Felix Krause, researcher and founder of Fastlane.Tools, has created a proof-of-concept app which demonstrates how easily a rogue app could exploit iOS camera permissions to secretly take pictures and shoot video of the user when running in the foreground.

As noted by The Next Web and Motherboard, Felix’s proof-of-concept app, called watch.user, puts up iOS’s standard camera permissions dialog that you’d normally see in any photography or image-editing app that needed access to device cameras.

All the user needs to do is grant the app access to the cameras.

From there, the app can take pictures and shoot video of the user via either front or rear camera. The user wouldn’t notice anything because apps that have obtained camera access are not required to inform the user when a photo or video capture session is in progress.

Here’s a video demonstration.

A malicious app could upload images and videos of the user to its servers or even broadcast a live feed from the device itself. As images uploaded to the cloud embed location data, all a malicious actor needs to do at this point in order to discover the user’s identity is run facial recognition analysis on the media.

And with iOS 11’s new Vision framework, such an app could even track your facial movements and determine your mood. If an app isn’t running in the foreground, none of this is possible—which isn’t to say that this isn’t a major privacy issue. Felix has disclosed the issue to Apple so it remains to be seen if and how the Cupertino company may choose to address it.

The problem is, there’s no way of telling whether or not some of the apps you have on your iPhone which you have already provided access to your image libraries and cameras may contain or have been updated with the malicious code.

Felix suggests that users either use camera covers or at least revoke camera access for all apps and take pictures instead with Apple’s built-in Camera app while using Copy and Paste Share sheet actions to move their media between apps. He also proposed showing an icon in the iOS status bar when the camera is active or adding an LED to iPhone cameras that can’t be worked around by sandboxed apps, “which is the elegant solution that the MacBook uses.”

Makers of Astropad and Luna Display recently showed something similar to Felix’s app—in their Luna Display app, you can tap the front-facing camera to show an options panel.

“When we ran out of buttons to hide our software’s UI behind, it really forced us to use our imagination,” they wrote in a blog post. “Instead of squeezing UI in where it didn’t fit, we built a new button to conceal it: it’s called the Camera Button.”

By the way, Felix recently disclosed another proof of concept app that could fool the user into providing their Apple ID password by displaying a popup similar to one used by the system.

Is this camera exploit concerning to you? If so, what safeguard protections should Apple build into iOS to prevent apps from recording users without their knowledge?

Leave your comment below.

  • Iskren Donev

    Honestly I don’t see how this is considered an “exploit”. An app expressly asks the user for permission to use the camera and the user knowingly gives it. At this point I don’t think that the term “exploit” applies. The app requested additional capabilities and the user gave permission.

    The rest of the “exploit” is just the developers being jerks or unscrupulous businessmen.

    That said I don’t see how this can be easily fixed. I can’t imagine that Apple would slap a LED notification light on the iPhone. The status bar icon sounds good at first but developers do have the option to hide the status bar.

    Personally I am not bothered by this “exploit”. We just need to exercise some discipline and not to grant camera permissions to each app that asks it.

    • Rsm

      Yeah, I was under the impression Snapchat already sort of did this, as far as I know the camera(s) are always on even when you’re swiped over to the right or left..

  • 9to5Slavery

    Good article. The Share buttons are a bit HUGE

  • Manuel

    Apple CEO is a hard core globalist, know to track and block Christians and Republicans from FAcebook and Twitter, so, a camera’s permission to video is not a good idea, particularly if you google “obama care ICD9E978” or read the Executive Order Obama put in place to allow the government to kill the enemies of the State and namely they were–according to obama, returning Veterans, Anti-Abortion groups and Christians.

    Is this a conspiracy theory? No and it is not a theory. It is truly a conspiracy, or is it? 😉 You be the judge.

  • Andrea Malinverni

    It would be a good thing if used in FindMyiPhone App!