Apple Executive Responds To Annoying iOS 16 Copy and Paste Prompt: 'Absolutely Not Expected Behavior' (macrumors.com) 42
Apple has responded to user complaints regarding an annoying pop-up in iOS 16 that asks for user permission if an app wants to access the clipboard to paste text, images, and more. From a report: The new prompt was added to iOS 16 as a privacy measure for users, requiring that apps ask for permission to access the clipboard, which may have sensitive data. The prompt, however, has become an annoyance for users as they install iOS 16, as it constantly asks for permission whenever they wish to paste something into an app. As user annoyance with the behavior boils high, Apple has finally responded, saying the constant pop-up is not how the feature is intended to work. MacRumors reader Kieran sent an email to Craig Federighi and Tim Cook, complaining about the constant prompt and advocating for Apple to treat access to the clipboard the same way iOS treats third-party access to location, camera, microphone, and more. Ron Huang, a senior manager at Apple, joined the email thread saying the pop-up is not supposed to appear every time a user attempts to paste. "This is absolutely not expected behavior, and we will get to the bottom of it," Huang said. Huang added that this behavior is not something Apple has seen internally but that Kieran is "not the only one" experiencing it. Responding to the suggestion that clipboard access should be added within the Settings app on a per-app basis, Huang said it would make a "good improvement" and added that Apple "certainly need to fix and make apps like Mail just work even without this setting, but it's nonetheless helpful for apps which users want to share data with even if they didn't initiate it." "Stay tuned," he added.
They should have copy/pasted code (Score:1)
They should have copy/pasted code from the other examples cited, so it would work correctly.
Or maybe...you know...put it in a function and call it from multiple places.
I dunno...seems like there are ways to prevent this sort of thing and get it right the first time.
Re: (Score:3)
They should have copy/pasted code from the other examples cited, so it would work correctly.
Or maybe...you know...put it in a function and call it from multiple places.
I dunno...seems like there are ways to prevent this sort of thing and get it right the first time.
Your suggestions aren't innovative or brave enough!
Re:They should have copy/pasted code (Score:5, Insightful)
Re:They should have copy/pasted code (Score:4)
Yep. That sent alarm bells in my security oriented brain.
If pasting requires the app to access the clipboard and the privilege to do so, then they're doing it wrong.
Paste initiated by the user should cause the OS to pull from the clipboard and pass it to the app. The app should not be calling anything to "paste".
Re: They should have copy/pasted code (Score:3)
Re: They should have copy/pasted code (Score:3)
Re: (Score:2)
False. For example, the UPS app forces a paste whenever you open it.
copy/pasted code from windows vista! (Score:2)
copy/pasted code from windows vista!
Hmmm.... (Score:4)
Hmmm....
Can't it just give the choice between:
1) Allow once for this time only
2) Always allow
??
Pretty standard behavior IMHO!
Re: (Score:2)
Okay, but I want to control not just when it can happen, but also which apps it can happen between. Not that I'm an iOS user, but to my mind this is the necessary behavior regardless of which OS you're on.
Re: (Score:2)
"Do you want to allow WeChat to access the clipboard with data from Google Images?"
"Do you want to allow WeChat to acces
Re: (Score:2)
Your solution assumes the clipboard data should always be treated with the same level of security
It absolutely should. The clipboard is data outside of the control of an app and should never have any security assumptions made about it. Your banking app should control data exfiltration. That's it. The clipboard by design is a shared space, not a secure component of the OS.
What would make sense permission wise is to:
a) let the OS do anything (such as copy any text on screen and paste into any available field where input data is expected).
b) apps which access the clipboard directly should request permissi
Re: (Score:1)
Hmmm....
Can't it just give the choice between:
1) Allow once for this time only
2) Always allow
??
Pretty standard behavior IMHO!
Really great idea. Unless you think it through. If you copy something on your mac, then the clipboard content is automagically shared between all your devices. Copy something on your imac and paste it in your macbook.
And saying "Always allow" now enables the app to continuously ask the clipboard for its content. So if you for instance copy a password from your password store on your imac, your super duper app on your iPhone can read it.
That is the reason why I deactivated the clipboard syncing in my icloud
Windows 11 "Show More Options" (Score:2)
We have lost the security battle. (Score:1)
What happened to Apple's walled security garden - the apps it contains should never have to be so security restricted. More fail.
Re:We have lost the security battle. (Score:5, Insightful)
Apple made a dumb mistake, but come on. It is reasonable to restrict an application from accessing the clipboard if the user did not initiate a copy or paste. It's not unusual to, say, copy a password from a password vault and paste it into another app. Afterwards, that password is still in the clipboard and you don't would want some other app sniffing it without the user's knowledge.
Security reviews aren't perfect. They are performed by people and people make mistakes and miss things. Defense in depth is good.
I dropped iPhone for other reasons, but the security/privacy features are the biggest thing I miss vs my Android phone.
Re: (Score:2)
My point was not that it happens, but that people now think it is normal that you even have to worry about things like this. I guess what I am saying is that modern computing is a disaster.
Re: (Score:2)
Afterwards, that password is still in the clipboard and you don't would want some other app sniffing it without the user's knowledge.
It should be up to the password vault app to clear the clipboard like how it does on any other OS. The clipboard is not a secure transfer medium.
I do agree though apps should request information to access clipboards directly, but the OS level apps (e.g. the keyboard) shouldn't ever have to request anything and have access to copy and past all data inputs or outputs.
Re: (Score:3)
This is a bug. They happen from time to time. Plus, this time, it happened only to a handful of users, it's not that widespread.
Re: We have lost the security battle. (Score:2)
Yep, this feature hasn't caused me any grief. It's unfortunate some users are affected.
Re:We have lost the security battle. (Score:4)
This is a bug. They happen from time to time. Plus, this time, it happened only to a handful of users, it's not that widespread.
It's also a clue as to how it works under the hood and it's not pretty - pasting requires the pasted-to app to have access to the clipboard. That's pretty bad.
Re: (Score:1)
Since when are apps privvy to this?
Re: (Score:2)
For just text, it should not be visible to SW. But in browsers is clearly is, which is why some web sites prevent you pasting into a field so I have to install the "don't fuck with paste" extension so I can copy and paste my really long passwords from my password manager.
I assume it is no different with phones.
When it is say, a picture, you can infer a paste since it comes with the type information and you cannot enter a picture through the keyboard.
How does this get out of usability testing? (Score:2)
Oh right, Apple thinks they're golden and doesn't DO that.
Just as annoying in MacOS when it asks me if I want to access my own documents, though you typically only get the prompt occasionally.
Re: (Score:2)
"Yes, I do want iTerm to be able to access my Documents directory, thank you very much."
Re: (Score:2)
Re:How does this get out of usability testing? (Score:4, Informative)
And how did it not get caught with the extensive public beta tests?
Because it only happens to a handful of users ?
$6B+ on a Spaceship campus, $0 on QA (Score:2)
One of the world's richest companies spends $6 billion+ on a luxury Spaceship campus, flaunts it in their keynotes at every opportunity, but spends exactly $0 on QA, obviously.
Re: (Score:3)
So, your premise is that Apple should have exactly *zero* bugs?
Talk about having high standards ...
How? (Score:2)
How is this possible? You mean to tell us that with all the vaunted testing not a single person came across this in testing?
Or perhaps the question should be, was testing even done? Is Apple following Microsoft's lead and simply shoving out software and letting the users find the bugs?
Re: (Score:1)
One possiblity would be app producers drawing inspiration from VW
There Are Other Bugs (Score:3)
Since the update, every time I get a text message, a big pop-up comes asking: since this sender is not in Contacts, should we report it as spam? (The number will not be blocked, however.) I get many daily messages from medical, transportation, and delivery services that I use. Those are always random numbers that change every time. There should be a way to turn off this question. (If I want to mark something as spam, I would go out of my way!)
Well, although it's obscure, there is such a setting. O looked, and it is already turned off. Moreover, it's supposed to be a menu, but it's not. It's turned off, and you can't change that. But the system ignores this setting. So I have to go through this stupid prompt (and hope I don't press the wrong button) every fucking time I get a message. About 12 times a day!
And this seems to be another "only affecting some users" problem. Carrier tech support totally understands the issue and verified that it's not something I did. They tried resetting various other things as a guess. There is no solution.
I fully expect this will be broken forever. Eventually I will take this iPhone to the range, but I just got it in June (my first iPhone) and cannot afford to destroy it.
I noticed other bugs, too. But that one is new with the iOS refresh and happens every day all day.
Re: (Score:2)
It'll get fixed soon I suspect
I usually update, at most, once a year to the last version of a major release (i.e., I plan on updating to the last iOS 15 sometime soon from iOS 14)
That said, I'm older and want my phone working as reliably as possible and am not interested in the latest silliness which I likely won't even use
Dog-fooding (Score:2)
God save us (Score:2)
God save us from all the code and features that seek to save us from ourselves.
App Spying (Score:1)
If your app is automatically reading the clipboard contents as soon as it's opened, it's probably doing something nefarious.
Don't try to sell it as a convenience or feature: that swooping up all the data that you can and it calls into question what other data its nefarious developers are collecting.
If the app wants to access to the clipboard it should be preceded by the user doing an action that requires accessing the clipboard, like tapping on a field and selecting "paste".
It's not rocket science.
What about constant sign-in prompt? (Score:2)