If you’re a person owning an iPhone (whatever version of iOS) these findings may disturb you pretty much. Recently it was noted there’s a serious privacy setting problem in iOS devices. The setting allows any iOS app with a permission to access camera can secretly record everything through both front and rear cameras without your knowledge.

It is practically possible for any app with user granted permission to access camera while running in the foreground can access cameras behind without the user knowing. It can silently record and upload the photos it took to the internet.Though the app has to actively run in the foreground, these activities may take in the background without even a single indication like LED’s blinking, a caution notice or a notification in status bar.

If you’re scrolling through your facebook timeline, then your FB app can record everything through your camera. Because the FB app is running in the foregroud, so it can access the camera. It is same for any other apps like WhatsApp, Instagram, and many other for which you usally grant persmission to use camera in-app.

The worst part of the finding is, it even can run real-time face detection to find out the expressions in the face. This means your phone can identify your emotions in face and send that directly to anyone if the app decides.

Fortunately, there’s no app has found using this for illicit benefits. But it doesn’t mean no app has using this hole.

How can you protect yourself?

The guy who found this has given some tips to protect yourself. But, there’s no easy way.

  • The only real safe way to protect yourself is using camera covers: There is many different camera covers available in Amazon and Amazon.in, find one that looks nice for you, or use a sticky note.
  • You can revoke camera access for all apps, always use the built-in camera app, and use the image picker of each app to select the photo
  • To avoid this as well, the best way is to use Copy & Paste to paste the screenshot into your messaging application. If an app has no copy & paste support, you’ll have to either expose your image library, or your camera.

Felix Krause, a Google employee found this vulnerability just two days back on October 25, 2017. He says it was his hobby, he does this during his weekend and off-hours of his work. It has nothing to do with his employer (Google).

About the author

Sakthitharan Subramanian

Professor by Profession | Thinker by Passion | Researcher by Mission | Mentoring & Trainer by Vocation | LIke to code | Productivity Enthusiast | Loves Minimalism & Philosophy | PhD in Computer Science |