Facebook app accesses iPhone camera without user's knowledge

2»

Comments

  • Reply 21 of 39
    DAalseth said:
    So Facebook has been accessing the camera for who knows how long. The bug was that they let this become visible. Well, I never trusted the Facebook app anyway. Never installed it. For what little I use Facebook, (Following a couple of local groups that use it instead of a regular web page, no "friends", no posts, no personal information on my profile,) the web interface is good enough. I did however, just delete the Instagram app. Facebook owns it and so I don't trust it any more either. The web interface will have to do. Posting is a problem, but I understand there is a workaround for that.
    As Edward Snowden described it, the NSA accessing your mic or camera is really a trivial matter anyway, so Facebook should be the least of anyone’s concerns.
    razorpitmagman1979lostkiwi
  • Reply 22 of 39
    dysamoriadysamoria Posts: 3,396member
    As for this garbage app, for the garbage website of Facebook... I didn’t use the app more than a month, back when it first came out. I deleted it upon seeing how sluggish and buggy it was and I haven’t had it installed at all since. I use the website via Safari and that’s all. Even that I do very rarely, because I hate Facebook with a passion. This is only just one more reason to stay away... as if I needed more reasons.
    magman1979watto_cobra
  • Reply 23 of 39
    dewmedewme Posts: 3,697member
    Apologies in advance for staying on-topic, but why is this egregious privacy breach by Facebook not being widely, or as is the case of anything Apple related, wildly broadcast across the mainstream news outlets? This type of spying would earn Tim Cook at least 100 lashes in a Singapore prison and a scrolling banner at the bottom of every news feed. This isn’t some arcane security glitch buried deep in some 20 year old branch prediction or speculative execution implementation, this is Facebook getting up deep inside your shorts in low grade creepy stalker fashion. Apple's continued allowance of Facebook as an app provider on the iOS platform means that some of the Facebook stink is inevitably going to rub off on Apple. Apple needs to take prophylactic measures now and boot Facebook from iOS until privacy stunted Facebook can prove that is no longer infected with creepy stalker syndrome.
    muthuk_vanalingammagman1979watto_cobra
  • Reply 24 of 39
    gatorguygatorguy Posts: 23,005member
    tmay said:
    gatorguy said:
    sdw2001 said:
    gatorguy said:
    sdw2001 said:
    Yeah, that's the least of my concerns about Facebook.  YouTube, Facebook and Twitter are actively censoring posts that mentioned the name of the alleged 
    "whistleblower," something that has been reported on for weeks and is the worst kept secret in the country.    Don't get me started on the meme page purges, offsite tracking, and clear snooping on audio for advertising targeting.  
    All the news media are refusing to name the whistleblower. It's not just the online social sites. My assumption would be that it's a legal issue. 

    It's not.  And it's not all the news media.  Paul Sperry of Real Clear Investigations named him.  It's not against the law to name the whistleblower in this case.  That applies only to the ICIG, and only in certain situations.  The so-called "whistleblower" can have his name shared by anyone else, including elected officials.  YouTube, Facebook and Twitter are engaging in ideological bias, as usual.   
    Oh well that's proof for me: Real Clear Investigations named him. and they are definitely a major news outlet (Roll eyes...)
    ...and I was certain that it would be Kellyanne Conway.../s
    LOL! If anyone knows... :)
    jahblade
  • Reply 25 of 39
    gatorguygatorguy Posts: 23,005member

    Who in their right mind gives the FB app permission to use the camera and microphone? Then again, this is likely less severe than Google collecting personal health data on millions of people.

    https://www.marketwatch.com/story/secret-google-project-is-collecting-personal-health-data-on-millions-of-people-2019-11-11?dist=bigcharts



    Google isn't "collecting personal health data on millions of people". Ascension, the company that does and with the users permission, contracted Google to design a "search engine" for their company's use in coordinating with other health providers, and all in accordance with HIPAA laws. This was publicly announced back in June so it's not secret nor is it new. The WSJ who published the initial story erroneously thought they had discovered something being hidden, some "secret project to steal your health information" and other blogs like your link just ran with it. 

    As an aside Google does not & has not used personal health information for targeted ads, nor do they allow their ad platform to be used for doing so by the advertisers. 

    ...And @sdw2001 I don't know if Facebook is using audio recordings for targeting ads or not, but Google definitely isn't. Google wrote last year: "We do not use ambient sound from any device to target ads." The Electronic Frontier Foundation backs that up too.

    "people like Bill Budington, security researcher from the Electronic Frontier Foundation, can watch the watchers. We asked him to help us with a test. We discussed several household products while he monitored activity on a nearby cell phone, watching for any secret audio transmissions.

    "So from what you're able to see today, bottom line, has that phone been listening to our conversation?" Dokoupil asked.

    "We haven't seen any audio recordings being sent," Budington said.

    We never saw ads for the products we discussed either."


    Perhaps getting back on topic might be a better idea. 
    edited November 2019 muthuk_vanalingam
  • Reply 26 of 39
    sdw2001sdw2001 Posts: 17,586member
    gatorguy said:
    sdw2001 said:
    gatorguy said:
    sdw2001 said:
    Yeah, that's the least of my concerns about Facebook.  YouTube, Facebook and Twitter are actively censoring posts that mentioned the name of the alleged 
    "whistleblower," something that has been reported on for weeks and is the worst kept secret in the country.    Don't get me started on the meme page purges, offsite tracking, and clear snooping on audio for advertising targeting.  
    All the news media are refusing to name the whistleblower. It's not just the online social sites. My assumption would be that it's a legal issue. 

    It's not.  And it's not all the news media.  Paul Sperry of Real Clear Investigations named him.  It's not against the law to name the whistleblower in this case.  That applies only to the ICIG, and only in certain situations.  The so-called "whistleblower" can have his name shared by anyone else, including elected officials.  YouTube, Facebook and Twitter are engaging in ideological bias, as usual.   
    Oh well that's proof for me: Real Clear Investigations named him. and they are definitely a major news outlet (Roll eyes...)
    Um, first, yes.  Real Clear Investigations are Sperry in particular do great work.  But that was just one example.  There is virtually no doubt amongst those who follow these events closely who he is.  It's been widely reported in alternative and social media, as well as non-mainstream outlets.  Secondly, there is no guarantee of anonymity for his particular "whistleblower" status.   I won't go further as to not make it political.  The point is there is no justification for censoring posts with his name.  
    razorpitmagman1979watto_cobra
  • Reply 27 of 39
    gatorguy said:
    Google isn't "collecting personal health data on millions of people". Ascension, the company that does and with the users permission, contracted Google to design a "search engine" for their company's use in coordinating with other health providers, and all in accordance with HIPAA laws. This was publicly announced back in June so it's not secret nor is it new. The WSJ who published the initial story erroneously thought they had discovered something being hidden, some "secret project to steal your health information" and other blogs like your link just ran with it. 

    As an aside Google does not & has not used personal health information for targeted ads, nor do they allow their ad platform to be used for doing so by the advertisers. 

    Perhaps getting back on topic might be a better idea. 
    This is clear. And I wasn't referring to ads, merely the fact that Google is storing health data of millions of people. With their names and birthdates. Project Nightingale is tunening artificial intelligence software that 'may help improve patient care', according to the report. Yet, without informing them. This is a $3.5T a year thing. Something tells me Google wants a slice of that.

    Keeping it secret (not the project, but what they're doing with the data) is very much on topic. It's a privacy issue.



    magman1979lostkiwiwatto_cobra
  • Reply 27 of 39
    gatorguygatorguy Posts: 23,005member
    sdw2001 said:
    gatorguy said:
    sdw2001 said:
    gatorguy said:
    sdw2001 said:
    Yeah, that's the least of my concerns about Facebook.  YouTube, Facebook and Twitter are actively censoring posts that mentioned the name of the alleged 
    "whistleblower," something that has been reported on for weeks and is the worst kept secret in the country.    Don't get me started on the meme page purges, offsite tracking, and clear snooping on audio for advertising targeting.  
    All the news media are refusing to name the whistleblower. It's not just the online social sites. My assumption would be that it's a legal issue. 

    It's not.  And it's not all the news media.  Paul Sperry of Real Clear Investigations named him.  It's not against the law to name the whistleblower in this case.  That applies only to the ICIG, and only in certain situations.  The so-called "whistleblower" can have his name shared by anyone else, including elected officials.  YouTube, Facebook and Twitter are engaging in ideological bias, as usual.   
    Oh well that's proof for me: Real Clear Investigations named him. and they are definitely a major news outlet (Roll eyes...)
    Um, first, yes.  Real Clear Investigations are Sperry in particular do great work.  But that was just one example.  There is virtually no doubt amongst those who follow these events closely who he is.  It's been widely reported in alternative and social media, as well as non-mainstream outlets.  Secondly, there is no guarantee of anonymity for his particular "whistleblower" status.   I won't go further as to not make it political.  The point is there is no justification for censoring posts with his name.  
    Apparently there's something being used as "justification" since every mainstream media source from the NY Post, WSJ, Fox News, Washington Times and and nearly every other news provider refuses to name him/her. I get that you don't believe it's valid justification but a whole plethora of lawyers would seem to disagree with you. If it wasn't why would Fox News not report the name? Very honest question. 

    In any event it's clear this isn't an "evil YouTube" thing. It's a general media one. But it won't be long before it becomes generally reported in the mainstream either IMHO.
    edited November 2019 jahblade
  • Reply 29 of 39
    I found Instagram installed on my iPhone and I have no idea how it got there.  I did not install it.  I wonder if Zuckerberg is starting illegal installs of Instagram onto iPhones as well?  As soon as I saw a Zuck app on my phone, I promptly deleted it.
    watto_cobra
  • Reply 30 of 39
    this is happening on 12.4 as well. I reported this to Apple over the weekend via their feedback assistant page as a suggestion to harden the ios privacy. I hope Apple implements a dedicated status icon to indicate when an app is actively using a privacy feature (camera, photos etc) as well as a new prompt to allow only once instead of deny and allow permanently after I denied access, facebook bug shows a black bar instead of what my camera sees. also you don't need to allow it access to photos, as you can share directly via facebook share sheet extension in the photos app or in any other app.
    edited November 2019 razorpitmagman1979watto_cobra
  • Reply 31 of 39
    lkrupp said:
    MacPro said:
    Gosh what a surprise.
    Well, the article says this is only happening with iOS 13.2.2 so is it Facebook or Apple causing the problem?
    happening on 12.4 as well.
    magman1979watto_cobra
  • Reply 32 of 39
    DAalsethDAalseth Posts: 1,625member
    dysamoria said:
    As for this garbage app, for the garbage website of Facebook... I didn’t use the app more than a month, back when it first came out. I deleted it upon seeing how sluggish and buggy it was and I haven’t had it installed at all since. I use the website via Safari and that’s all. Even that I do very rarely, because I hate Facebook with a passion. This is only just one more reason to stay away... as if I needed more reasons.
    Agreed, it’s s a data mining cesspool. I only am on Facebook because a number of small organizations I work with use it rather than having their own web site. But I never post, accept no “friends” and have no private information in my profile. This morning I deleted the Instagram app just because I don’t trust Facebook who owns it. I’ll use the web site with blockers on. 
    magman1979lostkiwiwatto_cobra
  • Reply 33 of 39
    gatorguygatorguy Posts: 23,005member
    gatorguy said:
    Google isn't "collecting personal health data on millions of people". Ascension, the company that does and with the users permission, contracted Google to design a "search engine" for their company's use in coordinating with other health providers, and all in accordance with HIPAA laws. This was publicly announced back in June so it's not secret nor is it new. The WSJ who published the initial story erroneously thought they had discovered something being hidden, some "secret project to steal your health information" and other blogs like your link just ran with it. 

    As an aside Google does not & has not used personal health information for targeted ads, nor do they allow their ad platform to be used for doing so by the advertisers. 

    Perhaps getting back on topic might be a better idea. 
    This is clear. And I wasn't referring to ads, merely the fact that Google is storing health data of millions of people. With their names and birthdates. Project Nightingale is tunening artificial intelligence software that 'may help improve patient care', according to the report. Yet, without informing them. This is a $3.5T a year thing. Something tells me Google wants a slice of that.

    Keeping it secret (not the project, but what they're doing with the data) is very much on topic. It's a privacy issue.



    Without informing who? Wouldn't it be Ascensions responsibility to get the users permission which that company says they have. Google would not necessarily have the customer's preferred method of communication to begin with so they could hardly be expected to do so. That's Ascensions job.

    It's pretty common for health information to be stored on-line using cloud companies from Amazon to Microsoft to Google. The cloud provider is not responsible for asking the individual user for permission to store it under HIPAA rules on behalf of the the first party service provider. 
    edited November 2019 muthuk_vanalingam
  • Reply 34 of 39
    gatorguy said:
    Without informing who? Wouldn't it be Ascensions responsibility to get the users permission which that company says they have. Google would not necessarily have the customer's preferred method of communication to begin with so they could hardly be expected to do so. That's Ascensions job.

    It's pretty common for health information to be stored on-line using cloud companies from Amazon to Microsoft to Google. The cloud provider is not responsible for asking the individual user for permission to store it under HIPAA rules on behalf of the the first party service provider. 
    That I get. It's the fact that Google 'began Project Nightingale in secret last year with St. Louis-based Ascension, a Catholic chain of 2,600 hospitals, doctors’ offices and other facilities, with the data sharing accelerating since summer, according to internal documents. Neither patients nor doctors have been notified. At least 150 Google employees already have access to much of the data on tens of millions of patients, according to a person familiar with the matter and the documents.'

    It would appear that Google isn't storing data, like Amazon does for Apple, amongst others, but are actively crunching numbers, to do...what? One would assume to make money off of it. But I could be wrong there. Google also has created Internet Access to rural loctions. Still, I see this as a privacy issue, like the FB article.



    watto_cobra
  • Reply 35 of 39
    gatorguygatorguy Posts: 23,005member
    gatorguy said:
    Without informing who? Wouldn't it be Ascensions responsibility to get the users permission which that company says they have. Google would not necessarily have the customer's preferred method of communication to begin with so they could hardly be expected to do so. That's Ascensions job.

    It's pretty common for health information to be stored on-line using cloud companies from Amazon to Microsoft to Google. The cloud provider is not responsible for asking the individual user for permission to store it under HIPAA rules on behalf of the the first party service provider. 
    That I get. It's the fact that Google 'began Project Nightingale in secret last year with St. Louis-based Ascension, a Catholic chain of 2,600 hospitals, doctors’ offices and other facilities, with the data sharing accelerating since summer, according to internal documents. Neither patients nor doctors have been notified. At least 150 Google employees already have access to much of the data on tens of millions of patients, according to a person familiar with the matter and the documents.'

    It would appear that Google isn't storing data, like Amazon does for Apple, amongst others, but are actively crunching numbers, to do...what? One would assume to make money off of it. But I could be wrong there. Google also has created Internet Access to rural loctions. Still, I see this as a privacy issue, like the FB article.



    It wasn't a secret. It was announced back in July during a Google earnings call. 

    And yes Google makes money from it, and of course they would. Ascension is presumably paying them for the contracted development of the software, search platform and delivery management along with the cloud storage. They aren't making money from monetizing the personal health data itself according to all available information and disclosures. That's never changed, and even if it did HIPAA rules would prevent Google from using any of the data beyond the permitted uses even if "evil Google" would want to. /s
    https://cloud.google.com/blog/topics/inside-google-cloud/our-partnership-with-ascension
    edited November 2019 philboogieCarnagemuthuk_vanalingam
  • Reply 36 of 39
    Can someone tell me just how to do this? I've tried for 15 minutes and I can't make it work. Mine behaves just as it should. I can move a picture around, but I can't move the background behind it (which is what happened in the video and where the "bug" is in evidence). Yes, I'm on iOS 13.2.2 and Facebook has camera permission.
    watto_cobra
  • Reply 37 of 39
    gatorguy said:
    It wasn't a secret. It was announced back in July during a Google earnings call. 

    And yes Google makes money from it, and of course they would. Ascension is presumably paying them for the contracted development of the software, search platform and delivery management along with the cloud storage. They aren't making money from monetizing the personal health data itself according to all available information and disclosures. That's never changed, and even if it did HIPAA rules would prevent Google from using any of the data beyond the permitted uses even if "evil Google" would want to. /s
    https://cloud.google.com/blog/topics/inside-google-cloud/our-partnership-with-ascension
    That was a good read, thanks. Makes me wonder why the WSJ is stating "Deal with Ascension health system aimed at improving patient care provides Google with health-data gold mine" and why there is now a 'federal inquiry'.

    If they're ISO27001, have HIPAA, BAA and all that there shouldn't be any 'inquiries'.

    PS: how do you get notified on new posts at this site? I've ticked on all possible notifications, but receive nothing. Need to reload a page where I've commented to see if someone replied. Tnx

    watto_cobra
  • Reply 38 of 39
    shrave10 said:
    I found Instagram installed on my iPhone and I have no idea how it got there.  I did not install it.  I wonder if Zuckerberg is starting illegal installs of Instagram onto iPhones as well?  As soon as I saw a Zuck app on my phone, I promptly deleted it.

    Did your significant other or kid install it on their device? Do you use Family Sharing? It's probably impossible for an app to get downloaded and installed onto your iPhone without your consent.
    watto_cobra
  • Reply 39 of 39

    Who in their right mind gives the FB app permission to use the camera and microphone? Then again, this is likely less severe than Google collecting personal health data on millions of people.

    https://www.marketwatch.com/story/secret-google-project-is-collecting-personal-health-data-on-millions-of-people-2019-11-11?dist=bigcharts




    Who in their right mind installs the app???
    muthuk_vanalingamphilboogiewatto_cobra
Sign In or Register to comment.