The function of copy and paste on the iPhone could leak sensitive data, experts warn
Edition Today Lifestyle
Two software developers from Canada and Germany found in the Apple iOS system a potential threat, which causes a simple action. It turned out that the usual “copy-paste” (copy and paste) can make information iPhone and iPad users vulnerable.
When copying information from the application next open the program assumes that the user can use the insert and stores the data in a special buffer. Thus, iOS provides to the active application running in the foreground, access to an open “clipboard” of the operating system, which is essentially a short-term memory for everything that is copied by the user.
Apple will block the old iPhone in November: who is at risk
The problem, as outlined programmers Tommy Misk and Talal Haj bakry, is that people are distracted and open applications before loading this information into the desired application. Attackers can use a notification or other method of distraction, to force the user to run a malicious app to capture data from the clipboard that may contain credit card numbers, different PIN-codes, passwords and other sensitive information.
See also the story of how the Odessa militiamen exposed hackers:
The developers claim that each application opened by the user on the iPhone will have access to the copied information and can even rewrite it. This also applies to any widgets that Apple users use on their iPad – they can also scan the clipboard.
“Any application is able to read all the copied photos, PDF files, texts, passwords, and any data type. This revelation was shocking for us. That’s why mi have written a demo application to document the work and send it to Apple,” explained Tommy Misk.
The MacBook Air has found a hidden “threat”
Mask and Bakri wrote a special application called Spy Klipboard to demonstrate this feature. They demonstrated how the photograph makes the photo metadata available for Klipboard Spy, including where the photo was taken.
If you copy and paste the password, someone else’s Bank account or any vulnerable personal information, other applications will be able to take possession of these data – even if the app doesn’t have rights for it. An attacker could theoretically rewrite the Bank account information stored in the operating system and redirect the money to another account.
Earlier, Apple was punished for slowing iPhone. At the same time, the EU has forced Apple to change the charging port on the iPhone.
Subscribe to our telegram
Only the most important and interesting