This flaw can allow apps access your location data
Apple iPhones are touted to be the safest and most secure, unlike the Android ecosystem. While it might be true for most cases, a recent study suggests that the iOS ecosystem isn't fully secure since it is susceptible to a new security flaw due to the mere copying and pasting we all tend to do. Read on to know what this iOS flaw and how it can happen.
iOS copying-pasting flaw
As discovered by two security researchers Talal Haj Bakry and Tommy Mysk, several apps can access a user's data (especially the location data) when the user copies and pastes data to the Apple pasteboard, aka, clipboard. It is suggested that when a user copies data, it gets saved to the phone's memory and can easily be accessed by other apps. This can happen for iPads too. This is because iOS and iPadOS come with the ability to allow the foreground apps to read the pasteboard.
To explain how this works, both researchers made a 'rogue' KlipboardSpy app. You can watch the following video to understand the whole process.
The report suggests that apps can access a user's precise location if a user grants the camera app access to location services, takes an image from the camera app, and copies the image to the pasteboard.
If the iPhone or the iPad contains malicious apps, the apps will read the pasteboard data constantly and get access to the precise location data and misuse it. In addition to this, content such as contacts, photos, phone numbers, emails, IBAN bank information, URLs, PDFs of official documents, audio files, word documents, spreadsheets, to passwords can be misused.
Furthermore, the best way to prevent this is suggested to be new permission that doesn't let apps access the device's pasteboard. For this, Apple needs to release a possible software update.
