airnerd said: I do trust Apple to validate the code the apps are trying to release onto my phone or tablet. It all comes back to the Apple approval process ...
One trick developers could use is to submit an app with certain features disabled until a date in the future. When Apple evaluates the code it may seem legitimate but after a couple weeks the nefarious features become activated.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it.
Err, if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?
So if I have facebook up and no intention of using the camera, could this malicious code be using the camera anyways without any indication it is doing so?
Sounds like it. Also sounds like someone would need to get an update through the app store with the malicious code so this is much ado about nothing.
The answer is no. If you have no intention of using the camera with the Facebook app, you would have denied it access to the camera.
You're missing what I'm saying, I grant access to my camera so I can use it and photos. But that doesn't mean i give it permission to capture any time I have facebook open.
Then, complain to fracking facebook instead of Apple. Got that, good god. How the hell can Apple WTF you want to do when the Facebook App is opened. Unless its giving one shot persmissions that expire and you have to reup all the time. Well, that would be annoying fast.
macplusplus said: The phone app and FaceTime run with System privileges, not user privileges.
I Googled around awhile and discovered that there are some third party apps that can request and allowed to use the microphone in the background utilizing Xcode Background Mode which includes Skype. It seems Apple does not allow apps to use the camera in the background though.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
Many malicious apps have made it onto the App Store, but they generally get exposed as malware pretty quickly.
airnerd said: I do trust Apple to validate the code the apps are trying to release onto my phone or tablet. It all comes back to the Apple approval process ...
One trick developers could use is to submit an app with certain features disabled until a date in the future. When Apple evaluates the code it may seem legitimate but after a couple weeks the nefarious features become activated.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
Many malicious apps have made it onto the App Store, but they generally get exposed as malware pretty quickly.
Uber's app is a perfect recent example. Apparently Apple had no idea Uber was (still?) using a private API that allowed them to access iPhone functions they should not have been able to.
Last year Apple had no idea that some number of primarily Chinese App Store apps had been built with malware until an outsider let them know. A couple years before that it was discovered that numerous iOS apps were tracking location without disclosing that in their permissions. Again it was an outsider who clued them in. Other apps have been found to be collecting contacts, names and phones numbers and such, again undisclosed to users. About two months ago after the WannaCry scare a few fake WannaCry scanning apps were found in the App Store, at least two of which demanded permission to your phone's wake password. Those obviously passed Apple's inspection or they wouldn't have been in the App Store.
Apple also recently took on the project of culling thousands of apps from the AppStore that didn't actually do anything, or claimed to remove viruses which is silly since there are no iOS or Android viruses, or that were blatant rip-off's of successful legitimateiOS apps. How did thousands of those types of apps make it thru Apple's vetting process, much less stay there sometimes for years? Who knows.
Apple may vette most apps, but with the millions of them they have available in the App Store and the additional million that have been submitted and rejected, and the millions of app updates that happen every year it would be impossible to thoroughly check every one of them.
I gave permission to my kid to use my credit card has racked up purchases on it. Google/Apple in their OS Settings allow location access, Camera access as one ON/OFF button. It should be per APP access based.
It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it.
Err, if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?
So if I have facebook up and no intention of using the camera, could this malicious code be using the camera anyways without any indication it is doing so?
Sounds like it. Also sounds like someone would need to get an update through the app store with the malicious code so this is much ado about nothing.
The answer is no. If you have no intention of using the camera with the Facebook app, you would have denied it access to the camera.
You're missing what I'm saying, I grant access to my camera so I can use it and photos. But that doesn't mean i give it permission to capture any time I have facebook open.
I don't think you understand how computers and smartphones work. If you grant Facebook access to use your camera that means you have granted Facebook access to use your camera. The application/iOS does not have the ability to read your mind and divine, using some type of magic, if you think Facebook should have access to your camera at some random point in time.
If you do not want Facebook to have access to your camera, DENY IT ACCESS!!!
I gave permission to my kid to use my credit card has racked up purchases on it. Google/Apple in their OS Settings allow location access, Camera access as one ON/OFF button. It should be per APP access based.
It is. You can turn ON/OFF camera access on a per app basis.
airnerd said: I do trust Apple to validate the code the apps are trying to release onto my phone or tablet. It all comes back to the Apple approval process ...
One trick developers could use is to submit an app with certain features disabled until a date in the future. When Apple evaluates the code it may seem legitimate but after a couple weeks the nefarious features become activated.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
Many malicious apps have made it onto the App Store, but they generally get exposed as malware pretty quickly.
Uber's app is a perfect recent example. Apparently Apple had no idea Uber was (still?) using a private API that allowed them to access iPhone functions they should not have been able to.
Last year Apple had no idea that some number of primarily Chinese App Store apps had been built with malware until an outsider let them know. A couple years before that it was discovered that numerous iOS apps were tracking location without disclosing that in their permissions. Again it was an outsider who clued them in. Other apps have been found to be collecting contacts, names and phones numbers and such, again undisclosed to users. About two months ago after the WannaCry scare a few fake WannaCry scanning apps were found in the App Store, at least two of which demanded permission to your phone's wake password. Those obviously passed Apple's inspection or they wouldn't have been in the App Store.
Apple also recently took on the project of culling thousands of apps from the AppStore that didn't actually do anything, or claimed to remove viruses which is silly since there are no iOS or Android viruses, or that were blatant rip-off's of successful legitimateiOS apps. How did thousands of those types of apps make it thru Apple's vetting process, much less stay there sometimes for years? Who knows.
Apple may vette most apps, but with the millions of them they have available in the App Store and the additional million that have been submitted and rejected, and the millions of app updates that happen every year it would be impossible to thoroughly check every one of them.
All of those have nothing to do with such a simplistic and childish scheme described in the article. A misuse like that can be easily noticed during app review and indeed there is no known example to date. The examples you mention are much more sophisticated cases. And these won’t end, because a programmer can see the private data structures iOS uses internally, this is necessarily part of the development process. Apple tries to control that first by contract, second by not documenting and finally by thorough app review. Some cases may still escape, but this is not the topic right now.
I gave permission to my kid to use my credit card has racked up purchases on it. Google/Apple in their OS Settings allow location access, Camera access as one ON/OFF button. It should be per APP access based.
It is. You can turn ON/OFF camera access on a per app basis.
Exactly. Go to Settings > Privacy > Camera and turn on or off the switch for Facebook. "Problem" solved.
Actually, I'm glad I did this. I see 20 apps with permission to use my camera and some I just switched off (sorry TGI Friday's and eBay, maybe later).
airnerd said: I do trust Apple to validate the code the apps are trying to release onto my phone or tablet. It all comes back to the Apple approval process ...
One trick developers could use is to submit an app with certain features disabled until a date in the future. When Apple evaluates the code it may seem legitimate but after a couple weeks the nefarious features become activated.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
I'd be thrilled if that were true, but I've seen at least three stories on this site about apps that got through with undetected badness. Pobody's nerfect etc.
Hasn't it also already been demonstrated that malware can activate the camera on laptops without turning on their camera LED? How would an LED or status bar indicator solve the uncertainty of camera activation?
Sounds like a distraction for how terrible the Pixel 2 XL display is: suffering burn-in, weird colour shifting and a dull display in a device that costs more than an iPhone.
Meanwhile there is something hilarious about a Google engineer saying that a running app with camera permissions is able to access the camera. Is he not aware of how much personal information, photos, banking details and the like that Google regularly scoops up and keeps against a profile of a user?
It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it.
Err, if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?
Well an obvious example would be if you did not intend for it to be surreptitiously taking a photo of you and your surroundings while your were using it, or while reading a news item in the feed not have any idea it was video-recording your reaction to it.
You didn't answer the question. 'if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?'
You simply gave another off=the=wall hypothetical like: I discovered a new use for baseball bats. To break windows!!!! We should design baseball bats to know when they are being used to break a window and turn to water.
OK try this one. You're reading some Facebook posts. At the same time Facebook is secretly video-recording your reaction to them since you did give Facebook permission to use your camera every time you open their app. Would that be an intended use of yours or an unintended one? I believe that answers your question sir.
Yes. We know that. Not only does this happpen on Android it happens whenever permissions are granted. Camera use can happen anywhere after you allow it. That’s the grant.
And he doesn’t know if he can get past the App Store. So google is worse.
macplusplus said: The camera and microphone cannot be used in the background in iOS.
The phone app can use the microphone while in the background and I assume that Facetime can continue to use the camera while some other app is in the foreground. Not sure what capabilities third party apps like Skype are capable of. There are a few different states that an app can be in: running, not running, in the foreground, in the background, push notifications, etc.
airnerd said: I do trust Apple to validate the code the apps are trying to release onto my phone or tablet. It all comes back to the Apple approval process ...
One trick developers could use is to submit an app with certain features disabled until a date in the future. When Apple evaluates the code it may seem legitimate but after a couple weeks the nefarious features become activated.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
Yes. If this happened in the wild we would know by now. It can of course happen in a google app downloaded outside google play.
airnerd said: I do trust Apple to validate the code the apps are trying to release onto my phone or tablet. It all comes back to the Apple approval process ...
One trick developers could use is to submit an app with certain features disabled until a date in the future. When Apple evaluates the code it may seem legitimate but after a couple weeks the nefarious features become activated.
Do you really believe that Apple engineers are so clueless? Once you have the device and the compiled code (candidate app) at hand you can monitor everything that happens in that device. It is not possible to fool those guys about anything that happens in iOS / macOS realms. They are the owners of those realms.
I'd be thrilled if that were true, but I've seen at least three stories on this site about apps that got through with undetected badness. Pobody's nerfect etc.
There are millions out there. And when Apple withdraw the dev cert it doesn’t just disappear from the App Store it will not fun anywhere. Walled garden ftw.
You didn't answer the question. 'if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?'
The way i see this: FarceBook (or Googley or Instagrammy or some other popular app) has this malicious code inserted. Instead of the camera activating ONLY when you make a face-to-face 'call' to a person in your contact list, the 'Facetime' camera ALSO activates while you are simply viewing your feed, reading news, or doing other 'stuff' that normally doesn't use the camera. Because the app is active, the camera is active and the camera is taking pictures/videos of you and uploading them to a secret server. Or maybe you are using a texting app that also allows you to snap a selfie and instantly send it to your significant other, but winds up on said 'secret server' to be leaked later for all the world to see. So, yes,, this could cause embarrassment, and yes, Apple should scan for this misuse of code during the app approval/update process.
Comments
Last year Apple had no idea that some number of primarily Chinese App Store apps had been built with malware until an outsider let them know. A couple years before that it was discovered that numerous iOS apps were tracking location without disclosing that in their permissions. Again it was an outsider who clued them in. Other apps have been found to be collecting contacts, names and phones numbers and such, again undisclosed to users. About two months ago after the WannaCry scare a few fake WannaCry scanning apps were found in the App Store, at least two of which demanded permission to your phone's wake password. Those obviously passed Apple's inspection or they wouldn't have been in the App Store.
Apple also recently took on the project of culling thousands of apps from the AppStore that didn't actually do anything, or claimed to remove viruses which is silly since there are no iOS or Android viruses, or that were blatant rip-off's of successful legitimateiOS apps. How did thousands of those types of apps make it thru Apple's vetting process, much less stay there sometimes for years? Who knows.
Apple may vette most apps, but with the millions of them they have available in the App Store and the additional million that have been submitted and rejected, and the millions of app updates that happen every year it would be impossible to thoroughly check every one of them.
If you do not want Facebook to have access to your camera, DENY IT ACCESS!!!
It is. You can turn ON/OFF camera access on a per app basis.
Actually, I'm glad I did this. I see 20 apps with permission to use my camera and some I just switched off (sorry TGI Friday's and eBay, maybe later).
And he doesn’t know if he can get past the App Store. So google is worse.
This is guy is a dufus.