It only takes a few seconds. How many sensitive things do you do on your laptop every day? How many passwords to you copy/paste from your password manager? How many emails do you type up? How many websites do you copy/paste to share through private messages?All of that is going to your clipboard, which is getting shared with your iPhone, which can then be accessed by various companies through their iPhone apps, and stored in their servers around the world.This "feature" is called Universal Clipboard or "Handoff." And it is enabled by default on every Mac.For your privacy, I recommend you turn this feature off immediately. And it gets worse.Now I'm going to tell you something else that will really make your blood boil: If you use a Mac, your iPhone has access to your Mac's clipboard by default.And this means, by extension, the apps installed on your iPhone also have access to things you copy to your Mac's clipboard.Think about that. Here's how: You can read the full disclosure document by the security researchers who discovered this exploit here. And they are just now taking steps to restrict apps' access to your clipboard, and to notify you when an app accesses the contents of your clipboard.This was never an issue for Apple until privacy advocates started raising awareness of this earlier this week.Here's an insane supercut of several well-known apps stealing the contents of your clipboard (which now triggers a notification in the newest version of iOS.)Some apps, like TikTok, use this clipboard exploit even while running in the background to steal every single character you type into any app.Here's an example of this discovered when Apple started showing clipboard notifications in the iOS 14 beta:IOS 14 beta has a banner to confirm when you paste from another device (eg copy on a Mac and paste on iPhone)Seems to be bugging out and showing with every keystroke in TikTok pic.twitter.com/aFKNfZnpyb— Jeremy Burge June 24, 2020Apps can even use this clipboard exploit to get your location data without you ever granting them permission. There's no way to know for sure what they are using your clipboard data for.Apple has known about this for a long time.But they may eventually get hacked. (I put the word vulnerability in quotes because, again, Apple has known about this for a long time and initially refused to do anything about it.)Here's a list of apps who have been caught red-handed stealing your clipboard data: 10% Happier: MeditationAnd last but not least, change your passwords! Assume that these passwords have been intercepted by these clipboard-thieving apps are now in private data centers all over the world.Sure – these companies are unlikely to use your passwords. You've just turned off Universal Clipboard Handoff.My advice would be to uninstall all the apps that have been stealing information from your clipboard without your consent.These apps have violated your trust by abusing this "vulnerability" in iOS. A screenshot of the General section of Mac OS's settings Congratulations. If you look all the way at the bottom of this menu, you will see an option that says "Allow handoff between this Mac and your iCloud devices." Uncheck the box next to this. A screenshot of Apple Spotlight Search Step #2: Uncheck Handoff.A menu will pop up when you click "General" under the "System Preferences" option.You can follow me on Twitter for more no-nonsense security tips. Don't let the bad guys win. Me? I just uninstalled basically all 3rd party iPhone apps and use the Brave browser or the Firefox Focus browser for everything.It really is a jungle out there. It's been going on for maybe years.And in case you're curious, Android is just as permissive with letting 3rd party apps access your clipboard data.Switching to Android won't save you, but switching to a feature phone might, if that's a sacrifice you're willing to make.
![]() ![]() ![]() How Can I Turn Off When Running Long Program Full Disclosure Document
0 Comments
Leave a Reply. |
Details
AuthorLaura ArchivesCategories |