Facebook iOS app silently turns on your phone camera. Ah, relax – it's just a bug, lol!?
Plus Facebook Pay has launched: Why not give them access to your financial data?
Facebook’s iPhone app has a new feature – and one that netizens aren't too happy about: it opens the phone’s camera app in the background without your knowledge.
A number of users have noticed the unusual behavior and posted videos demonstrating it. In each, the rear camera is clearly turned on and can be seen behind the main app screen: something that is unnecessary and the user is not informed about.
Facebook’s Vice President of Integrity Guy Rosen responded to one of the tweets stating that it “sounds like a bug, we are looking into it.” But given Facebook’s long history of abusing trust and accessing every piece of information it can through its apps, punters are obviously skeptical.
"We recently discovered our iOS app incorrectly launched in landscape," Rosen later added. "In fixing that last week in v246 we inadvertently introduced a bug where the app partially navigates to the camera screen when a photo is tapped. We have no evidence of photos/videos uploaded due to this. We’re submitting a fix for this to the App Store today."
Facebook has previously given its applications access to smartphones' microphones, claiming this helped its software make recommendations based on the music or TV being listened to or watched. It has also analyzed Messenger voice calls to improve transcriptions. There is the lingering allegation that the Silicon Valley giant is listening all the time, via phones, to target ads based on topics discussed by people in earshot, though the biz has always denied explicitly doing this. The Facebook app has also given itself access to phone settings which, among other things, have been used to figure out users’ locations and which other Facebook users are nearby.
In other words, Facebook appears to grab information first and then figures out how to make it work in its interests afterwards. The netizens who discovered the app opening their phone’s camera in the background had given the app permission to use the camera but for a very different reason. Once permission was revoked in the phone’s settings, the “bug” disappeared.
With permission granted, the Facebook app can use the camera – and that level of access could potentially be extremely valuable to the antisocial network. Typically, permission to use a specific feature – such as a camera, microphone, and so on – is granted after a user is encouraged to do so for a specific feature. Apple changed its controls in the latest version of iOS to allow folks to grant fine-grained access to specific applications just once and then remove those permissions.
This latest camera access issue only exists in the latest Facebook app version designed for iOS 13, as if the web giant is seemingly testing which features it can gain access to.
In previous iOS versions, Apple introduced the ability to only allow an app to tap into a specific function only while the application was being used, and not when running in the background. In some cases this has led to a battle of the alerts. For example, with Google’s Nest app, an Apple iPhone will warn the user that the app has repeatedly accessed user location when the app was not running. The alert then provides the option to only give location data when it is running.
If you do that, however, within a day the Nest app will prompt the user and explain that without access to their locations the app may not work properly. In truth, granting location access to the Nest app is only useful in one specific scenario – if you want the app to prompt you when you arrive or leave your home. But providing constant location data of a user is hugely valuable information that Google can use in many different ways.
The best solution – as El Reg has repeatedly advised – is to delete the Facebook app from your phone and, if you must, access Facebook through a browser, preferably a separate browser to the one you normally use. Facebook has a long history of abusing trust, and downloading an app grants it far more access to your data that accessing its service through a browser.
Another great opportunity
In related news, Facebook today launched its new Facebook Pay service which will “provide people with a convenient, secure and consistent payment experience across Facebook, Messenger, Instagram and WhatsApp.”
Yet another reminder: When a tech giant says its AI listens to you, it means humans listen to you. Right, Facebook?READ MORE
The social network hopes that people will use the payment service to do things like send other people money, purchase tickets, carry out in-game purchases, or buy things from companies’ Facebook pages. Facebook Pay supports most major credit and debit cards, as well as PayPal.
The data biz stresses that Facebook Pay is not connected to its Libra cryptocurrency plans which have been met with widespread alarm from financial regulators and lawmakers across the world and banned in many countries before it’s even launched.
There are of course countless other ways to buy things and send people money without using Facebook Pay but the company hopes that simplicity will cause users to share their personal financial information with Facebook.
And if you are willing to do that, having read the rest of the story above then there is no hope for you. ®
- App stores
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Max Schrems
- Palo Alto Networks
- Privacy Sandbox
- Trusted Platform Module
- Zero trust