A Google engineer who does security research on the side has found something worrisome about iOS Camera permissions. Felix Krause detailed in a blog post (via The Next Web) how granting permission to an app to use your camera allows that app to take photographs or videos of you without your knowledge. It’s a privacy loophole that could be serious.
Mr. Krause did this research on his own time, and not as part of his job with Google.
To a person, everyone on TMO‘s staff initially reacted with some version of “Duh.” Granting permission to an app to access your Camera means that app has access to your Camera. What Mr. Krause describes is essentially iOS simply being iOS and doing what it’s supposed to do.
Not So Fast
This issue goes a lot deeper than that, however; the extent a developer could push expected behavior go far beyond those expectations. What Mr. Krause discovered is pernicious and scary, and I think Apple is going to change how this system works.
The Issue with iOS and Camera Access
Here’s how Felix Krause summed up what he found:
Once you grant an app access to your camera, it can
- access both the front and the back camera [at the same time, with no indication of either]
- record you at any time the app is in the foreground
- take pictures and videos without telling you
- upload the pictures/videos it takes immediately
- run real-time face recognition to detect facial features or expressions
Have you ever used a social media app while using the bathroom? 🚽
All without indicating that your phone is recording you and your surrounding, no LEDs, no light or any other kind of indication.
He included this video, too:
You’re Coding It Wrong
The issue here is what a developer could do with Camera access, not what someone has done. That we know of, no one has exploited this privacy loophole in the wild. If anyone has tried, it would appear as if Apple spotted it and asked the developer to change their app before approving it for the App Store.
All of the major camera and social media apps I’ve used give you a shutter sound when you snap a pic and don’t snap pics without my say-so. An on-screen indicator shows when video is being taken, too.
A possible fix for this issue might be for Apple to force that behavior, rather than it simply being common sense for developers.
What You Can Do
Mr. Krause offers his thoughts on protecting yourself, including getting cases with camera covers, revoking permission for all apps to access your camera, and only using Apple’s built in Camera app.
While true, I personally am OK with something a lot less extreme: only allowing trusted apps to access my camera. I may have a lot of philosophical issues with Facebook user dossiers, psychological experimentation, and willingness to profit from spreading Russian propaganda, but I don’t think Facebook is going to livestream my visits to the toilet.
And hopefully Apple will make some adjustments to developer guidelines, App Store vetting, and iOS to make sure this never becomes a real-world issue.