Sun Jul 05 2020
Video sharing app Tik Tok can monitor the universal clipboard which allows it to pinpoint a user’s location
Security researchers Haj Bakry and Tommy Mysk last week claimed Video Sharing app TikTok was spying on iPhone users by secretly making recordings of the dashboard.
Writing on the Mysk blog, they demonstrated that the vulnerability had resulted because both iOS and iPadOS apps were granted unrestricted access to system-wide general pasteboard.
That means that a user’s location instantly becomes available if they copy and paste a photo.
This all came to light whilst they were investigating the beta version of iOS 14, due out this autumn (2020).
The same researchers also found that TikTok were doing the same on Android earlier this year.
At the time, the apps creators, Bytedance, said the problem was with an outdated Google advertising SDK and said they’d fix it.
The researchers then raised a red flag stating if the problem still exists on Augusts iOS release the problem obviously hasn’t been addressed.
In a statement released through Forbes later though, the company blamed an entirely different problem:
The behaviour is triggered by a feature designed to identify repetitive, spammy behaviour
Bytedance also reported they’d already submitted a new version of the app to the App store to fix the vulnerability.
Sun Jul 05 2020