What You Need to Know about the iOS Camera Access Privacy Loophole

The Spying Eye Waiting in Every Device

A Google engineer who does security research on the side has found something worrisome about iOS Camera permissions. Felix Krause detailed in a blog post (via The Next Web) how granting permission to an app to use your camera allows that app to take photographs or videos of you without your knowledge. It’s a privacy loophole that could be serious.

Mr. Krause did this research on his own time, and not as part of his job with Google.

Well, Duh

To a person, everyone on TMO‘s staff initially reacted with some version of “Duh.” Granting permission to an app to access your Camera means that app has access to your Camera. What Mr. Krause describes is essentially iOS simply being iOS and doing what it’s supposed to do.

Not So Fast

This issue goes a lot deeper than that, however; the extent a developer could push expected behavior go far beyond those expectations. What Mr. Krause discovered is pernicious and scary, and I think Apple is going to change how this system works.

The Issue with iOS and Camera Access

Here’s how Felix Krause summed up what he found:

Once you grant an app access to your camera, it can

  • access both the front and the back camera [at the same time, with no indication of either]
  • record you at any time the app is in the foreground
  • take pictures and videos without telling you
  • upload the pictures/videos it takes immediately
  • run real-time face recognition to detect facial features or expressions

Have you ever used a social media app while using the bathroom? 🚽

All without indicating that your phone is recording you and your surrounding, no LEDs, no light or any other kind of indication.

He included this video, too:

You’re Coding It Wrong

The issue here is what a developer could do with Camera access, not what someone has done. That we know of, no one has exploited this privacy loophole in the wild. If anyone has tried, it would appear as if Apple spotted it and asked the developer to change their app before approving it for the App Store.

All of the major camera and social media apps I’ve used give you a shutter sound when you snap a pic and don’t snap pics without my say-so. An on-screen indicator shows when video is being taken, too.

A possible fix for this issue might be for Apple to force that behavior, rather than it simply being common sense for developers.

What You Can Do

Mr. Krause offers his thoughts on protecting yourself, including getting cases with camera covers, revoking permission for all apps to access your camera, and only using Apple’s built in Camera app.

While true, I personally am OK with something a lot less extreme: only allowing trusted apps to access my camera. I may have a lot of philosophical issues with Facebook user dossiers, psychological experimentation, and willingness to profit from spreading Russian propaganda, but I don’t think Facebook is going to livestream my visits to the toilet.

And hopefully Apple will make some adjustments to developer guidelines, App Store vetting, and iOS to make sure this never becomes a real-world issue.

4 thoughts on “What You Need to Know about the iOS Camera Access Privacy Loophole

  • Apple’s app store process filters out bad programming. That’s why Apple has there approval process so you don’t end up with apps like they have on Android with malware and who knows what else. I’m sure if there was no approval process for Apps like Android there would be cameras going off by themselves and so on. But Apple is smarter then this and cares about the customer more to prevent it. If they find any information from this loophole story that does effect privacy or security Apple will I’m sure deal with it with an IOS update.

  • A possible fix for this issue might be for Apple to force that behavior, rather than it simply being common sense for developers.

    They do force it as part of the Developer’s License Agreement and as such it is something they look for during the vetting process…

    3.3.8 If Your Application makes recordings (including but not limited to an image, picture or voice capture or recording) (collectively “Recordings”), a reasonably conspicuous audio, visual or other indicator must be displayed to the user as part of the Application to indicate that a Recording is taking place.

    And it’s extremely easy to determine if an app may need camera access; the developer has to include a “Privacy – Camera Usage Description” key in the app bundle info.plist file. And that key must be a string that explicitly states what the camera will be used for. Furthermore, the developer must also submit a privacy policy in the app bundle containing a clause on camera usage.

    If that description key is not included, then the camera will not be available to the app at all. And, if Apple sees that the app may try to use the camera for anything other than what’s mentioned in the info.plist description or the privacy policy, the app is rejected.

  • Have you ever used a social media app while using the bathroom?

    Facebook does not get access to my camera, or microphone, I take pictures and video outside of the app. It does have access to Photos.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.