LinkedIn Caught Copying Data from iOS Clipboard

Microsoft’s LinkedIn has been called out for repeatedly copying data from the iOS clipboard. The firm says it was a bug, and not malicious behavior.

“LinkedIn is copying the contents of my clipboard [with] every keystroke,” a Twitter user tweeted late last week. “iOS 14 allows users to see each paste notification.”

That same user notes that several other apps are likewise copying data from the iOS clipboard, including Accuweather, AliExpress, Call of Duty Mobile, Google News, Overstock, Paetron, and Tik Tok.

LinkedIn says the behavior is just a bug and that it will fix it in an app update.

“We’ve traced this to a code path that only does an equality check between the clipboard contents and the currently typed content in a text box,” Microsoft’s Erran Berger tweeted in response to the earlier tweet. “We don’t store or transmit the clipboard contents.”

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 28 comments

  • SvenJ

    Premium Member
    06 July, 2020 - 8:39 am

    <p>"<span style="color: rgb(0, 0, 0);">only does an equality check between the clipboard contents and the currently typed content". Amazing how code that does a specific function accidentally got in there. That is stretching the definition of bug. But, since so many companies seem to have been affected by this 'bug', must be true.</span></p><p><span style="color: rgb(0, 0, 0);">BTW, I can see wanting to compare contents of the clipboard with what is in the text box, or at least what is highlighted, but only if I have explicitly copied text to the clipboard, not every time I type a letter. An app has no business reading from the clipboard unless I invoked 'paste'.</span></p>

  • iantrem

    Premium Member
    06 July, 2020 - 9:01 am

    <p>Given it's widespread "use" is this going to be down to a JavaScript plug-in or other 3rd party component?</p><p><br></p><p>I can't believe all the websites mentioned would use this deliberately in the same way.</p>

    • wright_is

      Premium Member
      06 July, 2020 - 9:25 am

      <blockquote><em><a href="#552391">In reply to iantrem:</a></em></blockquote><p>To an app written in Swift? Unlikely. It is the app, not the website.</p>

      • lvthunder

        Premium Member
        06 July, 2020 - 11:18 am

        <blockquote><em><a href="#552393">In reply to wright_is:</a></em></blockquote><p>Are you sure the app was written in Swift and not Xamarin, Flutter, etc.?</p>

  • txag

    06 July, 2020 - 9:15 am

    <p>The explanation makes no sense to me.</p>

  • sentinel6671

    Premium Member
    06 July, 2020 - 9:30 am

    <p>I want to believe this is just another example of rushing a product and allowing sloppy code, which is the norm today. But the list of other apps make it difficult. Quietly slurping data from end users is clearly too lucrative to ever not try, despite the outcry whenever someone is caught doing it. I expect better from Microsoft, but at the end of the day all the companies out of both sides of their mouth about privacy, so I'm not shocked.</p>

    • SvenJ

      Premium Member
      06 July, 2020 - 10:44 am

      <blockquote><a href="#552395"><em>In reply to sentinel6671:</em></a><em> </em>No excuse, but this was LinkedIn code, not MS per se. They bought it and have been pretty hands off. </blockquote><p><br></p>

      • sentinel6671

        Premium Member
        06 July, 2020 - 10:49 am

        <blockquote><em><a href="#552401">In reply to SvenJ:</a></em></blockquote><p><br></p><p>True, I forgot that MS bought them but was hands off.</p>

  • winner

    06 July, 2020 - 10:50 am

    <p>A week or two ago, Paul wrote an article about Microsoft complaining about Apple's anti-competitive practices. At the time, I mentioned that it was a bit of karma that Microsoft was complaining about Apple, given Microsoft's history.</p><p><br></p><p>Paul suggested that I "get over it", as that Microsoft behavior was "millions of years ago".</p><p><br></p><p>Yet it was only 5 years ago or so that Microsoft changed the default behavior of a dialog box that caused my 80-year-old mother's computer to upgrade to Windows 10. And now they've been caught stealing clipboard information on LinkedIn.</p><p><br></p><p>Sorry, I don't think Microsoft has really cleaned up their act. I stand behind my beliefs about their inherent nature.</p>

    • Paul Thurrott

      Premium Member
      06 July, 2020 - 11:40 am

      <blockquote><em><a href="#552406">In reply to Winner:</a></em></blockquote><p>Dear God.</p><p><br></p><p>Yes, do get over it. This is a different company. And this LinkedIn thing is just a bug. My God, all the bad things going on in tech and this is what you cling to?</p><p><br></p><p>Come on.</p>

      • winner

        06 July, 2020 - 1:17 pm

        <blockquote><em><a href="#552421">In reply to paul-thurrott:</a></em></blockquote><p>I'm fine disagreeing with you, and still appreciate your work. But on this one, I disagree with your opinion.</p><p><br></p><p>Paul, in a recent "What the Tech" you mentioed that Microsoft doesn't finish things (such as UI improvments/changes) and they've always been that way. So for that topic they're the "same company", but for my argument, somehow they're a "different company". I don't see the consistency. They have a long track record of anti-consumer behavior.</p>

        • Paul Thurrott

          Premium Member
          07 July, 2020 - 8:47 am

          No, they don’t. That’s ridiculous.

          Using your broad definition of the term, every company is “anti-competitive”. Of course they are: They don’t want competition so they can dominate their respective markets. That’s literally the goal. The issue isn’t being anti-competitive. It’s behaving illegally. And anti-competitve becomes illegal when you literally have a monopoly or are in some way dominating a sizable market. Apple does this. Google does. Amazon does. And Facebook does. Microsoft does not.

          When I speak generally of Microsoft on a podcast, I am speaking specifically about the only parts of Microsoft I care about or cover. And as to inconsistencies, yes, I see that across their end-user UX in Windows and Office, for sure. I have no opinions about whether this exists in Azure or whatever, both because I just do not care and have never even considered it. It’s probably consistent, to be fair, since it’s easy to update one web UI.

          Anyway, Microsoft’s anti-competitive behavior was a problem when it monopolized personal computing. Not the market for PCs specifically, but personal computing generally. Today, they are a minor player. And if they wish to gain some advantage in Windows or whatever, God love them. It may bother us, and it does, but it’s not illegal. And for F’s sake, I write about not liking this stuff all the time. That doesn’t make them illegal and it doesn’t make Mirosoft anti-competitive.

          These ideas are so basic I’m surprised I need to spell them out.

      • BruceR

        06 July, 2020 - 2:11 pm

        <blockquote><em><a href="#552421">In reply to paul-thurrott:</a></em></blockquote><p>Why "caught copying data" in the headline if it's just a bug?</p>

        • ronh

          Premium Member
          06 July, 2020 - 2:30 pm

          <blockquote><em><a href="#552487">In reply to BruceR:</a></em></blockquote><p> Because that is what the bug does… </p>

        • Paul Thurrott

          Premium Member
          07 July, 2020 - 8:39 am

          Why are those two things mutually exclusive?

      • ontariopundit

        06 July, 2020 - 11:45 pm

        <blockquote><em><a href="#552421">In reply to paul-thurrott:</a></em></blockquote><p><br></p><p>We don't need to look to 20 years ago to find Microsoft's unrepentant nature when it comes to their anti-competitive behavior.</p><p><br></p><p>Consider Windows 10 S: "you can only have only ONE browser, and only ONE default search engine, and you can't replace either".</p><p><br></p><p>Ostensible this was to 'protect' users by having full control over the browser rendering engine. This wasn't to protect users by controlling the rendering engine, this was to give a mediocre search engine extra eyeballs, and (ab)use a market monopoly to give a failed browser a new shot at life.</p><p><br></p><p>At the time Windows 10 S came into the world, many in the Windows fanboi community pointed with glee at Apple's iOS as proof that criticism of Microsoft wasn't fair.</p><p><br></p><p>No, criticism of Microsoft as continuing to show its anti-competitive streak 20 years later was and still is fair. Bill Gates, the architect of the worst anti-trust atrocities, is now gone from day-to-day operations, but the desire to abuse a monopoly lives on.</p><p><br></p><p>Windows 10 S went much farther than iOS ever did. Sure, it is only recently that Apple has begun allowing a different default browser–which, AFAIK, is still not permitted under Windows 10 S [mode]–but Apple has always given users the option to change the default search engine, including to the deservedly maligned and mocked Bing!</p><p><br></p><p>We still do not have FireFox, Chrome or Opera in the Windows Store. Windows Store effectively bars those browsers from the Windows Store through its TOS. Umm. Monopoly abuse?!?!</p>

        • Paul Thurrott

          Premium Member
          07 July, 2020 - 8:34 am

          What a horrible world you think you live in. The scourge that is S mode! The oppression!

          You need a monopoly to abuse a monopoly. S mode was installed on only a tiny percentage of computers and you can switch to full Windows 10 at any time for free. But let’s take your argument at face value, after we peel back the incendiary language. You compared it to iOS. Where you can’t switch to a version of the OS that isn’t locked down for free or for any fee. That is the only choice on that platform. That is literally a monopoly that is now under investigation on at least two continents for this kind of abuse. Unlike Microsoft. And you think that is somehow on par with … S mode?


          Look, Microsoft isn’t perfect, it’s a corporation. But it’s also not the company you think it is. And your take on this topic isn’t just wrong and wrong-headed, it’s a waste of all of our time.

      • rfog

        07 July, 2020 - 5:19 am

        <blockquote><em><a href="#552421">In reply to paul-thurrott:</a></em></blockquote><p><br></p><p>A bug that a code specifically uses the clipboard paste functionality on each typing? Come on you. </p>

  • anoldamigauser

    Premium Member
    06 July, 2020 - 12:04 pm

    <p>Probably a bad line of sample code that got copied over and over again. It would certainly not be the first time something like that has happened.</p>

  • aelaan

    06 July, 2020 - 2:20 pm

    <p>Oddly enough it points to iOS 14, which is in early beta. Maybe the finger is pointing in the wrong direction and this is not a LinkedIn issue but the app and iOS?</p>

    • jimchamplin

      Premium Member
      08 July, 2020 - 11:26 am

      <blockquote><em><a href="#552494">In reply to aelaan:</a></em></blockquote><p>Actually, it's iOS 14 working as designed. This has been a security/privacy loophole for a while. Apple is just closing it. Sure, there are some valid reasons to read the clipboard, but to do so with the frequency that these apps that are being discovered is not sensible. Some of them are hitting it multiple times a second. And none of the ones that have been caught have legitimate reasons to be doing so.</p>

  • markbyrn

    Premium Member
    06 July, 2020 - 2:35 pm

    <p>So Apple with it's self-proclaimed emphasis on privacy has waited until iOS 14 (still in beta) to advise customers that apps are surreptitiously copying the clipboard. I think Mr. Cook needs to re-prioritize his work-day. </p>

    • pdhemsley

      Premium Member
      06 July, 2020 - 2:40 pm

      <blockquote><em><a href="#552496">In reply to markbyrn:</a></em></blockquote><p>Which other operating systems provide this visibility to users?</p>

      • longhorn

        Premium Member
        07 July, 2020 - 1:13 pm

        <blockquote><em><a href="#552497">In reply to pdhemsley:</a></em></blockquote><p>On Android 10 and later only if LinkedIn has focus can it access the clipboard. So if you copy and paste between two different apps, LinkedIn can't access that data.</p><p><br></p><p>Clipboard permission should be per app, there is no excuse for this recklessness on a supposedly modern platform. That this bug is possible shows a weakness in iOS and to some extent in Android too.</p><p><br></p><p>It's a bit embarrassing for Apple actually, just like those SMS messages that manage to crash iOS. The last incident is from April 23rd this year reported by 9to5mac.</p><p><br></p>

    • Paul Thurrott

      Premium Member
      08 July, 2020 - 8:37 am

      I literally mentioned all those companies in the post.

      “Several other apps are likewise copying data from the iOS clipboard, including Accuweather, AliExpress, Call of Duty Mobile, Google News, Overstock, Paetron, and Tik Tok.”

  • jimchamplin

    Premium Member
    08 July, 2020 - 11:24 am

    <p>Sure are a lot of apps suffering from the very same incredibly specific bug lately.</p>

  • illuminated

    08 July, 2020 - 7:29 pm

    <p>Reddit app is/was doing the same. I would think that this could be some common or unintentional practice. Pretty strange but sometimes weirdest things end up in the apps.</p>


Stay up to date with the latest tech news from!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2023 BWW Media Group