Apple Patches App Privacy Issue, Many More Left Unaddressed for Now
Apple fixed an app fingerprinting issue in iOS 27 Developer Beta 3, an early preview of the next major version of iOS, making it a bit harder for apps to fingerprint you.
Apparently Apple has fixed the clipboard counter in iOS 27 beta 3 thanks to Loupe. ✌️
— Mysk 🇨🇦🇩🇪 (@mysk_co) July 9, 2026
Hey Apple, a little shoutout to the Loupe project would have been nice! https://t.co/hTontciS8j pic.twitter.com/UVByFl9y49
The issue in question is related to the changeCount variable, a value that would increment "when pasteboard items are added, modified, or removed," according to Apple's documentation.
This value is visible to all apps and counts up from the time your iPhone was set up, providing a method of fingerprinting a user over time, since the value likely won't change very quickly.

Reportedly, as of iOS 27 beta 3, changeCount will now be reset to 0 after each reboot, effectively eliminating it as a long-term fingerprinting vector.
This is stated in Apple's documentation as well:
When users restart a device, the change count is reset to zero.
However, this doesn't reflect the behavior of the current stable version of iOS, iOS 26.5.2, indicating that the behavior of counting up since the iPhone was set up is likely a bug.
Mysk, the creators of an app called Loupe which allows you to see the information apps have access to in order to fingerprint you or reveal sensitive information, credit the fix to their app, although there's no official statement from Apple crediting them.
While this is great news, the Loupe app reveals many other unaddressed privacy issues in iOS.
For example, apps can see the exact date and time, down to the second, that your iPhone's storage volume was created, a value that's likely unique to each iPhone.
Apps also have unrestricted access to motion data without any permission prompts presented to the user to accept. This can reveal your movement patterns and it's even been shown that audio can be recovered using just motion sensor data.
When setting up audio accessories such as AirPods, the default name includes the first name of the Apple account of the person setting them up, so oftentimes they'll be named "Steve's AirPods" or something like that. This means for a lot of people, any app can see their real first name.
Abusing canOpenURL, apps can see what other apps are installed based on whether a URL scheme specific to that app will work. Looking at Apple's documentation, it seems like in iOS 15 they restricted this to a maximum of 50 queries and now in iOS 27 will be restricting it further to a maximum of 25, which is a nice improvement but still won't fully fix the underlying issue.
Community Discussion