Nothing else but the word scary can define this. Google engineer Felix Krause has revealed an alarming privacy loophole in iOS that enables iPhone apps that seek camera permission to surreptitiously take photos and videos of you – without your knowledge – reports The Next Web. Krause says he has disclosed this issue to Apple.
The Googler pointed out that when a user grants an app the permission to access the camera, they basically enable the app to access both front and rear camera and your photographs. Which means, whenever the app is playing the foreground, it can “record you, upload the content immediately, and run real-time face detection to read your facial expressions”. And all of this without any notice or indication that your iPhone is snapping images of your face. No sound, no light, no LEDs.
Krause has shared a short demonstration of the documented issue on YouTube, which can be seen below.
Now the most appalling bit of this scenario is that this is not even a bug that can be fixed, but is how this privacy setting is expected to work by design. This means that when you have granted app permission to someone who wished to exploit these permissions, they could easily scrape image data to locate users, find other existing photos of the device’s owner, and even watch you while you’re maybe sitting on the toilet and upload it up on the web. ALSO READ: Apple states accuracy of Face ID in iPhone X hasn’t changed, terms Bloomberg report false
Krause says there is only so much you can actually do to prevent this, however there are ways, but he warns that none of them make for a particularly smooth and streamlined user experience.
One way is to use webcam covers. And the other is to revoke camera access for all apps – quite definitely that would mean sacrificing some app functionality in the meanwhile, like taking and sending photos straight from apps such as WhatsApp and Facebook. ALSO READ: Apple iPhone X is the first iPhone I won’t buy on day one: Steve Wozniak