Bug on iOS / iPadOS 13[.1] may give improper permissions to third party keyboards

Bug on iOS / iPadOS 13[.1] may give improper permissions to third party keyboards

IOS 13.1 arrived today, along with iPadOS 13.1, to make Apple software more stable after all, it would not be an exaggeration to say that the initial release of iOS 13 had its dose of instability and minor issues here and there. Still, not everything is resolved with the arrival of the latest update.

Apple today posted a warning on its website alerting users to a bug, present in all versions of iOS 13, that may grant improper permissions to third party keyboards. According to Ma, these utilities (like the famous Gboard and SwiftKey) can gain full access to system permissions even if the user at the has authorized this when installing apps.

This is hardly a headache for most users: many of us, after all, grant these permissions to keyboards when we install them themselves that allow them to function to their fullest, with features such as text suggestion or integration with the keyboard. Internet.

Still, it is worth remembering that the so-called "full access" means in practice that the keyboard in question can gain internet access and capture your typing, potentially sending sensitive data (such as passwords or personal information) to external servers. This is hardly a concern for keyboards held by large and (theoretically) reliable companies such as Google or Microsoft; On the other hand, if you installed a "suspicious" keyboard just to use a funny feature or something, beware even if you didn't give it permission.

In any case, it is good to note that the native iOS keyboard is immune to the bug which is obvious since, being an integral part of the system, it has all the permissions it needs to function enabled from the first moment.

According to Apple, a fix for the problem will be fixed in a future software update. For now, what you can do access the Settings of your device and in the section General Keyboard Keyboards, disable all third parties that are not fully trusted. All little care, after all.

via TechCrunch