Over the last one week, there has been controversy in the market that Tiktok is spying on your clipboards. Some security researchers and organizations found out that some other apps are too doing the same which raises security concerns for the end user. This is just because of the new ios14 feature which exposed these apps.
Privacy is a big concern to all of us in today’s time. We can spend a lot of money to keep our privacy intact but we just can’t let any company to secretly spy on our private data. The GDPR consent which users signs either he visits a website or signs up in an application ensures that some of the data is being taken from the user to maintain his experience on the internet. It has really become a controversy in the past because in the name of GDPR they are extracting some other data which they are not intended to.
Trust and faith both comes with a greater responsibility. We come to a conclusion that if a big organization is even spying on our clipboard, it should be with the end user’s consent. The similar ios14 feature has allowed a researcher to found a fact that what linkedin is doing from some time. Let’s see this:
PROOF OF CONCEPT
The new ios14 has exposed many application with a charge of spying on your clipboard. This new feature is a simple one which allows users to keep an eye on the activites which are happening behind their clipboard. Using this feature, few days back Jeremy Burge tweeted this act of spying on clipboards by Tiktok. He too explained the fact of how this trigger can be reproduced .
This time another guy tweeted the same thing opposing Linkedin in which he tweeted a video of how Linkedin is spying on your clipboard using the same ios14 feature.
The video can be found out by clicking here.
In this video you can clearly see that Linkedin is keeping an eye on your clipboard.
The guy behind this tweet has a username @DonCubed. This video has just crossed more than even 1000 retweets in merely 16 hours. The guy also tweeted that though this does not violate any specific laws but this is a major risk while you have sensitive data stored on your device.
Vice President of Engineering and Consumer Products at Linkedin, Erran Berger responded that “We have just traced a code that only does an equality check between the clipboard contents and currently typed contents. We don’t store or transmit any of the contents between our server.”
The officer also announced that an open source Github Library allows the user to absolutely abolish this feature in IOS app and said that “we will follow up once this issue will be fixed in our live app.” The github library is https://github.com/linkedin/Hakawai.
CONCLUSION
This issue is a big privacy concern for the users who are using that application as sensitive data of user is being tracked by the organization. We just hope that these organizations will respect the customer’s privacy rights and they will fix this soon.
