News
News Categories

Uber's iPhone app reportedly records screens silently

By Nickey Ross - on 9 Oct 2017, 11:31am

Uber's iPhone app reportedly records screens silently

Image source: Digital Trends.

It has been discovered that Uber has been granted permission by Apple to record iPhone screens, even when the app is not being accessed. This was uncovered by security researcher Will Strafach, who states that Uber appears to be the only third-party app with Apple's consent to do so.

Luca Todesco, jailbreak author and Apple expert, said the entitlement allows developers to read or write to the iPhone's framebuffer, which is a piece of the phone's memory that has display and pixel data. This would mean that it is no different than providing key-logging capabilities to apps. Luca also is concerned that obtaining code execution rights would allow an attacker to log credentials of users.

However, a spokesperson for Uber explained that the API known as 'com.apple.private.allow-explicit-graphics-priority', is dormant as it is not connected to anything in their codebase and that it was only used to render maps for an early version of Uber's Apple Watch app. With its discovery, Uber also said that the code will be removed from the iPhone app.

This isn't the first time that Uber has been accused of some form of subterfuge. In the past, Uber has been accused of using programs to track driver-partners of its competitor Lyft as well as programs that allow them to monitor and evade authorities. Earlier in the year, it was also discovered that Uber had been using a special program called 'Grey Ball' that helped Uber drivers to avoid police in specific U.S. cities, when the ride-sharing service was still deemed illegal (in certain states).

Source: The Next Web via ZDNet.