Skip to main content

UBER IOS APP CAN VIRTUALLY ‘SEE’ YOUR PHONE SCREEN, AND APPLE APPROVED IT


WHY IT MATTERS TO YOUPermissions inside the Uber app sound like a privacy nightmare, but have never been abused, and will soon be removed.
To better prepare its Apple Watch app, Uber used technology enabling it to view and record what was happening on an iPhone's screen, even when the Uber app was only running in the background. The permission to do this was granted by Apple, and although Uber claims not to use the system anymore, it remains part of the app. The news comes from Sudo Security Group, which unearthed the capability — called an Entitlement — in the Uber app.
While this sounds like a security and privacy nightmare, the entitlement doesn't work like a screen-recording app, according to an app researcher speaking to Gizmodo, and will be removed from the app soon. What it does is visualize colors and pixels on the screen, not precise details. However, the concern is this data could be decoded and interpreted to reveal sensitive personal information, user habits, or, should Uber's app be hacked by criminals, passwords and other login information.
What makes this unusual is that Uber is the only third-party app developer using it. Other entitlements are commonly used by app developers, as they provide access to key phone features, such as the camera and Apple Pay. They operate in a similar way to permissions on Android. The entitlement used by Uber here is considered reserved for Apple's use only, due to its privacy and security concerns. Using entitlements without Apple's approval would normally result in the developer being banned from the App Store.
The entitlement was used by Uber to assist the Apple Watch Series One render maps correctly. Apple partnered with Uber to show how the app would operate on the Apple Watch during its March 2015 event. Apparently, developers had four months to prepare Apple Watch apps before the launch, which may explain why Apple granted Uber use of the entitlement at the time, to ensure it was stage-ready on the day.
Uber says the entitlement has not been used since then, and it has never tracked any unauthorized access or use of it. However, Uber's reputation regarding privacy has been tarnished before, and although it says it will remove the entitlement, it's unclear why it hasn't done so before now, given the potential for abuse.

Source:here

via Blogger http://ift.tt/2xX6okH

Comments

Post a Comment

Popular posts from this blog

Xiaomi Mi A1 XDA Review: Android One and Xiaomi Hardware Result in a Delightful & Affordable Stock Experience

The Xiaomi Mi A1 is one of Xiaomi's biggest releases of the year 2017. Despite its overall humbling package, the phone marks a few important milestones for the Chinese company as well as for the Android ecosystem. The Mi A1 is important because it is the  first Xiaomi smartphone to ship without Xiaomi's own custom UX , MIUI on top of the Android OS. It is also the first device that is  the result of a reboot of Google's Android One program  —  an initiative that saw little success in its first phase in India . The Mi A1 is also the first Xiaomi device in recent times that does not see an equivalent launch in China, becoming the first Xiaomi device to be India-exclusive at launch. But does the Mi A1 with its Android One branding provide the value experience we are used to from Xiaomi? In this review, we'll take an in-depth dive into the Xiaomi Mi A1. Rather than listing specs and talking about how the experience felt, this feature attempts to prov
Post a Comment
Read more

A lot of Galaxy S8 users are reporting problems with missing texts

The Galaxy S8 is one of the  best smartphones to debut in 2017 , but it seems like there is an increasingly large number of reports of people experiencing problems with receiving text messages on the phone. The reports all seem to have the Galaxy S8 in common, as most people report the problem no matter which carrier they're using. Threads for Galaxy S8 users on   Verizon ,   AT&T , T-Mobile, and   Sprint   reveal the same problem with delayed texts or texts not arriving at all. It also doesn't seem to be exclusive to a specific messaging app, as several reports show it's happening in the default Samsung SMS app, Textra, and even Android Messages. Someone suggested trying to turn off Advanced Messaging in the default messaging app to see if that stops text messages from being delayed but right now this solution is pretty anecdotal. Have you been noticing missing text messages on your Galaxy S8? Let us know in the comments. source: here via Blogger http://i
Post a Comment
Read more

Why would you want to build your own VR backpack? To save money and move freely!

One of the first issues we came across with the  HTC Vive  was the cable that follows you around the room, potentially tripping you up or pulling on the headset when you've taken time to get a perfect fit. While mainstream wireless VR systems are seemingly somewhere around the corner, some PC manufacturers have taken it upon themselves to create the next best thing: VR backpacks. The cable running from your PC to your headset is no longer a problem, and immersion is taken one step further. Unfortunately, these backpacks are usually prohibitively expensive, and, besides, you might already have the hardware needed to create your own. Is it possible? Is it worth the time? Let's find out! Pre-built backpack options Before we get into building our own backpack, let's take a look at some pre-built offerings from HP, ZOTAC, and MSI. HP OMEN X For  about $3,000 , you can grab this sleek, compact PC with an Intel Core i7-7820HK quad-core processor (CPU), an NVIDIA GTX 10
Post a Comment
Read more