Hacker News new | ask | show | jobs
by nwh 4283 days ago
iOS8 keyboards still make me very uncomfortable. How many of them contain keyloggers?

It's not even if I have one installed, the people I communicate with will be using them too, and they can compromise me.
2 comments
josh64 4283 days ago
I'm pretty sure they are sandboxed and can't access the network at all. Actually looks like you can set a flag to access the network.

https://developer.apple.com/library/ios/documentation/Genera...

link
lyinsteve 4282 days ago
Not to mention third-party keyboards are not allowed in password fields. I guess that's unfortunate for anyone with non-standard unicode in their passwords, though.
link
nwh 4283 days ago
Can users see this flag?
link
ihuman 4283 days ago
By default, it is false. The app cannot change it without asking the user first. You cannot see it.
link
nwh 4283 days ago
http://i.imgur.com/bSIhNOP.png

Big scary warning, I like it. Swiftkey does badger people to enable it though, so presumably it's sending a lot of data back to their servers as a business model. Nasty.

link
comex 4282 days ago
SwiftKey says they do not send any data unless you explicitly enable it (separately from Full Access):

https://iossupport.swiftkey.com/hc/en-us/articles/201466641-...

link
nnx 4282 days ago
Nice scary warning indeed. Default/Suggested action should probably be "Don't allow" tho.
link
supergauntlet 4282 days ago
well swiftkey iirc does some data analysis on stuff like commonly used words and then uses those for suggestions for new users. its not totally without user benefit, though the potential for evil is certainly there.
link
walterbell 4282 days ago
Is a keylogger the best way to determine a list of commonly used words?
link
wodenokoto 4282 days ago
While it has the potential for privacy issues, it is also the basis for the entire product. The only way to build prediction is to have data.

I think Nasty is a bit strong here.

link
spilk 4282 days ago
I have SwiftKey installed and there is an option in the Settings->General->Keyboard->Keyboards->SwiftKey allows me to toggle it on/off:

https://i.imgur.com/RUN4nno.png

link
gergles 4282 days ago
But now you can't swipe enter or get predictions. To use it anywhere near as advertised, they extort your data out of you.
link
melloclello 4283 days ago
I can't speak for anybody else's apps, iOS or Android, but Glyf sure doesn't have a keylogger included, at the very least...
link
nwh 4283 days ago
I didn't mean to suggest that at all, I was commenting on the concept of having executable keyboards outside of the usual application sandbox rather than yours in particular.
link