1. 15
  1. 7

    Before we judge these apps, there are legitimate UX reasons to check the clipboard (I love it when Stripe pulls the security code out of the clipboard automatically when 2FA logging in) but apps need to justify that access as legitimately helpful.

    1. 1

      From the article we can read that some said apps have no textual input what so ever (games without inputs)

    2. 3

      This is slightly terrifying. I use the clipboard with intent: Transfer some piece of data from app A to app B. My expectation is that app B gets access to the data once I paste it. No app should ever get access unless I paste to it.

      This seems like a pretty clear vulnerability in the clipboard design. The previous article on the topic notes that Apple sees no problem with this…