Any iPhone App with Camera Permission Can Secretly Record You

Megalith · Oct 26, 2017

Google engineer Felix Krause has detailed an alarming privacy setting in Apple’s iOS that enables iPhone apps with camera permission to surreptitiously take photos and videos of you – without your knowledge. All of this without any notice or indication that your iPhone is snapping images of your face. No sound, no light, no LEDs.

The researcher notes that granting camera permission will enable apps to access both the front and the back camera of your device, photograph and record you at any time the app is in the foreground, upload this content immediately, and run real-time face detection to read your facial expressions.

Travolta · Oct 26, 2017

A google engineer eh?

otherweeb · Oct 26, 2017

I wonder if this is an inherent characteristic of phone apps that they seem to always be running. I get 'kindle has crashed' or some such all the time when I've previously closed the app. I'm beginning to think I have very little concept of wth it's doing in the background.

Wolf-R1 · Oct 26, 2017

Travolta said:
A google engineer eh?

Does it matter who found it? That's like complaining about a Linux engineer finding and disclosing Windows exploits.

bizzmeister · Oct 26, 2017

Lol the world is ending guys, no one is safe.

I already have a shitload of clients that I notice have black tape covering their front cameras on their phones. I don’t get it.

Getting the latest and greatest smart phones only to cover the cam?

raz-0 · Oct 26, 2017

Uhh.. no shit? That's why you nuke apps that ask for camera access if they don't have obvious camera features?

I'm pretty sure this is worse on android where every app you download comes with a warning that it's going to need access to everything and your first born child to let you operate a shitty pay 2 win shovelware game.

Spidey329 · Oct 26, 2017

otherweeb said:
I wonder if this is an inherent characteristic of phone apps that they seem to always be running. I get 'kindle has crashed' or some such all the time when I've previously closed the app. I'm beginning to think I have very little concept of wth it's doing in the background.

So many phone apps continue to run in the background to collect data. That's why being vigilant about permissions is important.

Not sure about iOS, but Android now does a pop-up to grant/deny permission to use a certain feature (camera, file system, location, etc.). There's a lot of apps that request permissions and seemingly work fine when denied. So kinda wonder what else they're trying to do.

tunatime · Oct 26, 2017

raz-0 said:
Uhh.. no shit? That's why you nuke apps that ask for camera access if they don't have obvious camera features?

I'm pretty sure this is worse on android where every app you download comes with a warning that it's going to need access to everything and your first born child to let you operate a shitty pay 2 win shovelware game.

I get adds on chrome about conversations i have had around my phone so yea i think google is worse.

sfsuphysics · Oct 26, 2017

Wolf-R1 said:
Does it matter who found it? That's like complaining about a Linux engineer finding and disclosing Windows exploits.

Maybe the Google engineer is just pissed because Google's been doing this for years with the NSA on the other side of the data stream.

Biznatch · Oct 26, 2017

tunatime said:
I get adds on chrome about conversations i have had around my phone so yea i think google is worse.

Bullshit.... If android was recording everything and sending it to google, 1- It would bee seen in the source code. 2- That would be WAY bigger news than this and be on every security site/blog.

SparkedFire · Oct 26, 2017

Biznatch said:
Bullshit.... If android was recording everything and sending it to google, 1- It would bee seen in the source code. 2- That would be WAY bigger news than this and be on every security site/blog.

I don’t know, but there have been several times this has happened to me too.

Zarathustra[H] · Oct 26, 2017

Honestly, I kind of assumed this was the case for all phones already. Any app you give permission to the camera could theoretically misuse that permission...

naib · Oct 26, 2017

Zarathustra[H] said:
Honestly, I kind of assumed this was the case for all phones already. Any app you give permission to the camera could theoretically misuse that permission...

Exactly. It still amazes me when people expect any form of privacy on the internet. or from internet connected devices.

Zarathustra[H] · Oct 26, 2017

naib said:
Exactly. It still amazes me when people expect any form of privacy on the internet. or from internet connected devices.

Well, I didn't say I was happy about it...

naib · Oct 26, 2017

I don't think anyone is

but if you consider anything that is exposed to an internet facing device is out there, how you behave differs. Anonymity comes back to bite people (recent MP in the UK), applications being buggy or snoopy, big providers having breaches...

Deleted member 243478 · Oct 26, 2017

Jesus HardOCP get some new Apple hate material seriously... any phone where you give app permission to control hardware has this capability

IcePickFreak · Oct 26, 2017

I can hear and see everything your doing right now, even after I already made this post and you're reading this in the future.

No, I'm not full of shit.

Nope, not kidding.

Sit up straight and get your hand outta your pants, you're reading tech news, what's the matter with you.

Ur_Mom · Oct 26, 2017

IcePickFreak said:
Sit up straight and get your hand outta your pants, you're reading tech news, what's the matter with you.

Meh. No big deal. I'm not going to be around my phone if I'm doing something illegal or whatever. Or at least that illegal that it would cause someone to want to listen on my conversations. For those type of things, I'd use a shitty flip burner phone. Theoretically speaking. I don't engage in illegal activities like that.

Jagger100 · Oct 26, 2017

Bu... bu... but... Alexa.

gxp500 · Oct 26, 2017

Do any of the 3 letter agencies have an app in the app store by any chance that require this permission? I'm sure its not a bug.

B00nie · Oct 27, 2017

tunatime said:
I get adds on chrome about conversations i have had around my phone so yea i think google is worse.

And you get ads in general why exactly?

steakman1971 · Oct 27, 2017

There is a bank in my city that not only uses MDM to disable camera access, but they also take a leather punch and smash the cameras on company issued cell phones. That's one way to fix the glitch.

Patton187 · Oct 27, 2017

I do my illegal comms via carrier pigeon.

Quix · Oct 27, 2017

This is something that pretty much everyone who has ever written an iPhone app that uses the camera knows about. I'm frankly surprised that anyone is surprised, That's probably why no one has bothered mentioning it before. Camera permission means they can access the camera, seems innocuous if when you're the one writing the program. I do understand why people would be upset, maybe Apple should add a light next to the camera.

P.S. All the program I wrote did was use the camera to scan 2d and 3d barcodes, that the user would intentionally hold up to the phone.

Any iPhone App with Camera Permission Can Secretly Record You

24-bit/48kHz

Gawd

Gawd

[H]ard|Gawd

2[H]4U

Supreme [H]ardness

[H]F Junkie

Well...OK

[H]F Junkie

2[H]4U

[H]ard|Gawd

Extremely [H]

[H]ard|Gawd

Extremely [H]

[H]ard|Gawd

Deleted member 243478

Guest

[H]ard|Gawd

Fully [H]

Supreme [H]ardness

Gawd

[H]F Junkie

2[H]4U

Gawd

2[H]4U