.
The issue is also aggravated by Apple’s universal clipboard feature, which sees a single clipboard shared between all devices with a common Apple ID that are within a few metres of each other.
The feature is designed to allow Apple fans to easily copy and paste data back and forth between multiple iOS devices, but in this instance could also allow an invasive app installed on one device to read data copied from another.
Despite having promised to put a stop to the practice months ago, it was found that TikTok still accesses clipboard data - and much more frequently than first thought. The app scrapes information whenever the user enters a punctuation mark or presses the spacebar; in other words, every few seconds.
“Following the beta release of iOS 14 on June 22, users saw notifications while using a number of popular apps,” a TikTok spokesperson told The Telegraph.
“For TikTok, this was triggered by a feature designed to identify repetitive, spammy behavior. We have already submitted an updated version of the app to the App Store removing the anti-spam feature to eliminate any potential confusion.”
“TikTok is committed to protecting users’ privacy and being transparent about how our app works.”
The developers of 10% Happier: Meditation and Hotel Tonight quickly joined TikTok in promising to address the invasive practice, but the remaining offenders have yet to comment.
The full list of clipboard-scraping applications is as follows:
- ABC News
- Al Jazeera English
- CBC News
- CBS News
- Fox News
- News Break
- New York Times
- ntv Nachricten
- Russia Today
- Stern Nachrichten
- The Economist
- The Huffington Post
- The Wall Street Journal
- Vice News
- 8 Ball Pool
- Block Puzzle
- Classic Bejeweled
- Classic Bejeweled HD
- Fruit Ninja
- Letter Soup
- Love Nikki
- My Emma
- Plants vs Zombies Heroes
- Pooking - Billiards City
- PUBG Mobile
- Tomb of the Mask
- Tomb of the Mask: Color
- Total Party Killer
- 10% Happier: Meditation
- 5-0 Radio Police Scanner
- AliExpress Shopping App
- Bed Bath & Beyond
- Hotel Tonight
- Pigment - Adult Coloring Book to Color
- Sky Ticket
- The Weather Network
Update: June 30
*Viber has provided TechRadar Pro with an additional comment, found below:
"While the described issue of saving clipboard items exists in other apps, Viber has never used this option since it has a very strong commitment to its users' privacy. Back in April when Viber was notified about the potential exploit of this feature, Viber immediately made the necessary changes to block this option altogether."
- Here's our list of the best iPhone antivirus apps available
Via Ars Technica