The latest discovery by an Austrian scientist, Felix Krause, currently working for Google, is a cause for worry for all the iPhone users. A number of apps can take your personal data and upload it to offshore servers where it can be used for a number of purposes, including identity theft.
Krause built an app that silently takes pictures of the user ever second and uploads it to the internet. The phone gives no indication that the camera is in use or that any data is being uploaded online. In his words, there is a “privacy loophole that can be abused by iOS apps.”
He has presented the solution for it be revoking camera access for all apps and to only use the built-in camera app to take pictures. Even that is not a safe bet and some apps might still get through. According to Krause, the only safe way is to use camera covers. You can buy one from any store or online, but the same can be achieved by a simple sticky note. He wrote “The only real safe way to protect yourself is using camera covers: There are many different covers available, find one that looks nice for you, or use a sticky note”
There are a number of apps that ask for camera permission on startup in order to take a profile picture or set up an avatar. You can use the image picker to choose from the gallery or revoke the camera permission from settings once the profile has been set up.
The Austrian engineer said, “These apps, like a messaging app or any news-feed-based app, can easily track the users face, take pictures, or live stream the front and back camera, without the user’s consent.” He further adds that there are apps specifically designed for the purpose of spying and it is easy to hide their behavior to get through Apple’s app approval process.
Krause has mentioned the fact that even though he works for Google, it does not in any way mean that he was employed for this task by anyone. Security research is a hobby he enjoys and is unaffiliated to his employers.