As the debate around privacy and security intensifies, with several tech firms reporting data breaches of late, reports have surfaced that Apple might have given Uber backdoor access to record screens of some iPhones. Uber could even have accessed other personal information without the users’ knowledge, Business Insider reports. However, at no point did Apple disclose the existence of Uber’s access to these special iPhone functions.
Uber now says that the code is not being used presently, and it was a vestige from an earlier version of its app on the Apple Watch. “Granting such a sensitive entitlement to a third-party is unprecedented as far as I can tell, no other app developers have been able to convince Apple to grant them entitlements they’ve needed to let their apps utilize certain privileged system functionality,” a security expert who discovered the development was quoted as saying. ALSO READ: Apple Stores in India close to reality as government considers requests on tax breaks: Report
Every app on the iPhone uses the ‘entitlement’ option, which allows the software to enable features like the camera or Apple Pay on the device. This ‘entitlement’ option can be accessed, and turned on by any app developer. However, there are some entitlements that are used only by Apple. These are usually marked with names that start with “com.apple.private” and are considered sensitive. If any third-party app is found using it, they are knocked off the App Store. However, Uber was said to be using an entitlement code called “com.apple.private.allow-explicit-graphics-priority”. And Apple was aware of it. ALSO READ: US court grants arbitration order in Uber-Benchmark battle: Report
“It is very odd to see Uber as the only app (I checked tens of thousands of other apps using my company’s internal data set derived from the App Store) besides Apple’s own apps granted access to this sensitive entitlement,” the researcher told Business Insider. Uber now says that Apple granted it permission to use the private entitlement. “Apple gave us this permission because early versions of Apple Watch were unable to adequately handle the level of map rendering in the Uber app,” an Uber spokesperson clarified. However, subsequent updates to the Uber app on the Apple Watch “removed this dependency”.