The Briefing Room
General Category => Science, Technology and Knowledge => Computers => Topic started by: PeteS in CA on June 27, 2020, 12:32:56 am
-
Warning—Apple Suddenly Catches TikTok Secretly Spying On Millions Of iPhone Users
https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/#3d30e0a634ef (https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/#3d30e0a634ef)
As I reported on June 23, Apple has fixed a serious problem in iOS 14, due in the fall, where apps can secretly access the clipboard on users’ devices. Once the new OS is released, users will be warned whenever an app reads the last thing copied to the clipboard. As I warned earlier this year, this is more than a theoretical risk for users, with countless apps already caught abusing their privacy in this way.
Worryingly, one of the apps caught snooping by security researchers Talal Haj Bakry and Tommy Mysk was China’s TikTok. Given other security concerns raised about the app, as well as broader worries given its Chinese origins, this became a headline issue. At the time, TikTok owner Bytedance told me the problem related to the use of an outdated Google advertising SDK that was being replaced.
Well, maybe not. With the release of the new clipboard warning in the beta version of iOS 14, now with developers, TikTok seems to have been caught abusing the clipboard in a quite extraordinary way. So it seems that TikTok didn’t stop this invasive practice back in April as promised after all.
...
... For Android users, though, there is no word yet as to whether this is an issue for them as well.
“Apple dismissed the risks that we highlighted and explained that iOS already had mechanisms to counter all of the risks,†the researchers told me earlier this week. “But the mechanisms that Apple provided were not effective to protect user privacy.†...
-
How does one "suddenly catch" something? Is it like the Coyote catching the Roadrunner?
-
How does one "suddenly catch" something? Is it like the Coyote catching the Roadrunner?
I don't know, since he never succeeded. In this case, it sounds like Apple people were surprised during their beta test to find that the clipboard snooping TikTok has said had been fixed actually was still happening.
-
Don't trust China. China is an A$$hole
-
Hmmmmmm ... https://arstechnica.com/gadgets/2020/06/tiktok-and-53-other-ios-apps-still-snoop-your-sensitive-clipboard-data/
TikTok and 53 other iOS apps still snoop your sensitive clipboard data
In March, researchers uncovered a troubling privacy grab by more than four dozen iOS apps including TikTok, the Chinese-owned social media and video-sharing phenomenon that has taken the Internet by storm. Despite TikTok vowing to curb the practice, it continues to access some of Apple users’ most sensitive data, which can include passwords, cryptocurrency wallet addresses, account-reset links, and personal messages. Another 53 apps identified in March haven't stopped either.
The privacy invasion is the result of the apps repeatedly reading any text that happens to reside in clipboards, which computers and other devices use to store data that has been cut or copied from things like password managers and email programs. With no clear reason for doing so, researchers Talal Haj Bakry and Tommy Mysk found, the apps deliberately called an iOS programming interface that retrieves text from users’ clipboards.
...
In all, the researchers found the following iOS apps were reading users’ clipboard data every time the app was opened with no clear reason for doing so:
...
News
ABC News — com.abcnews.ABCNews
Al Jazeera English — ajenglishiphone
CBC News — ca.cbc.CBCNews
CBS News — com.H443NM7F8H.CBSNews
CNBC — com.nbcuni.cnbc.cnbcrtipad
Fox News — com.foxnews.foxnews
News Break — com.particlenews.newsbreak
New York Times — com.nytimes.NYTimes
NPR — org.npr.nprnews
ntv Nachrichten — de.n-tv.n-tvmobil
Reuters — com.thomsonreuters.Reuters
Russia Today — com.rt.RTNewsEnglish
Stern Nachrichten — de.grunerundjahr.sternneu
The Economist — com.economist.lamarr
The Huffington Post — com.huffingtonpost.HuffingtonPost
The Wall Street Journal — com.dowjones.WSJ.ipad
Vice News — com.vice.news.VICE-News
Games
...
Social Networking
...
Other
10% Happier: Meditation —com.changecollective.tenpercenthappier
5-0 Radio Police Scanner — com.smartestapple.50radiofree
Accuweather — com.yourcompany.TestWithCustomTabs
AliExpress Shopping App — com.alibaba.iAliexpress
Bed Bath & Beyond — com.digby.bedbathbeyond
Dazn — com.dazn.theApp
Hotels.com — com.hotels.HotelsNearMe
Hotel Tonight — com.hoteltonight.prod
Overstock — com.overstock.app
Pigment – Adult Coloring Book — com.pixite.pigment
Recolor Coloring Book to Color — com.sumoing.ReColor
Sky Ticket — de.sky.skyonline
The Weather Network — com.theweathernetwork.weathereyeiphone
I refer with some frequency to Accuweather on their website, but I had to check whether I have their app on my phone. I don't. Anyway, iPhone users beware of news sources' apps!
-
Amazon orders employees to remove TikTok from phones ‘due to security risks’
https://www.theverge.com/2020/7/10/21320196/amazon-employees-tiktok-uninstall-email-trump-administration-pompeo-ban (https://www.theverge.com/2020/7/10/21320196/amazon-employees-tiktok-uninstall-email-trump-administration-pompeo-ban)
Amazon asked employees to remove the popular social video-sharing app TikTok from their mobile devices on Friday, as first reported by The New York Times.
“Due to security risks, the TikTok app is no longer permitted on mobile devices that access Amazon email,†the company said in an email to employees Friday morning. “If you have TikTok on your device, you must remove it by 10-Jul to retain mobile access to Amazon email. At this time, using TikTok from your Amazon laptop browser is allowed.†The email was obtained and independently published by multiple reporters on Twitter.
TikTok was recently caught accessing user clipboard data when running in the background, potentially exposing passwords or other sensitive data. The behavior was revealed because of a new feature in iOS 14, and it’s unclear how long it had been present in the app. TikTok has since removed the feature, but the privacy scare underscored long-standing privacy concerns over the app, which is owned by the China-based Bytedance.
-
Damnit! Apple is the only one allowed to spy on i-phone users.
-
Don't trust China. China is an A$$hole
Apple does. The encryption access that Apple regularly denies to US law enforcement was given to the Chi-coms as a condition for doing business. When the FBI needs to hack an iPhone, they have to get the Chinese to do it for them.
-
I had a few of the apps but it also said iOS 14 and I’m running 13 and 12.
Oh the story is a few weeks old. Apple’s latest patch fixed the problem. I’m ok.
-
Apple does. The encryption access that Apple regularly denies to US law enforcement was given to the Chi-coms as a condition for doing business. When the FBI needs to hack an iPhone, they have to get the Chinese to do it for them.
Well, no...
-
Damnit! Apple is the only one allowed to spy on i-phone users.
LOL! And Amazon and Android, and Google, and Microsoft and...
-
Anyone recall the “1984†Apple commercial?
-
Anyone recall the “1984†Apple commercial?
(http://www.youtube.com/watch?v=VtvjbmoDx-I#)