iOS Facebook app ‘secretly using camera’

Topic

New Reply

iOS Facebook app ‘secretly using camera’ while scrolling feed; likely a bug

Web designer Joshua Maddux has found the iOS Facebook app activating the iPhone camera while scrolling his feed. He found the same issue on five separate devices, with others able to replicate. The same issue does not appear to be present in the Android app.

Maddux posted a video (below) showing the behavior…

He tweeted that the issue came to light due to an apparent bug in the app which allowed him to see the camera view to the left of the feed within the app.

Found a @facebook #security & #privacy issue. When the app is open it actively uses the camera. I found a bug in the app that lets you see the camera open behind your feed. Note that I had the camera pointed at the carpet…..

https://9to5mac.com/2019/11/12/facebook-app-secretly-using-camera/

Nothing with Google and Facebook is a ‘bug’. All is intentional and turns into a ‘bug’ when caught.

Reply | Quote

Replies

Twitter thread between @zachwhittaker, who wrote this TechCrunch article on the issue, and @campuscodi:

https://twitter.com/zackwhittaker/status/1194316110864297986?s=20
https://twitter.com/campuscodi/status/1194316514377240577?s=20

One workaround is to simply revoke camera and microphone access to the Facebook app in their iOS settings.

Reply | Quote

https://twitter.com/zackwhittaker/status/1194345510854963200?s=20

Reply | Quote

The fix is here:

https://appleinsider.com/articles/19/11/13/facebook-fixes-issue-that-activated-iphones-camera-without-user-knowledge

Nathan Parker

Reply | Quote

oOn a related and potentially scary issue: over a year ago I found repeatedly on the Web warnings that there is malware that could turn on the camera and the microphone of a PC (Windows, Mac…) and transmit the images and sound so picked up to some snooping individual that could use them for some unpleasant purposes. Perhaps this could also be the case with cell phones, why not?

I wonder if there is any truth in this. Just in case, after I saw this and mulled it for a short while, I decided to play it safe and not only disabled the camera and microphones of the Mac and Windows 7 PC, but, for good measure, covered the little peephole of the camera lens with a bit of duct tape. There is nothing else I can do about the microphones, but I console myself thinking that, if having them filched, images can be more trouble than sound. I rarely need to use the camera and mics, only for teleconferences, when I would undo those precautions and put them back after I am done.

So, am I being too cautious, not cautious enough, of just right?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

OscarCP wrote:

There is nothing else I can do about the microphones, but I console myself thinking that

Actually there is…..  🙂  and on topic, …. who knows…..
Actualy here is untraceable malware …. (after entering China and N-Korea things changed for some, so they ditched the hardware),
and for the unremoveable part: xHelper is one of the new “services” recently discoverd…. to be seen in the running services of the phone, though not (yet) to be removed, also not by a factory-reset….  There is spoken of installing a new ROM on the phone might help. Buying a new one does, I recon.
There are people who disconnect/dissolder fysically the microphone and camera on their dayly to use laptops.
With an on-topic Good morning . . . .

* _ the metaverse is poisonous _ *

Reply | Quote

I am not going to go as far as disconnecting physically the microphones. I need to use them from time to time and don’t fancy opening up the laptops and using a soldering iron on their motherboards even once, let alone repeatedly.

But I still am wondering if there is any credible evidence that such attacks do occur. And also if they are likely to be made against private individuals that are not spooks in possession of state secrets, nor work on industrial research likely to be a target of industrial espionage, nor are involved in some security, military or police operation.

As to “…who knows…”: So far, we are still here. Later, we’ll see… Or not. No guarantees.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

[Fred]

OscarCP wrote:

credible evidence

?
Who is to believe all those fake stories created by the common newsmedia?, We are all at the mercy of the mores of twitter , facebook , new politics and the correctors of any sort.

* _ the metaverse is poisonous _ *

• This reply was modified 3 years, 10 months ago by Fred.

Reply | Quote

I can’t physically disable my on-board microphone either since I frequently use it for online classes.

If a hacker ever wants to hack my microphone or webcam, I have a surprise for them that might have them thinking twice before hacking me again.

https://vimeo.com/63066227

Disclaimer: The above video ad is being shared from a third party video service. The advertiser in the video is not an AskWoody sponsor.

Nathan Parker

2 users thanked author for this post.

Fred, OscarCP

Reply | Quote

Facebook has fixed the ‘bug’ with new update.

1 user thanked author for this post.

Nathan Parker

Reply | Quote

Alex5723 wrote:

Facebook has fixed the ‘bug’ with new update.

Thanks, this week FB lost in court and they cannot let others use peoppls credentials to make adverts for bitcoins or so. The use of private images and bugshots is not to be used by Zuckerberg c.s.  Curious if this stoppes (in Europe and further)

* _ the metaverse is poisonous _ *

1 user thanked author for this post.

Nathan Parker

Reply | Quote