The new privacy feature on iOS 14 revealed that Microsoft's LinkedIn app regularly collects user clipboard information.
Apps accessing the pasteboard without permission are dangerous:
We paste everything - from passwords to different websites, to credit card numbers and more.
The new trial version of iOS, the iPhone operating system, has revealed some popular apps' problematic privacy practices. The iOS feature provides users with the ability to see which applications use information from their Clipboard (a "Copy Board" of all the information the user copies). Last month, it was revealed that TikTok and Reddit use the same technique. They are collecting each character you copy on your device. TikTok uses this information often.
This was not an exciting exposure. TikTok's reputation is not known for their information privacy. On Saturday, July 4, it was revealed that another surprising application also uses this information: Microsoft's LinkedIn app uses the same practice: They regularly collect the data from the users' board.
LinkedIn has since released an update to its app for iPhone, which stops this activity. A LinkedIn spokesperson told ZDNet that this was a bug and not a deliberate action. In the meantime, they know all you are doing!
Reddit, the popular app, had also adopted a similar practice. Reddit also issued an update to the app and removed the code that executed it.
As early as February, two app developers raised concerns about apps' ability to access the Tablet and iPhone and copy content from it without a user's permission. Apps accessing the pasteboard without permission is dangerous: We paste everything - from passwords to different websites, to credit card numbers and more.
The exposure about LinkedIn, which was first published on ZDNet, is based on a test conducted by a software developer from Urspace.io. Experiencing a new feature of the operating system, he discovered that the LinkedIn app accessed every character he typed and pasted it into its servers. He documented the alerts he received about this activity in the video and uploaded it to his Twitter account.
Mr. Erran Berger, V.P of Engineering at LinkedIn, commented on the developer's tweet on Twitter, writing: "…We appreciate you raising this. We've traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box. We don't store or transmit the clipboard contents."- Bottom Line: Everything you do on the phone or computer; someone will be able to view it. That someone will use it or sell it.