Apple Granted Uber a Background Screen Recording Entitlement
Kate Conger (via Felix Schwarz, MacRumors, Hacker News):
To improve functionality between Uber’s app and the Apple Watch, Apple allowed Uber to use a powerful tool that could record a user’s iPhone screen, even if Uber’s app was only running in the background, security researchers told Gizmodo. After the researchers discovered the tool, Uber said it is no longer in use and will be removed from the app.
[…]
“Essentially it gives you full control over the framebuffer, which contains the colors of each pixel of your screen. So they can potentially draw or record the screen,” explained Luca Todesco, a researcher and iPhone jailbreaker. “It can potentially steal passwords etc.”
If a user happened to have Lyft installed on their phone too, the entitlement could theoretically be used to monitor how the individual used a competitor’s app—a wild theory, maybe, but not entirely outlandish given Uber’s use of software nicknamed “Hell” to track drivers who worked for both Uber and Lyft.
[…]
The entitlement first appeared in Uber’s app around the time of the original Watch launch in 2015, according to Strafach. Apple only gave developers about four months before the official release of the Watch to slim down their apps and make them work on the new device, so it’s conceivable that Apple granted the entitlement to Uber in order to meet that tight launch deadline.
I don’t trust Uber to use this entitlement responsibly. Nor do I trust App Review to be able to police how the app is using it. It’s shocking that Apple would be so hypocritical about privacy and give special access to a known bad actor. I don’t jailbreak my phone, so I thought I knew that if I downloaded an app from the App Store there were certain things it just couldn’t do, especially without the OS prompting me to give it access. That’s apparently not the case. Fortunately, there likely aren’t many developers with enough clout to get this sort of special treatment.
Update (2017-10-09): Daniel Jalkut:
I have long felt that the sandboxing infrastructure on both iOS and Mac should be used to more accurately convey to users specifically what the apps they install are capable of doing. Currently the sandboxing system is used primarily to identify to Apple what a specific app’s privileges are. The requested entitlements are used to inform Apple’s decision to approve or reject an app, but the specific list of entitlements is not easily available to users, whose security is actually on the line.
Update (2017-10-25): See also: Kif Leswing.
5 Comments RSS · Twitter
"I thought I knew that if I downloaded an app from the App Store there were certain things it just couldn’t do, especially without the OS prompting me to give it access. That’s apparently not the case."
Exactly, and this is an incredible breach of trust from Apple. As you said: shocking and hypocritical.
"Fortunately, there likely aren’t many developers with enough clout to get this sort of special treatment" Who knows... Facebook? Whatsapp? Instagram? Tinder? Candy Crush? This is a scandal and we still have to hear from Apple about this.
My favorite tidbit from that article:
“It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature,” Strafach said. “Considering Uber’s past privacy issues I am very curious how they convinced Apple to allow this.”