Apollo is what every iOS app should aspire to be.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Reddit to Release Fix for iOS App to Remove Clipboard Copying Behavior
- Thread starter MacRumors
- Start date
- Sort by reaction score
Apollo is what every iOS app should aspire to be.
unfunfionn
macrumors 6502
I don’t believe this was by accident. Anybody who uses official Reddit apps will see desperate UX patterns all over the place. The iOS app refusing to accept that you don’t want notifications or location access, ads displayed as Reddit content, not being able to disable aggressive new web features like ‘similar subreddit’ or that awful Reddit TV thing that comes back every time you reload the page even if you select the option to see less of it in future. And yes I use Apollo now, but that’s not my point.
They’re disabling this because they got caught, but they’ll find something else.
They’re disabling this because they got caught, but they’ll find something else.
Kabeyun
macrumors 68040
Yadda yadda yadda.
Dozens of devs have inserted code to copy clipboard contents be accident. Riiiight. I’m sure they’re all so sorry for their mistake. “Proceed until caught, then modify and apologize” is what all the internal memos said.
The worst part is that it’s collectively our fault; as a group customers are either stupid or don’t care. If we cared, there’s be enough meaningful outrage to boycott the dev and kill the app. Facebook would be dead. But at most there’ll be the usual short-lived huffing and puffing, followed by further support for these charlatans.
Does this notification happen on the iPadOS 14 beta? I have that installed on my iPad Pro, but haven't seen a single notification like the screenshots.
rtomyj
macrumors 6502a
BS. I haven’t developed on iOS enough to know for sure, but Java, JS, and other languages have listeners for actions such as key presses and touch/mouse inputs. Doing a quick Duck Duck Go search i do see a stack overflow post that seemingly confirms that there is also an option for Swift and Obj-C: https://stackoverflow.com/questions/16016729/how-to-detect-keyboard-key-pressed-in-iphone
There is absolutely no reason for a social media App to track your clipboard. Users have the ability to paste themselves. Devs don’t need it for debugging. Heck, your claimed “bot” prevention can be easily achieved by timeouts, listeners, and content reading on each post pre posting.
They don’t care about you or your privacy.
Alot of apps that use web addresses or like Reddit a Reddit web address will check the clipboard and ask if you want to use them on load or if it senses you put a new address in.
While there's definitely the aspect of your the product here, there's also reasons for some apps (web addressed based services in particular) to be doing it for non nefarious reasons. At this point though - you have to assume the worst when it comes to 3rd party apps. This'll result in a good cleansing of programming in iOS apps.
Its important to remember these apps can only be copying clipboard contents if the apps are running and in iOS I believe they have to be in focus (the app loaded on your screen). Over in Android they can copy the clipboard just being loaded and in the background. I just immediately unload (flick off the top of the screen) any 3rd party apps after I'm done with them - its a habit.
I know my Mac based password storer etc. clears the clipboard after 2 mins or something - so you might want to see if 1Password does that (guessing it might).
While there's definitely the aspect of your the product here, there's also reasons for some apps (web addressed based services in particular) to be doing it for non nefarious reasons. At this point though - you have to assume the worst when it comes to 3rd party apps. This'll result in a good cleansing of programming in iOS apps.
Its important to remember these apps can only be copying clipboard contents if the apps are running and in iOS I believe they have to be in focus (the app loaded on your screen). Over in Android they can copy the clipboard just being loaded and in the background. I just immediately unload (flick off the top of the screen) any 3rd party apps after I'm done with them - its a habit.
I know my Mac based password storer etc. clears the clipboard after 2 mins or something - so you might want to see if 1Password does that (guessing it might).
Last edited:
There are a few apps that have a legitimate reason to read the clipboard. I know google maps does it to have a copied address already inputted, and parcel tracking apps do it to to have your copied tracking number ready to input.
Neither of those two examples are evil. They're conveniences.
Neither of those two examples are evil. They're conveniences.
Of course it is, because it is a feature to detect reddit content in the clipboard and navigate to the correct thread. Sorry, but all of you are really not getting it. Every developer did that when they had some sort of deep linking support in the app, it's just the most normal thing to do.
99% of the apps have a legitimate reason. It should just be handled in the same way as camera access: ask user whether to grant access along with an explanation by the developer "To parse reddit URLs you have copied and navigate you directly to the given topic." – Done.
I wonder what else they aren't telling us? Better yet, how much is baked into iOS and Android OS we just don't know?
If you haven't developed for iOS then it is best to just not talk about it.
[automerge]1594042096[/automerge]
The paste mechanism is buggy as hell. Also, I want convenience. A good UX doesn't make the user tap multiple times for something that can be done automatically.
[automerge]1594042228[/automerge]
Not just a possibility, for sure it will have negative consequences.
arkmannj
macrumors 68000
Sounds like we need a security preference/option to enable denying apps access to the clipboard without a user initiated Paste.
I don’t know why Apps would need direct clipboard access anyways.
maybe some additional options for each app such as:
1) App has NO direct clipboard access. Data can only be requested from a user initiated paste function using Apples Built in (system wide) paste functionality.
2) Default - App ONLY has access to its own sandboxed clipboard.
3) App has full access to the systemwide clipboard
4) Clipboard contents from this app expire after _____ seconds or auto expire when exiting the App.
5) Other Apps can/can’t access clipboard contents from this App.
6) Notify me when this app requests content from the clipboard so I can choose each time what to do.
Point being, give users the control for how their data is used/accessed. Some apps may be adversely affected in the UX but it would be up to the user if security or convenience is more important on a per App basis. and for a user to set their trust level. This wouldn’t be terribly different than the location settings/asking.
If I dont ever copy links that I care about reddit/Apollo reading then I should be able to deny it access knowing on the odd occasion I may need to manually paste it. Same with package tracking, etc...
I don’t know why Apps would need direct clipboard access anyways.
maybe some additional options for each app such as:
1) App has NO direct clipboard access. Data can only be requested from a user initiated paste function using Apples Built in (system wide) paste functionality.
2) Default - App ONLY has access to its own sandboxed clipboard.
3) App has full access to the systemwide clipboard
4) Clipboard contents from this app expire after _____ seconds or auto expire when exiting the App.
5) Other Apps can/can’t access clipboard contents from this App.
6) Notify me when this app requests content from the clipboard so I can choose each time what to do.
Point being, give users the control for how their data is used/accessed. Some apps may be adversely affected in the UX but it would be up to the user if security or convenience is more important on a per App basis. and for a user to set their trust level. This wouldn’t be terribly different than the location settings/asking.
If I dont ever copy links that I care about reddit/Apollo reading then I should be able to deny it access knowing on the odd occasion I may need to manually paste it. Same with package tracking, etc...
Last edited:
And how do all the Reddit app haters here think Apollo detects content in your clipboard? The stupidity on these boards just never ceases to amaze me.
Attachments
yurc
macrumors 6502a
I had getting used with this features too, very convenient and neat. It detect tracking number without needs to manually filling in. But perhaps apps publisher only just need declare honestly why they using do with clipboard data.
The missing point here, people seems get too paranoid first without being understand what is used for. All technology is double sword edge, it would became useful if implemented in good ways, but also can be abused for someone bad intents.
Except for FB/ TikTok, I need no explanation. I guess this clipboard issue are persists in Android too.
It's really trivial. You start listening on clipboard change notifications (one line of code). When you receive one, you then access the clipboard to check if it contains anything meaningful for your app (another line of code and some regex parsing). In all apps supporting deep-linking, this would typically be a URL that you understand (copied from the desktop, or copied from Safari or somewhere else where direct tapping leads to an undesirable action). This is just a convenience function that is easy to implement.
mattopotamus
macrumors Pentium
could not agree more. It is probably the only app I had no issue paying for the lifetime subscription (only $24.99).
Akrapovic
macrumors 65816
If you had done enough development, you wouldn't be calling BS. You know as a developer that most apps and programs and websites are a cluster **** of bad code. And as the old saying goes, never assume malice when it can be easily attributed to stupidity.
We've all seen ridiculous and terrible code, and horrible hack job ways of achieving very simple things. I could easily envision a bad bot detector built this way.
Also, for VERY basic common sense, just have a think, why would they be scraping the clipboard on every keystroke? They know through the event list they aren't copying something, so the clipboard hasn't changed - especially in the case of TikTok. So what privacy invading reason is there for copying the clipboard on every key stroke?
Letter A typed: Copy clipboard. Send data away
Letter B typed: Copy clipboard. Send data away. Exactly the same.
Letter C typed: Copy clipboard. Send data away. Exactly the same.
... etc
If your plans are to invade privacy and copy clipboard data, then you only need to do it when the clipboard changes. So this would just be a way of increasing the incoming bandwidth costs, and the amount of server side crunching needing done, to achieve what you could do upon the app just opening once.
With some very basic thought processes, this looks far more like incompetent programmers trying to solve problems in creative ways, using out dated tools more than it does data privacy breaches. I'd be more concerned with the apps which scrape the clipboard on open and then never do it again - because that's the ones that look like competent programmers trying to obtain whatever is on the clipboard.
Now, as I said - this isn't a good thing. And it should be stopped. But it doesn't mean all of these apps are doing bad things.
