A new demo researchers of Mysk shining a light the free, unrestricted access to all the applicatis for iOS clipboard.
In the video, the developers create a fake applicati that simply prints the information that is gleaned from the clipboard. When the user copies an image, the applicati allows you to immediately see the ctent of the image and the metadata as the place where the photo was taken. This becomes a little more sinister when the demstrati shows that the installed widgets can also silently collect all the data copied to the clipboard, without the user’s knowledge.
What is shown in this video is not basically revealing, but it is a beautiful reminder that all sandboxes have escape hatches.
After all, the clipboard is designed to be silently power through any applicati. Many applicatis of features to this fact; for example, when you copy an image to the clipboard, a social media applicati may detect it and offer it to attach to the message in the compositi window. Similarly, if you copy a link to Reddit and open Apollo, the Apollo can the URL in the clipboard, and automatically navigate to the destinati in the applicati.
However, it is true that a nefarious app could surreptitiously acquire certain persal data in this way. This is a good reminder that everything you copy and paste could be registered by any applicati the system, including things like Today view widgets without your knowledge.
Any well behaved applicati will never do this, but there is no system indicator, which the clipboard so that you can not know if it happens. Thanks to the universal clipboard, it is also possible for an iOS app to potentially sensitive ctents have been copied to the Mac.