By Talal Haj Bakry and Tommy Mysk If you enjoyed this work, you can support us by checking out our apps: Ctrl – The best presentation companion for your Apple Watch Canvas – Draw Together, Wirelessly! tl;dr Link previews in chat apps can cause serious privacy problems if not done properly. We found several cases of apps […]
Author Archives: Mysk
TikTok Vulnerability Enables Hackers to Show Users Fake Videos
By Talal Haj Bakry and Tommy Mysk UPDATE (MAY 5, 2020): TikTok rolled updates for iOS and Android in May that fixed this vulnerability. If you enjoyed this work, you can support us by checking out our apps: Ctrl – The best presentation companion for your Apple Watch Canvas – Draw Together, Wirelessly! Videos Video manipulation of […]
Popular iPhone and iPad Apps Snooping on the Pasteboard
By Talal Haj Bakry and Tommy Mysk UPDATE (AUGUST 16, 2020): More apps crossed out * UPDATE (JUNE 30, 2020): The list of apps in the original report from March 2020 is NOT an exhaustive list. We examined a sample of popular apps, and listed the ones that exhibited the behavior of excessive clipboard access. Many apps have […]
Precise Location Information Leaking Through System Pasteboard
By Talal Haj Bakry and Tommy Mysk UPDATE (JUNE 22, 2020): Apple addressed this vulnerability in iOS 14 and iPadOS 14 by showing a notification every time an app reads the clipboard. Disclaimer: We submitted this article and source code to Apple on January 2, 2020. After analyzing the submission, Apple informed us that they don’t […]