Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Developer Warns That Granting iPhone Camera Permissions Allows Apps to Secretly Capture You

wikiverse said:
This is the problem with sandboxes and app stores. People are trained (by Apple) to think that their devices are safe from spyware, malware, viruses and malicious app activity in general. This is not the case.

Uber was tracking people before and after journeys & tracking IEMI numbers, Path was and Foursquare is uploading a user's entire address book and contacts to their servers, and the Chinese App Store was infected with malware through Xcode - including apps like WeChat and Angry Birds 2.

Apple creates a false perception that any app on the App Store is safe, while allowing apps to ask for permissions (or permission levels) that are entirely unnecessary for the app to function.
Click to expand...

Nothing is 100% safe. It all depends on the level of safety measures taken.

This camera "problem" is as old as the first webcam ever invented. Sure, Apple could add a visual indicator when the camera is active, but then someone will say that the microphone can do the same, and suddenly the phone and top bar will be filled with lights and indicators.

The one AppStore concept helps a lot in preventing malware, but with the thousands of apps flowing, it's impossible to detect all of it. So blaming the AppStore and Sandboxes makes no sense at all.

The most practical way to combat that is with the membership program and member verification, and penalizing those developers who break the rules or get involved in unethical practices.

The malware incident was caused by some dumb developers downloading infected Xcode from a third-party site instead of downloading it from Apple. That was their mistake. It's almost impossible to detect this type of malware unless it has already been discovered. Otherwise Apple would need to sit and read every line of code inside each app being submitted.
 
  • Like
Reactions: tooloud10
mdellepi said:
But would an app secretly recording you pass the AppStore review process?
Click to expand...

Probably. The review process is extraordinarily minimal. Two separate reviewers will use an app for up to 10 minutes, making sure that it seems to do what it says it does. As long as it doesn't crash during that time or blatantly violate Apple's rules, it'll pass the review process.

===

I can 100% imagine Facebook would choose to do this. They'd probably justify it by saying that it improves the responsiveness of when you want to take a picture or video or go live.
 
  • Like
Reactions: Oblivious.Robot
mdellepi said:
But would an app secretly recording you pass the AppStore review process?
Click to expand...

It's a possibility.
I'm an app developer and my apps can change their behaviour after I upload them for review.

Apple should review and monitor apps even after they pass the review process, so they can be sure a malicious developer can't just trigger a functionality after release.
 
RWil85 said:
excuse my ignorance...but,..

that does not address the issue of the image presented being taken to the cloud and uploaded elsewhere without the users explicit permission to initiate that act.
Click to expand...

Common sense shows that standing naked in front of an electronic device with a camera is the same as standing naked in front of a window.
If you don't want anyone to see you, then don't do it.
 
Amazing Iceman said:
Common sense shows that standing naked in front of an electronic device with a camera is the same as standing naked in front of a window.
If you don't want anyone to see you, then don't do it.
Click to expand...

not saying I'd do it.

just pointing out that the app showing what's seen, LED indicators, etc are great and all - but, the problem still lies specifically in the capture/upload of the image - not necessarily that the camera can see it.
 
wikiverse said:
This is the problem with sandboxes and app stores. People are trained (by Apple) to think that their devices are safe from spyware, malware, viruses and malicious app activity in general. This is not the case.

Uber was tracking people before and after journeys & tracking IEMI numbers, Path was and Foursquare is uploading a user's entire address book and contacts to their servers, and the Chinese App Store was infected with malware through Xcode - including apps like WeChat and Angry Birds 2.

Apple creates a false perception that any app on the App Store is safe, while allowing apps to ask for permissions (or permission levels) that are entirely unnecessary for the app to function.
Click to expand...


Uber was tracking people after Apple gave their app special permission to do so. They didn't sneak anything past Apple.
 
Already know this that’s why I don’t grant Facebook and other apps no more since they wanna behave like Snapchat
 
RWil85 said:
not saying I'd do it.

just pointing out that the app showing what's seen, LED indicators, etc are great and all - but, the problem still lies specifically in the capture/upload of the image - not necessarily that the camera can see it.
Click to expand...

That's uncontrollable. If a developer captures an image or video without the user's consent, he could be committing a crime, and has to be held responsible for it.
 
It's great to raise awareness about these issues. But this is hardly news. The same is true for every Android device. This has been possible forever.
 
  • Like
Reactions: icecrystal23
This is where a closed ecosystem and a trustworthy gate-guardian come into their own. If we can trust Apple to identify the malicious apps before reaching the app store then my brand-loyalty would increase considerably (especially since I have kids).
I have never liked the fact that iPhone (and many other brand phones and laptop) cameras (& mics) do not have LED indication of being on. Perhaps it is time to legislate that all recording devices capable of violating privacy must, by regulation, have hard wired power-on indication visible to the user. Let's face it, it would never happen voluntarily.
 
Moonjumper said:
Another option for addressing the issue:

  • An app must show an image of what the camera sees whenever the camera is active
Click to expand...

I thought this was already the case. Did something change? Did ARKit open up this possibility?
 
This reminds me of eyerolling when people put tape over the webcam on their laptops... But I've never seen anyone put tape on both sides of their phones. (And every laptop I know of actually indicates that the camera is on).

And yes, this has been known for a while. You can activate and use the camera on iOS without displaying the preview window, and it's always been this way (see the many "spy camera" type apps on the store).
 
wikiverse said:
This is the problem with sandboxes and app stores. People are trained (by Apple) to think that their devices are safe from spyware, malware, viruses and malicious app activity in general. This is not the case.

Uber was tracking people before and after journeys & tracking IEMI numbers, Path was and Foursquare is uploading a user's entire address book and contacts to their servers, and the Chinese App Store was infected with malware through Xcode - including apps like WeChat and Angry Birds 2.

Apple creates a false perception that any app on the App Store is safe, while allowing apps to ask for permissions (or permission levels) that are entirely unnecessary for the app to function.
Click to expand...

There is no 'safe' or 'secure', but there is 'safer' and 'much more secure'. None of this stuff is perfect or ever will be, but it's obvious to me that Apple is indeed doing a remarkably better job of handling these issues than Google is.
 
Moonjumper said:
Another option for addressing the issue:

  • An app must show an image of what the camera sees whenever the camera is active
Click to expand...
I think that would limit a number of valid apps as well, especially for AR. I would say that the best option would be some kind of indicator like a small LED on the bezel or on the screen.
 
So... granting an app permission to use your device's camera means that the app can access your camera? Who would have guessed?
 
  • Like
Reactions: cyanite
I like all the comments above. But I must say I am a little disappointed in MacRumors for doing what main stream media is doing more and more of lately. "Bait and switch" The last sentence of the article says everything and it should be the first sentence of the article. "As a point of emphasis, Krause's project isn't a bug or a major security breach you need to worry about, but it is a good reminder to ensure the apps you grant camera access to are trustworthy." MacRumors, I thought you were better than this.
 
  • Like
Reactions: icecrystal23
I think that when users grant camera hardware and photo roll access to an app, they’re generally intending that those accesses happen only upon specific initiating actions. Eg:
  • Start recording video now
  • Take a photo now
  • Allow me to select one or more previously taken photos or videos now
But in reality they’re giving permission for the app to take photos and record videos whenever, and scape all previous photos and videos whenever.

This facilitates apps making custom UIs to accomplish the intended tasks, but opens the possibility of broader undesired behaviours.
 
Developer Warns That Granting iPhone Camera Permissions Allows Apps to Secretly Capture You
Click to expand...
Emphasis mine. If you grant the permission, then it's not secret. I don't ask someone into my home and get concerned when they cross the door threshold.
 
belvdr said:
Emphasis mine. If you grant the permission, then it's not secret. I don't ask someone into my home and get concerned when they cross the door threshold.
Click to expand...

The problem is that granting access to the camera is not time- or context-limited. 'Secret' refers to the use of the camera when the user does not expect the camera to be used legitimately.
 
This is BS and scaremongering. The big problem is the point about the app running in the foreground, because it wouldn’t be possible in the background. Apple is very, VERY strict about when it allows apps to run in the background. It only allows those in very specific cases, it’s super rare for an app to truly be fully running in the background. Even navigation apps aren’t allowed to freely run in the background, they tie into the GPS which revives the app after it has detected that the phone has moved beyond a certain distance.

So this only works while you are using the app, it’s not like the app can capture you doing stuff when you aren’t specifically running the app you granted permission to use the camera (and this is the camera, not the camera roll - those are different permissions).

The “proof of concept” app wouldn’t be approved for the App Store if it ran in the background, it would fail the automated test Apple runs on submitted apps. And if it’s in the foreground, then duh - you gave the app permission to use the camera while you are using the app, it can do whatever it wants.
 
Last edited:
  • Like
Reactions: cyanite and omglolbbq
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back