TikTok app to stop accessing user clipboards after being caught in the act

Great to see another layer of transparency in ios14.<p>Bit I wonder why everyone talking about one specific app? I see a huge bias towards TikTok in headlines<p>&quot;iOS 14 caught TikTok and other apps spying on the clipboard&quot; [0]<p>&quot;iOS 14 beta shows apps like TikTok still spy on your iPhone&quot; [1]<p>There a bunch of apps like VICE, Google News, WSJ that has been caught doing exactly the same. [2]<p>I may find the explanation why TikTok did that. In China WeChat blocks direct links to their competitors. So apps like Taobao or Douyin have to find a workaround for deeplinks. When you want to share the video from Douyin with a friend in WeChat, Douyin generates the following message.<p>在东京刚毕业入职三个月的职场小白 搬家找房 坚持更新#日本vlog #东京 <a href="https:&#x2F;&#x2F;v.douyin.com&#x2F;J8ceMYY&#x2F;" rel="nofollow">https:&#x2F;&#x2F;v.douyin.com&#x2F;J8ceMYY&#x2F;</a> 复制此链接，打开【抖音短视频】，直接观看视频！<p>In WeChat the link is not clickbale. To see the content user has to copy full text and go to the Douyin. The app will read the clipboard and perform the transition to the video. On the link below you can find the video - explanation [3]<p>Probably they had re-use some code in TikTok. Definitely they need to be more accurate towards data safety but I don&#x27;t think they really made a pipeline for spying using clipboard.<p>There is a lot of buzz around TikTok these days, but I want to get an answer from other apps as well.<p>[0] <a href="https:&#x2F;&#x2F;bgr.com&#x2F;2020&#x2F;06&#x2F;26&#x2F;ios-14-beta-privacy-features-tiktok-spying-clipboard-data&#x2F;" rel="nofollow">https:&#x2F;&#x2F;bgr.com&#x2F;2020&#x2F;06&#x2F;26&#x2F;ios-14-beta-privacy-features-tikt...</a><p>[1] <a href="https:&#x2F;&#x2F;mashable.com&#x2F;article&#x2F;iphone-ios-14-privacy-clipboard-apple-apps&#x2F;" rel="nofollow">https:&#x2F;&#x2F;mashable.com&#x2F;article&#x2F;iphone-ios-14-privacy-clipboard...</a><p>[2] <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=pRSWdtoUAjo" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=pRSWdtoUAjo</a><p>[3] <a href="https:&#x2F;&#x2F;twitter.com&#x2F;kidrulit&#x2F;status&#x2F;1277629462721384448" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;kidrulit&#x2F;status&#x2F;1277629462721384448</a>

The security implications of allowing communications on a platform that is subject to the absolute control of a foreign government, seems like a very very bad idea. That can be a lesson learned the easy way or the hard way.

Most of the anti-TikTok comments that have emerged recently are beyond hysterical. We are arguing about China using this app as a primary nexus of intelligence gathering, in a world where they already have the US government’s entire OPM database?[1]<p>A lot of apps are doing the stupid clipboard detection thing. As others have commented, there’s reasons for this that range from spam detection to link shortening. It’s lousy, I agree, but this has been a very common thing in a pre-iOS 14 world.<p>1: <a href="https:&#x2F;&#x2F;en.m.wikipedia.org&#x2F;wiki&#x2F;Office_of_Personnel_Management_data_breach" rel="nofollow">https:&#x2F;&#x2F;en.m.wikipedia.org&#x2F;wiki&#x2F;Office_of_Personnel_Manageme...</a>

Too little, too late. Already forced the family to uninstall it and its gone forever. Wish the kids could understand that its spyware with access to a lot of toxic social media.

I&#x27;m happy that ios14 is adding more transparency on whats apps are accessing like this clipboard situation. I&#x27;d love to see more of these, like camera roll and mic access.

This is so ridiculous. Google Maps accesses the clipboard. Try it out: copy an address and open maps.<p>So do Facebook and Instagram, I’m sure.<p>The level of paranoia in the Valley is astounding.

Can someone answer why iOS even allows the ability to read the clipboard buffer in the first place? Just seems like poor privacy and security design.

I recently made the change in Firefox on macOS to stop websites from accessing the clipboard [1], and now pasting into Facebook is completely broken.<p>I wonder if they&#x27;ve been checking out my clipboard contents.<p>[1] <a href="https:&#x2F;&#x2F;www.ghacks.net&#x2F;2014&#x2F;01&#x2F;08&#x2F;block-websites-reading-modifying-clipboard-contents-firefox&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.ghacks.net&#x2F;2014&#x2F;01&#x2F;08&#x2F;block-websites-reading-mod...</a>

When I installed TikTok, my phone&#x27;s battery life shortened by 2-3x. That&#x27;s suspicious enough for me to stay far away from it

Apple manually reviews the code of every app update. Why aren&#x27;t they blocking this functionality from getting released in the first place?<p>I feel like every time I submit an app update I get questioned about why my app needs access to $xyz feature.

An interesting reddit comment by someone who uncovered many more shady data collection practices by Tik Tok: <a href="https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;videos&#x2F;comments&#x2F;fxgi06&#x2F;not_new_news_but_tbh_if_you_have_tiktiok_just_get&#x2F;fmuko1m&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;videos&#x2F;comments&#x2F;fxgi06&#x2F;not_new_news...</a>

Just wanted to inform audience here that TikTok is blocked in China. [1]<p>[1] <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;List_of_websites_blocked_in_mainland_China" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;List_of_websites_blocked_in_ma...</a>

Duplicate of: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=23653562" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=23653562</a>

Stuff like this is why I prefer a reactive web interface over a mobile app.<p>It seems like unless you need direct access to the camera or it’s a game a web version should be fine.

I&#x27;m starting to think these devices need to provide examples when throwing up the permissions prompt. Worst case examples of what this permission can enable so that app developers might at least try to limit their requests.

Good on Apple. This and backwards compatibility, make a compelling case for iOS.

Why do phones need the clipboard at all? There is a &#x27;share with&#x27; infrastructure. Why not explicitly send copied data to the desired app directly instead of storing it in a central place?

Tim tok has no business snooping into by clipboard. It is bad behaviour irrespective of if it was nefarious or not. No need to justify this by bringing up behaviour of apps.

Too little too late. They should be barred from US markets however there may be worse actors out there that borderline criminals could call ‘industry standard’.

TikTok also is violating COPPA. Any underage child that signs up with a Google Account, you can clearly see from the Google account settings that they are collecting email addresses and other personal information. I believe Google and other app store providers should just remove them.

Is it possible for apps to read photos (not just metadata)?

Ya, little fucking late to back track that now.

It looks like apps can spy as much as they want and that it has little implications for the perpetrators... &quot;ooops sorry! now let&#x27;s carry on&quot;

Hotels.com and a host of others did the same thing, indicating that this is not particular nefarious.<p>However we keep talking about TikTok.<p>Why is that?

but what&#x27;s next?

maybe i do not know how clipboard works, but the message &quot;&lt;active app&gt; pasted from &lt;inactive app&gt;&quot; is the worst possible label.<p>Also funny how every app shows it. Guess IOS14 will be known by non technical users as &quot;the cookie-law iphone version&quot; and everything will continue as usual.

Tiktok has a lot of money. They can control speculator, then control America, then everyone.

This is just an overblown yellow-peril panic, right? How does any app paste? By &quot;accessing the user clipboards&quot;. How does the chrome omnibox do &quot;text you copied&quot;? By &quot;accessing the user clipboards&quot;.