Smartphone security is day by day becoming a security concern. A recent report by a Google engineer Felix Krause disclosed that Apple’s iOS has a flaw that can allow apps having camera permission to spy on users by taking pictures and videos without being noticed.
Felix Krause conducted a research independently of Google and found that once a user grants camera permission to an app, the app can access both front and rear camera. The app whenever in foreground can take pictures or record video of the user and upload this content without being noticed by the user. The activity cannot be noticed by the users since there is indication that the camera is being used.
This is a big security concern as this will allow hackers to exploit these permissions for getting information relating to an individual’s location, get access to gallery photos and record live videos. Krause suggests that there is very few options for users to prevent this. He suggest that the only option to avoid this issue is to cover your camera. There are several smartphone covers available in the market that can be used to do this.
Another solution is to revoke camera access for all apps. This will make sure that none of the apps have camera permission but the downside of this solution is that by doing this users will have to sacrifice some app functionalities.
Krause has shared this information with Apple and has even provided some suggestions to handle this issue. According to Krause Apple can make use of temporary camera permissions option or adding an indicator which can notify the user whenever the device is recording.
This is not first time that a Google employee has found a vulnerability in Apple iOS. Google has found several flaws in the past in Microsoft products. Those who are interested in reading the full report by Felix Krause can find it on his personal blog.