LinkedIn Sued for Reading Universal Clipboard Data

[Westside guy]

I personally was always a little suspicious of LinkedIn.

LinkedIn has been caught, repeatedly, doing jenky stuff. Even if you need to maintain some sort of presence on their website, you should never ever trust them.

 

[DeepIn2U]

This makes me glad I never installed their app (or Facebook or anything similar). If I need to check it I simply open it in the browser which works just fine. Don’t trust any of the apps for these “free” social services. This clipboard thing was discovered now because of iOS 14, who knows what else they are doing that we don’t know about.

The problem is the browsers does NOT block this behaviour nor ever warn you of it.

Therein lies the argument battle of browser vs app.

 

[Westside guy]

LinkedIn stole my bitcoin, my credit cards, my passwords, national secrets.

LinkedIn stole my girlfriend.

(But please, don't tell my wife)

 

[jicon]

Reddit had code that did this. Fairly interesting reason why.

Reddit promises to stop accessing user clipboards after being exposed by iOS 14 - 9to5Mac

iOS 14 is only in developer beta, but it’s already exposing just how often some applications are checking users’ clipboards....

www.google.ca

 

[C DM]

Damn, quite on point. I think that if Apple notified the user if an app is trying to read or get information from the camera/mic/etc we would find some more skeletons. Pretty sure “spying driven” business have found ways to circumvent the current settings to their benefit.

Well, for camera/mic/photos/location permission needs to be given first by the user. In iOS 14 there are additional notifications when those are accessed/used, after permission has been given before.

 

[Tech198]

LinkedIn = bad boy.

 

[DCIFRTHS]

At least Dunkin says in their terms they will track you even when not using the app.
I’m sure the next step for like a Starbucks will be to update their terms and say use our app or not. If you want our rewards then accept it or not. How many companies will double down.

Is Dunkin saying they will track your location, or what you do on your phone? Serious question.

With regards to rewards, I will choose to delete the apps unless I’m given the choice of letting companies locate me, or copy from my clipboard.
[automerge]1594531002[/automerge]

The problem is the browsers does NOT block this behaviour nor ever warn you of it.

Therein lies the argument battle of browser vs app.

Are you saying that if I open a browser, and navigate to a url, the site can read my clipboard?

If yes, do you know if this is all browsers (including Safari on iOS)?

 

[C DM]

Not sure how something that can basically be a bug can really be litigated. Even that aside, seems like actual ill intent would need to be demonstrated and actual damages.

 

[chengengaun]

whats the clipboard? Is that the notes app?

Not Notes, but a buffer that holds the content that you copied from apps (text, images, etc.). If you copied confidential stuff e.g. financials and unprotected passwords, apps that can access your clipboard can potentially snoop your secrets and store them elsewhere.

 

[Ishayu]

GOOD.

i hope they win and set a precedent.

I use a password maanger, specifically KeePass, and I was completely baffled to see my clipboard was being spied upon. I have my passwords in there! What the heck is the point of a password manager if this is taking place?

I swear to God, Apple just did the world a massive favour in exposing this BS. I’ve just about had enough of every app being spyware. Enough is enough!

 

[gnasher729]

Wouldn’t doubt that Apple will soon be sued for “allowing“ this sort of thing to happen in the first place.
Remember, the laws are in place to satisfy those seeking out the shake down of those with the deepest pockets.
I *could be wrong.

So you think someone will sue Apple for implementing copy and paste, which is over 40 years old.
[automerge]1594546163[/automerge]

When your phone is near your other Apple devices (or at least on the same WiFi network) Apple has features like Hand-Off that lets your Apple devices pass information between them including clipboard contents. I saw a screen recording where the LinkedIn iPhone app pasted the clipboard of the user’s MacBook Pro even though they were not using LinkedIn on their MacBook Pro. So I assume that would apply to other iPads, iPhones, Macs, etc that the user is logged into on the same Apple account. Not sure about other users nearby — LinkedIn seems pretty advanced in their spying so I will not say they can’t do that. But at least how Hand-Off works, you need to be logged into the same iCloud account on the devices.

Just note that this is an intentional feature-you can write text on your Mac with Pages or Word, copy it, pick up your iPad and paste it into LinkedIn. Since both devices are _your_ devices this is the same as if it happened on a single device. People would complain like mad if you couldn’t do it.
[automerge]1594546647[/automerge]

I hope every company that was caught stealing clipboard data from its users will get totally obliterated by a horde of thirsty lawyers.

But have they been caught _stealing_? The whole purpose of the clipboard (copy/paste) is that you copy stuff in one place and paste it in another place. These lawyers will have to show evidence that LinkedIn itself is sending that information elsewhere.

 

[-DMN-]

Good! I hope they are all taken to the cleaners.

And come out with bleach stains and iron burns!!

 

[MacBH928]

all the apps seem to suffer from the same "bug" 🤣🤣
Honestly people deserve it for dealing with evil companies. Come to the privacy side guys and buy your respect as a human being with your donation dollars.

 

[iOS Geek]

On one hand, the trusting type of person I am would say maybe it’s a bug in the iOS beta that’s triggering the notification about an app pasting from the clipboard when it may not actually be doing so.
On the other hand...I got a notification about it when I opened the Weather Channel app...and that was weird as crap.

My Siri Shortcut for clearing the Universal Clipboard is proving to be pretty useful! 😂

 

[vodouman]

I’m surprised that nobody has mentioned that the McDonalds app does this. At least here in UK anyway.

 

[shplock]

Can someone shed some light on how Linkedin was able to scrape clipboard information from "nearby Apple devices"? Does that mean a strangers iPhone with Linkedin who just happened to be in the same store or a bus was able to ready my clipboard?

I believe it is referring to Apple's universal clipboard feature where if you and your parter say, both own an iPhone for example you can both use the same clipboard. Linkdn is accused of reading that universal clipboard and thus getting data from iPhones etc that the suer may own or a member of their family etc owns even though the app is not installed on that other device.

 

[I7guy]

LinkedIn has been caught, repeatedly, doing jenky stuff. Even if you need to maintain some sort of presence on their website, you should never ever trust them.

There is not much a difference in how I interact with a website whether I trust them or not.

edit: but I tend not to load 3rd party apps unless absolutely needed.

 

[Deliro]

Wonder what they use the data for.. Linkedin used to be a useful site for me, but because some of the users, its become another facebook with people posting political messages and even one had photos of their food. I go there not to read your side of a social debate, I go there for latest industry news and job related articles. Had to unfollow Guy Kawasaki months ago..

 

[Sedulous]

It is outrageous that these companies would abuse their own customers this way (in the cases where app is used as such). Have any of them stated a legitimate reason for clipboard scraping?

 

[gnasher729]

Two questions for you.
1.Why does the app request the clipboard contents without a user initiated request?
2.Does Apple require you submit the app source code such that they could review when nefarious code was inserted?

1. That’s absolutely common. An app doesn’t know whether the clipboard contents can be pasted without looking at the contents. So the app developer looks at the clipboard contents to decide whether a “Paste” button should be shown instead of always showing it, and if the user tries to use “Paste” giving an error message. There is so much nonsense posted here by people who don’t have a clue of app development.
2. No.

 

[MedRed]

Apple really needs to address these clipboard issues. We are seeing a lot of variations of clipboard abuse by 3rd party
apps lately.

 

[Sedulous]

Apple really needs to address these clipboard issues. We are seeing a lot of variations of clipboard abuse by 3rd party
apps lately.

But if as gnasher said, it sometimes is legitimate and necessary, maybe it is just how things need to work?

 

[370zulu]

Thank you Apple for exposing this.

I spent some time checking the apps that I had installed on my iPhone and on both of my Macs. After reading the privacy policies, I removed several of those apps. I’m not a lawyer and I’m not going to pretend to know all of the legal speak and potential double-talk in many of the privacy policies. It’s just not worth it. If I cannot clearly understand the privacy policy, I’m not going download or buy the app.

 

[talones]

Wait wait, but ios14 doesnt show that Safari is reading the clipboard, when it IS. Why does LinkedIn get thrown under the bus, but Apple doesnt have to tell you what they're doing with the data?

 

[dannyyankou]

Some good news: Accuweather just had a major update with a redesign, and it no longer copies from the clipboard. At least on my end.

And it’s a pretty good update I must add.