Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
IOS Apple

Apple Executive Responds To Annoying iOS 16 Copy and Paste Prompt: 'Absolutely Not Expected Behavior' (macrumors.com) 42

Apple has responded to user complaints regarding an annoying pop-up in iOS 16 that asks for user permission if an app wants to access the clipboard to paste text, images, and more. From a report: The new prompt was added to iOS 16 as a privacy measure for users, requiring that apps ask for permission to access the clipboard, which may have sensitive data. The prompt, however, has become an annoyance for users as they install iOS 16, as it constantly asks for permission whenever they wish to paste something into an app. As user annoyance with the behavior boils high, Apple has finally responded, saying the constant pop-up is not how the feature is intended to work. MacRumors reader Kieran sent an email to Craig Federighi and Tim Cook, complaining about the constant prompt and advocating for Apple to treat access to the clipboard the same way iOS treats third-party access to location, camera, microphone, and more. Ron Huang, a senior manager at Apple, joined the email thread saying the pop-up is not supposed to appear every time a user attempts to paste. "This is absolutely not expected behavior, and we will get to the bottom of it," Huang said. Huang added that this behavior is not something Apple has seen internally but that Kieran is "not the only one" experiencing it. Responding to the suggestion that clipboard access should be added within the Settings app on a per-app basis, Huang said it would make a "good improvement" and added that Apple "certainly need to fix and make apps like Mail just work even without this setting, but it's nonetheless helpful for apps which users want to share data with even if they didn't initiate it." "Stay tuned," he added.
This discussion has been archived. No new comments can be posted.

Apple Executive Responds To Annoying iOS 16 Copy and Paste Prompt: 'Absolutely Not Expected Behavior'

Comments Filter:
  • They should have copy/pasted code from the other examples cited, so it would work correctly.

    Or maybe...you know...put it in a function and call it from multiple places.

    I dunno...seems like there are ways to prevent this sort of thing and get it right the first time.

    • by GoTeam ( 5042081 )

      They should have copy/pasted code from the other examples cited, so it would work correctly.

      Or maybe...you know...put it in a function and call it from multiple places.

      I dunno...seems like there are ways to prevent this sort of thing and get it right the first time.

      Your suggestions aren't innovative or brave enough!

      • by saloomy ( 2817221 ) on Tuesday September 20, 2022 @10:32AM (#62898279)
        I don't know how the apps call a paste from the clipboard, but that function itself should be a system call that only the user can initiate, not an App function. That way, the user is in control of send clipboard data to the app, rather than Apps calling to read the clipboard themselves. The permission presentation is a shoddy workaround, but it is better IMHO than having apps surreptitiously access clipboard data every 5 seconds to see what is there and send it off-device.
    • copy/pasted code from windows vista!

  • by ls671 ( 1122017 ) on Tuesday September 20, 2022 @09:48AM (#62898155) Homepage

    Hmmm....

    Can't it just give the choice between:
    1) Allow once for this time only
    2) Always allow
    ??

    Pretty standard behavior IMHO!

    • Okay, but I want to control not just when it can happen, but also which apps it can happen between. Not that I'm an iOS user, but to my mind this is the necessary behavior regardless of which OS you're on.

    • No, because I may want to paste the data from a google image search into a chat app, but not the password I copied out of the settings keychain to enter into a website. Your solution assumes the clipboard data should always be treated with the same level of security, when the data changes, and therefore so does the security requirements. Asking every time seems like the right solution:

      "Do you want to allow WeChat to access the clipboard with data from Google Images?"

      "Do you want to allow WeChat to acces
      • Your solution assumes the clipboard data should always be treated with the same level of security

        It absolutely should. The clipboard is data outside of the control of an app and should never have any security assumptions made about it. Your banking app should control data exfiltration. That's it. The clipboard by design is a shared space, not a secure component of the OS.

        What would make sense permission wise is to:
        a) let the OS do anything (such as copy any text on screen and paste into any available field where input data is expected).
        b) apps which access the clipboard directly should request permissi

    • Hmmm....

      Can't it just give the choice between:
      1) Allow once for this time only
      2) Always allow
      ??

      Pretty standard behavior IMHO!

      Really great idea. Unless you think it through. If you copy something on your mac, then the clipboard content is automagically shared between all your devices. Copy something on your imac and paste it in your macbook.

      And saying "Always allow" now enables the app to continuously ask the clipboard for its content. So if you for instance copy a password from your password store on your imac, your super duper app on your iPhone can read it.

      That is the reason why I deactivated the clipboard syncing in my icloud

  • Just as annoying, designed by imbeciles..
  • The battle has moved onto your own device whereby your own device even questions your own actions. Fail. Unacceptable.

    What happened to Apple's walled security garden - the apps it contains should never have to be so security restricted. More fail.
    • by flink ( 18449 ) on Tuesday September 20, 2022 @10:33AM (#62898287)

      Apple made a dumb mistake, but come on. It is reasonable to restrict an application from accessing the clipboard if the user did not initiate a copy or paste. It's not unusual to, say, copy a password from a password vault and paste it into another app. Afterwards, that password is still in the clipboard and you don't would want some other app sniffing it without the user's knowledge.

      Security reviews aren't perfect. They are performed by people and people make mistakes and miss things. Defense in depth is good.

      I dropped iPhone for other reasons, but the security/privacy features are the biggest thing I miss vs my Android phone.

      • Sure, but why do you even have to worry that another app on your own device may be sniffing the clipboard?

        My point was not that it happens, but that people now think it is normal that you even have to worry about things like this. I guess what I am saying is that modern computing is a disaster.
      • Afterwards, that password is still in the clipboard and you don't would want some other app sniffing it without the user's knowledge.

        It should be up to the password vault app to clear the clipboard like how it does on any other OS. The clipboard is not a secure transfer medium.

        I do agree though apps should request information to access clipboards directly, but the OS level apps (e.g. the keyboard) shouldn't ever have to request anything and have access to copy and past all data inputs or outputs.

    • by Pieroxy ( 222434 )

      This is a bug. They happen from time to time. Plus, this time, it happened only to a handful of users, it's not that widespread.

      • Yep, this feature hasn't caused me any grief. It's unfortunate some users are affected.

      • by TechyImmigrant ( 175943 ) on Tuesday September 20, 2022 @11:29AM (#62898465) Homepage Journal

        This is a bug. They happen from time to time. Plus, this time, it happened only to a handful of users, it's not that widespread.

        It's also a clue as to how it works under the hood and it's not pretty - pasting requires the pasted-to app to have access to the clipboard. That's pretty bad.
         

        • I'm wondering about the security consequences of informing an app that the sequence of input events they just received was initiated by a cut & paste.

          Since when are apps privvy to this?
          • For just text, it should not be visible to SW. But in browsers is clearly is, which is why some web sites prevent you pasting into a field so I have to install the "don't fuck with paste" extension so I can copy and paste my really long passwords from my password manager.

            I assume it is no different with phones.

            When it is say, a picture, you can infer a paste since it comes with the type information and you cannot enter a picture through the keyboard.

  • Oh right, Apple thinks they're golden and doesn't DO that.

    Just as annoying in MacOS when it asks me if I want to access my own documents, though you typically only get the prompt occasionally.

  • One of the world's richest companies spends $6 billion+ on a luxury Spaceship campus, flaunts it in their keynotes at every opportunity, but spends exactly $0 on QA, obviously.

    • by Pieroxy ( 222434 )

      So, your premise is that Apple should have exactly *zero* bugs?

      Talk about having high standards ...

  • Huang added that this behavior is not something Apple has seen internally

    How is this possible? You mean to tell us that with all the vaunted testing not a single person came across this in testing?

    Or perhaps the question should be, was testing even done? Is Apple following Microsoft's lead and simply shoving out software and letting the users find the bugs?
  • by cstacy ( 534252 ) on Tuesday September 20, 2022 @11:28AM (#62898463)

    Since the update, every time I get a text message, a big pop-up comes asking: since this sender is not in Contacts, should we report it as spam? (The number will not be blocked, however.) I get many daily messages from medical, transportation, and delivery services that I use. Those are always random numbers that change every time. There should be a way to turn off this question. (If I want to mark something as spam, I would go out of my way!)

    Well, although it's obscure, there is such a setting. O looked, and it is already turned off. Moreover, it's supposed to be a menu, but it's not. It's turned off, and you can't change that. But the system ignores this setting. So I have to go through this stupid prompt (and hope I don't press the wrong button) every fucking time I get a message. About 12 times a day!

    And this seems to be another "only affecting some users" problem. Carrier tech support totally understands the issue and verified that it's not something I did. They tried resetting various other things as a guess. There is no solution.

    I fully expect this will be broken forever. Eventually I will take this iPhone to the range, but I just got it in June (my first iPhone) and cannot afford to destroy it.

    I noticed other bugs, too. But that one is new with the iOS refresh and happens every day all day.

    • It'll get fixed soon I suspect

      I usually update, at most, once a year to the last version of a major release (i.e., I plan on updating to the last iOS 15 sometime soon from iOS 14)

      That said, I'm older and want my phone working as reliably as possible and am not interested in the latest silliness which I likely won't even use

  • So I'm guessing the UX design people & the people they report to aren't big fans of dog-fooding their designs then?
  • God save us from all the code and features that seek to save us from ourselves.

  • If your app is automatically reading the clipboard contents as soon as it's opened, it's probably doing something nefarious.

    Don't try to sell it as a convenience or feature: that swooping up all the data that you can and it calls into question what other data its nefarious developers are collecting.

    If the app wants to access to the clipboard it should be preceded by the user doing an action that requires accessing the clipboard, like tapping on a field and selecting "paste".

    It's not rocket science.

  • Happens overandoverandoverandover

If all else fails, lower your standards.

Working...