Skip to content
Thoughtful, detailed coverage of everything Apple for 29 years
and the TidBITS Content Network for Apple professionals
No comments

Apple Warns of Vulnerability in Third-Party iOS Keyboards

Apple has published an advisory about third-party keyboard extensions in iOS 13 and iPadOS 13 (presumably also version 13.1 because the advisory was published the same day it was released). By default, third-party keyboards run without any access to external services, and you must enable “full access” to let them connect to the Internet, which many require to provide additional features. Apple says that a bug in iOS 13 and iPadOS 13 lets some keyboard extensions access the Internet even if you haven’t allowed full access.

On its face, this sounds like a serious vulnerability, but the reality is that most third-party keyboards aren’t useful unless they have full access, so the actual impact is probably minimal. You can see which keyboards you have installed in Settings > General > Keyboard > Keyboards, and we recommend uninstalling any you don’t use (swipe left on the keyboard to reveal a Delete button).

Allowing full access for an iOS keyboard

Read original article

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 29 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About Apple Warns of Vulnerability in Third-Party iOS Keyboards

Start the discussion in the TidBITS Discourse forum