Security News > 2020 > February > Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data
Any cut-and-paste data temporarily stored to an iPhone or iPad's memory can be accessed by all apps installed on the specific device - even malicious ones.
To illustrate his concerns, Mysk created a rogue proof-of-concept app called KlipboardSpy and an iOS widget named KlipSpyWidget.
Both are designed to illustrate how any app installed on an iOS device can act maliciously and access clipboard data and use it to spy or steal sensitive personal information.
One caveat to the developer's research was that iOS can only allow apps to read clipboard data when the apps are active and in the foreground.
For Mysk, he also believes Apple should put permissions around clipboard data the same way apps request permission to access an iPhone's Contacts and Location Services.
News URL
https://threatpost.com/apple-takes-heat-over-vulnerable-data/153171/