So, yes,, this could cause embarrassment, and yes, Apple should scan for this misuse of code during the app approval/update process.
This is the main problem I have with this engineer's findings - he failed to mention (or maybe doesn't know) that Apple does look for this misuse, in fact, it's in the damned developer license agreement...
3.3.8 If Your Application makes recordings (including but not limited to an image, picture or voice capture or recording) (collectively “Recordings”), a reasonably conspicuous audio, visual or other indicator must be displayed to the user as part of the Application to indicate that a Recording is taking place.
Thanks for finding and posting the specific prohibition. It says something about us that it wasn't until the 86th message that this was done. Frankly it should have been in the original dude's "expose" and the AI story.
To Bigmushroom's assertion that it would be very difficult for Apple to discover this "at great cost" during the review process, I expect that that's completely wrong. I would hope that when Apple reviews apps, they not only do code analysis to look for red flag, but also monitor all the "interesting" subsystems while physically/manual testing the app. This would include "watching" (monitoring/logging/auditing) when the camera or mic is activated and watching what data is transmitted or recorded.
IMO if Apple were consistently checking apps that thoroughly they would not have had a few hundred apps discovered to have built over malware last year, nor would they have to be culling thousands of approved apps this year that have no useful purpose, or claim to have a function they don't, or that are plainly near identical rip-offs of well-known popular and original apps. Malware scanner apps would not be approved that include a permission to read the user's device password, nor would apps that supposedly scan for viruses be approved to begin with. Yet all of these have been approved, only later to be discovered as either malware or PUP's and typically found by someone other than Apple.
Apple plainly does a far better job of vetting apps than Google currently does. We all know that. But Apple also does not appear to be checking apps as deeply as has been presumed by some folks, or at least not on a consistent basis.
You of course mean all those apps that have abused the camera? Because for the passed 10 years this is how it has always been.
Why don't take your anti-apple shit and shove it? Why is this douche still allowed on this site? Everything he says has absolutely no merit or basis in reality?
Sorry.. as far as I can tell he's just looking for an argument that doesn't exist. Except maybe this stupid site wants to happen for hits?
Please stop. And work on your preconceptions, There's nothing in that post that is "anti-Apple."
If you're so sensitive that you become upset just reading a suggestion that even Apple, while much better than others, is less than perfect, I'd humbly suggest that perhaps gatorguy isn't really your biggest concern.
I don’t think you do understand Software, computers, smartphones or programming.
For example: “if I haven’t pressed the camera or record button”
So, in your mind, SnapChat is banned because it opens the camera data stream simply by opening the app. Same with Instagram. Once the stream is open, pressing the “record” button simply saves a snapshot of the data the app has already had access to.
"Open[ing] the cameral data stream" is different than saving or transmitting the camera data. Perhaps I should have dumbed my answer down by differentiating between accessing the camera's data stream and actually using that data. I didn't think it was necessary. My apologies for the oversight.
Comments
If you're so sensitive that you become upset just reading a suggestion that even Apple, while much better than others, is less than perfect, I'd humbly suggest that perhaps gatorguy isn't really your biggest concern.
Fortunately for me, my boss, an Application Development Director for a Fortune 50 company, disagrees with you.
"Open[ing] the cameral data stream" is different than saving or transmitting the camera data. Perhaps I should have dumbed my answer down by differentiating between accessing the camera's data stream and actually using that data. I didn't think it was necessary. My apologies for the oversight.