Android Q Will Kill Clipboard Manager Apps in the Name of Privacy (androidpolice.com)

← Back to Stories (view on slashdot.org)

Android Q Will Kill Clipboard Manager Apps in the Name of Privacy (androidpolice.com)

Posted by msmash on Friday March 15, 2019 @07:30AM from the up-next dept.

Bolstering privacy is one of the primary focuses for Google in Android Q, the latest version of its mobile operating system, and that may spell trouble for some of your favorite apps. From a report: In Android Q, Google has restricted access to clipboard data as previously rumored, which means most apps that currently aim to manage that data won't work anymore. Having an app that sits in the background and collects clipboard data can be a handy way to recall past snippets of data. However, that same mechanism could be used for malicious intent. Google's playing it safe by restricting access to clipboard data to input method editors (you might know those as keyboards). Foreground apps that have focus will also be able to access the clipboard, but background apps won't.

42 comments

Min score:

Reason:

Sort:

Have other os's done this yet? by pgmrdlm · 2019-03-15 07:34 · Score: 1

Tried to find if they had, but all I find is links to apps to help you with the clipboard. Not a knock at any os.

Hopefully, this will become the new norm of the mobile.

--
Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
1. Re:Have other os's done this yet? by BringsApples · 2019-03-15 07:45 · Score: 4, Funny
  
  This App needs access to the following:
  Add/Remove Contacts
  Make & receive phone calls and texts
  Storage
  Wifi
  Bluetooth
  Multimedia
  View Network State
  Automatically start at boot
  Read Phone State and Identity
  Write Contact Data
  Modify/Delete SD Card Contents
  Access to Clipboard
  Whoa, that last one is just too much!
  
  --
  Politics; n. : A religion whereby man is god.
2. Re:Have other os's done this yet? by pgmrdlm · 2019-03-15 07:51 · Score: 1
  
  It's a start I guess, have to start someplace.
  
  --
  Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
3. Re:Have other os's done this yet? by Anonymous Coward · 2019-03-15 09:17 · Score: 0
  
  I know this is a joke, but I really hate that Android permissions are "always on". A lot of those permissions make sense for a momentary thing an app might legitimately want to do; sure if I want you to take a picture of a QR code I expect you'll need access to the camera, but I've now just given you access to the camera permanently.
  I know there are apps that abuse the real features in order to gain access to additional data and a permanent home I don't really want them having.
4. Re:Have other os's done this yet? by Anonymous Coward · 2019-03-15 09:53 · Score: 0
  
  Indeed, I've often wondered about the security the clipboard on any system running X Windows. (This includes most Linux and BSD distributions.)
5. Re:Have other os's done this yet? by BringsApples · 2019-03-15 09:57 · Score: 2
  
  Except that it's not a joke. I'm pointing out the absurdity in the situation.
  
  --
  Politics; n. : A religion whereby man is god.
6. Re:Have other os's done this yet? by thegarbz · 2019-03-15 12:24 · Score: 2
  
  That last one really IS to much as now you have an app that can intercept your password manager.
7. Re:Have other os's done this yet? by Shikaku · 2019-03-15 12:26 · Score: 1
  
  Android 7+ makes you specifically turn on File access or camera access when first used so you can install the app and later revoke it if you want to and it prevents it from accessing the camera unless enabled specifically, so this problem has been solved but you would need a later version of Android installed that's 7+, believe it's called Nougat and it's part of the OS in the LineageOS port I use.
8. Re:Have other os's done this yet? by rtb61 · 2019-03-15 14:52 · Score: 1
  
  No great confidence in Alphabet/Google, I mean to say, a company with the name of Alphabet, can not even reproduce the Alphabet on the keyboards, no all the children must learnt the new QWERTY alphabet, all indexes rewritten to suit the anal retentive types at Google, they had to learn qwerty so fuck all future generations, they can learn it to, what a fucking pack of arse holes.
  
  --
  Chaos - everything, everywhere, everywhen
9. Re:Have other os's done this yet? by Anonymous Coward · 2019-03-16 16:20 · Score: 0
  
  I often copy passwords in my clipboard when my password manager fails to auto fill for whatever reason. Makes perfect sense to me.
10. Re:Have other os's done this yet? by BringsApples · 2019-03-19 02:42 · Score: 1
  
  Seems like all the previous ones before that nullified the need for a password.
  
  --
  Politics; n. : A religion whereby man is god.
If Google took Android security seriously by Anonymous Coward · 2019-03-15 07:53 · Score: 1

If Google took Android security seriously, they'd add a lot more permissions, and they'd make default permission setting "lie to the app and tell it that it has the permission it requested, and then just let it fail silently / return all zeros."
In this case, the app could believe it has clipboard access, but it just never sees any events. If the user truly wants the app to have this unsafe permission, they can go in and click through some "warning: this is dangerous" menu and give the app the actual permission.
1. Re:If Google took Android security seriously by mandark1967 · 2019-03-15 08:03 · Score: 1
  
  If Google took Android security seriously, they'd add a lot more permissions, and they'd make default permission setting "lie to the app and tell it that it has the permission it requested, and then just let it fail silently / return all zeros."
  In this case, the app could believe it has clipboard access, but it just never sees any events. If the user truly wants the app to have this unsafe permission, they can go in and click through some "warning: this is dangerous" menu and give the app the actual permission.
  I'd write an app that does this but it would need access to the clipboard...
  
  --
  Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
2. Re:If Google took Android security seriously by Solandri · 2019-03-15 08:13 · Score: 4, Insightful
  
  If Google took Android security seriously, they'd add a lot more permissions, and they'd make default permission setting "lie to the app and tell it that it has the permission it requested, and then just let it fail silently / return all zeros."
  That is in fact what Android has done since Marshmallow (version 6.0, released 2015). When you install an app, it has no permissions unless the user explicitly grants them. Marshmallow had a somewhat clumsy app permission settings interface. But later versions pop up a dialog asking whether or not you want to grant a permission the first time an app tries to do something needing that permission. If you don't grant it, the OS lets the app proceed as if it has permission, and it will either fail silently and work, or return all zeros and crash. Depends on how the author coded the app.
  
  The only major permission that's allowed by default and cannot be blocked is network access. Probably because giving the user control of that turns ad-driven apps into free apps (at least that's what happens when I deny network permission to apps on my rooted Android phone). Clipboard access is currently allowed, but apparently that's going away (TFA doesn't make clear if it's going to be prohibited entirely, or become user-selectable with Q).
3. Re:If Google took Android security seriously by crow · 2019-03-15 08:20 · Score: 1
  
  Absolutely!
  Need contacts? Either get the real ones or a fake empty list. Or possibly get some edited set. Or yes, but restricted to just names and phone numbers (or names and email for an email client).
  Need location? Either get the real location, or just get a static location defined by the user.
  Need storage? Either get it for real, or get a restricted app-specific subdirectory.
  Need the network? Either get it, or tell the app that you're offline. Oh, and add this back as a permission even if almost every app will ask for it. I have to run a VPN app to block network access on a per-app basis. (This was a regular permission in Android many versions back.)
  This sort of thing is so obvious that it's stupid that they haven't done it yet.
  And then there are the permissions they don't have but should. Many apps seem to start themselves up and do things automatically for no good reason. Make background activity a permission, and I'll turn it off on apps that shouldn't be active unless I tap the icon.
  I bet adding all the above would also do wonders for the battery life.
4. Re:If Google took Android security seriously by tepples · 2019-03-15 08:48 · Score: 2
  
  Need contacts? Either get the real ones or a fake empty list. Or possibly get some edited set.
  Would all apps on a given phone share the same "edited set"?
  
  Need location? Either get the real location, or just get a static location defined by the user.
  If this were to transpire, then movie streaming apps would quickly become exclusive to iOS, as streaming providers would have no way to verify that the user of an Android device is physically in a country (or a digital single market confederation) where the provider has licensed the movie.
  
  Need the network? Either get it, or tell the app that you're offline.
  "To continue using this feature, connect to the Internet. For advanced offline capability, subscribe to Offline Pack next time you're online."
5. Re:If Google took Android security seriously by Anonymous Coward · 2019-03-15 08:54 · Score: 1
  
  [Disclaimer: I'm the grandparent AC]
  I guess I should have been more explicit. No, that's NOT how Android 6 permissions work. It's how we wish they worked. This comes up every thread about Android permissions, so I got lazy and didn't spell it out:
  Android 6 permissions are not sufficient (at least not as implemented on 6, 7, or 8.1; I don't know about 9), because they allow the app to know it doesn't have the permissions, and it will nag you every time you use the app. The default needs to be what you claim that it is already (but it's obviously not): the app should have no way to know that it doesn't actually have the permissions it's asking for.
6. Re:If Google took Android security seriously by crow · 2019-03-15 09:00 · Score: 1
  
  Would all apps on a given phone share the same "edited set"?
  Ideally you could create as many sets of "contacts" as you like and define which set each app sees.
  
  If this were to transpire, then movie streaming apps would quickly become exclusive to iOS, as streaming providers would have no way to verify that the user of an Android device is physically in a country (or a digital single market confederation) where the provider has licensed the movie.
  Non-sense. The services work just fine on desktop systems without GPS. They'll just fall back to geo-IP databases. No big deal.
  
  "To continue using this feature, connect to the Internet. For advanced offline capability, subscribe to Offline Pack next time you're online."
  They could do that now.
7. Re:If Google took Android security seriously by Anonymous Coward · 2019-03-15 09:02 · Score: 0
  
  Need location? Either get the real location, or just get a static location defined by the user.
  If this were to transpire, then movie streaming apps would quickly become exclusive to iOS, as streaming providers would have no way to verify that the user of an Android device is physically in a country (or a digital single market confederation) where the provider has licensed the movie.
  Wait... are you saying that movie streaming companies somehow make apps, but they don't know that the Android debugger exists? LOL. (Hint: adb lets you specify any location you want.)
8. Re:If Google took Android security seriously by MightyMartian · 2019-03-15 09:07 · Score: 2
  
  There's a usability issue. Even Microsoft conceals a lot of permissions from most users. The whole notion of the Windows Power User was to open it up for those who had the capability. Android does have a lot of fine-grained permissions opened up now, but they're something you are going to have to dig for, because, let's be honest here, most users would probably screw things up royally if they went around monkeying with permission settings.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
9. Re:If Google took Android security seriously by MightyMartian · 2019-03-15 09:08 · Score: 2
  
  It's going to be pretty trivial to write an app in any operating system that can test what is capable of accessing and "nag" you. I could write a Powershell or Bash script in about five minutes that would alert a user "Hey, you need to open write access to C:\WINDOWS or /etc".
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
10. Re: If Google took Android security seriously by jrumney · 2019-03-15 09:33 · Score: 4, Interesting
  
  What they are currently missing is an "always ask" permission. You can either grant it permanently or deny it permanently (you can change the permissions deep within settings, but it isn't trivial to do, and there isn't an option to ask again). Even if the app doesn't make sense to use without a permission, I might still like to know when it is using the permission, especially if it is accessing my mic, camera or location.
11. Re:If Google took Android security seriously by drinkypoo · 2019-03-15 11:25 · Score: 1
  
  Android does have a lot of fine-grained permissions opened up now, but they're something you are going to have to dig for, because, let's be honest here, most users would probably screw things up royally if they went around monkeying with permission settings.
  As long as they have some easy way to reset 'em, who cares? Let them break things... and then fix them.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
12. Re:If Google took Android security seriously by Anonymous Coward · 2019-03-15 12:27 · Score: 0
  
  ... will either fail silently and work, or return all zeros and crash.
  
  I used a permission-stripper for a while and that is the result: It's surprising how many advert-supported applets crash when the network socket returns NULL.
  
  ... turns ad-driven apps into free apps.
  
  That's why I have wi-fi "off" by default (A phone is not my gateway to the internet.) and avoid all apps that access email/contacts (eg. Skype, Facebook). I also prioritize no-network applets over advert-driven applets.
13. Re: If Google took Android security seriously by Anonymous Coward · 2019-03-16 07:23 · Score: 0
  
  Yes this is great for tech people. But people who know next to nothing about technology will have a hard time getting their legitimate apps to work.
Pie Broke Keepass2 Keyboard by Anonymous Coward · 2019-03-15 07:55 · Score: 2, Interesting

Pie update broke Keepass2 keyboard, so I have to use the clipboard. Not cool. Now Q will break that. Nothing like breaking the security of a password manager for security reasons.
Hey, Google! How about asking THE USER for permission. "Background Clipboard Access?" Why would a have need that!?
Google's permission controls were great, when they finally got enabled. But they didn't make them granular enough up front (why does an app need permission to "make & receive phone calls" just to get to the unique device ID!?). Then, with each new update, they make them more and more restrictive, without a USER workaround.
Pretty much the new Android norm. Screw the user. We'll decide what you want, and you'll have no options. Thanks Apple...err Google.
1. Re: Pie Broke Keepass2 Keyboard by Anonymous Coward · 2019-03-15 09:03 · Score: 0
  
  Well, you got to keep your second ass.
2. Re:Pie Broke Keepass2 Keyboard by Anonymous Coward · 2019-03-15 23:28 · Score: 0
  
  ^ Mod up this post ^. Destroying clipboard access for password managers will kill good security!
  I HATE it when websites/apps don't let you cut-n-paste in passwords. That only forces people to
  use simple to type passwords, killing good security!
Change the way the clipboard works by Anonymous Coward · 2019-03-15 07:58 · Score: 0

Why don't you implement this: once the content is pasted, remove it from the clipboard?
Problem solved.
Re: Mobile OS users are too stupid for the interne by Anonymous Coward · 2019-03-15 08:04 · Score: 1

I know, right.

Sent from my iPhone.
Seems like a low-risk thing to go after. by SuperKendall · 2019-03-15 08:38 · Score: 1

To me it feels like cut and paste is not heavily used on mobile devices, so I'm not sure if this move hurts more than it helps...
A pasteboard is just one of many conduits to get data to another application, and should be the choice of last resort.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:Seems like a low-risk thing to go after. by Anonymous Coward · 2019-03-15 09:40 · Score: 0
  
  I copy/paste all the time on Android. Don't be silly.
2. Re:Seems like a low-risk thing to go after. by 93+Escort+Wagon · 2019-03-15 10:08 · Score: 1
  
  To me it feels like cut and paste is not heavily used on mobile devices, so I'm not sure if this move hurts more than it helps...
  I remember way back, when iOS didn't have a(n easily accessible) copy + paste function. Apple got a lot of well-deserved grief over that.
  Sometimes you don't realize how often you use something until it is not available to you...
  
  --
  #DeleteChrome
KDE Connect by Gavagai80 · 2019-03-15 08:57 · Score: 1

I guess that'll kill KDE Connect's ability to copy text from my desktop to my phone. That's sad, because it's the only thing that makes texting long links or quotes tolerable (from things that I'm reading on my desktop, since I inflict mobile browsers on myself only when necessary).
Hopefully KDE Connect can improve their desktop texting interface enough that I can simply text from desktop to avoid the need for clipboard sharing.

--
This space intentionally left blank
Boo... not cool I like Clip Stack by Kevoco · 2019-03-15 09:18 · Score: 1

https://play.google.com/store/apps/details?id=com.catchingnow.tinyclipboardmanager&hl=en_US
Clipboard Manager on small devices... by fbobraga · 2019-03-15 09:21 · Score: 1

... are so useful! https://play.google.com/store/... is the first aopp I install on any Android device!
Comment removed by account_deleted · 2019-03-15 09:46 · Score: 1

Comment removed based on user account deletion
Replacement? by Anonymous Coward · 2019-03-15 16:23 · Score: 0

Clearly there is a need for these tools, I use one myself. Is Google going to implement a replacement feature in the OS itself?
Really though, Google needs to let you easily permit/deny *granular* permissions as you install, and simplify changing them. I on't care if an app wants to ask for the moon, it almost certainly doesn't need it, let me more easily restrict what it can do. And why doesn't the play store include some sort of scan of apps to see whether permissions are even being used for basic operations?
That's a good joke... by Anonymous Coward · 2019-03-16 11:31 · Score: 0

Now tell me something serious.
Google will never gave up the main Android income.. that's the user data. Hahaha I will not use ever again a mobile than have an Android OS, actually I don't own any device running Android and will continue to do so
Making 5,000 decisions to exclude a contact by tepples · 2019-03-22 09:43 · Score: 1

Ideally you could create as many sets of "contacts" as you like and define which set each app sees.
If a user has 100 contacts and 50 apps installed, the user would have to sit and make 5,000 decisions as to whether to expose each contact to each app. What user interface do you propose to accomplish this in a reasonable time?

The services work just fine on desktop systems without GPS. They'll just fall back to geo-IP databases. No big deal.
The operators of said services would adjust the heuristics for VPN detection to allow more false positives on desktop or on mobile platforms that can fake location.

"To continue using this feature, connect to the Internet. For advanced offline capability, subscribe to Offline Pack next time you're online."
They could do that now.
They already do that now, as in EA's SimCity, Nintendo's Super Mario Run, and any other video game that continuously phones home. My point is that if mobile operating systems allow users to fake offline status per app, this practice will become more common than it already is.
android:debuggable="false" by tepples · 2019-03-24 07:14 · Score: 1

How well does Android Debug Bridge work on apps whose debuggable attribute has been set to false?