Apple Gave Uber Unprecedented Access to Your iPhone Screen: Researcher

Uber app can silently record iPhone screens, researcher finds

Uber has acknowledged the situation, saying Apple gave it permission to use the private entitlement for a previous version of its Apple Watch app, to aid in the supply of maps on the iPhone.

"It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature", Will Strafach, chief executive of Sudo Security Group, told Gizmodo.

An Uber spokesperson said that the code was used to improve the rendering on its Apple Watch app. "Entitlement" is a code that app developers can use for anything from setting up push notifications to interacting with Apple systems like iCloud or Apple Pay. "This API was only used for a short period of time for an old version of our Apple Watch app".

The entitlement is called "" and when granted, the entitlement allows the developer of an app to read or write to the iPhone framebuffer. At the meeting, Cook threatened to remove Uber from the iOS App Store.

Experts worry that although entitlement isn't intended for malicious use, it could be used by Uber or a hacker who broke into Uber's network to silently monitor activity on an iPhone user's screen, allowing them to collect passwords or other personal data.

Apple expert and jailbreak author Luca Todesco told ZDNet that it was an "extremely risky use case". "It's not connected to anything in our current codebase", Uber's spokesperson explained.

UK's Edward Heath would have been quizzed on child sex abuse claims
Sir Edward was born in Kent in 1916 and studied at Balliol College Oxford, becoming president of the Oxford Union. The police do not and can not make a conclusion that Sir Edward is guilty or innocent, Mr.

"I find this very frightening and unsafe", said Apple security expert Luca Todesco, a sentiment shared by other experts in the field. "It can potentially steal passwords etc".

"I guess there is some kind of extremely special relationship there, considering Apple granted them exclusive access to a privileged IOKit API a little while after they were abusing other unrelated IOKit APIs in violation of the App Store rules (with no repercussions at all)", Strafach surmised.

Uber told Business Insider the code was not now being used and was essentially a vestige from an earlier version of its Apple Watch app, but it set off alarm bells among experts.

The entitlement first appeared in Uber's app around the time of the original Watch launch in 2015, according to Strafach.

If Apple gave Uber access, which is highly likely according to Strafach, then it would signal a potentially unlikely collaboration.

Although the entitlement isn't intended for any malicious goal, researchers worry that an unethical hacker who manages to break into Uber network might also get access to these sensitive permissions. The company was earlier this year found using software to track location of drivers of rival company, Lyft, in the US.

Related news:

Hot News

isis-killer-beheading-video-story-top Local fighters look to honor Las Vegas at UFC 216
Oct 07, 2017 - 00:05
Johnson said he keeps two guns in his home for personal safety, "but I don't agree somebody should have so many guns. He's so good that people are like, 'Ehhh, I know who's gonna win that one'".

isis-killer-beheading-video-story-top Google Home Introduces Multi-user Functions With Voice Match
Oct 06, 2017 - 00:32
By subscribing to the Nest Aware subscription, you will also be able to take advantage from the facial recognition feature. If you're not a Nest owner, Google says the feature should work with over 1,000 smart home products from over 100 brands.

isis-killer-beheading-video-story-top Pence says NASA will put people on the moon again
Oct 06, 2017 - 00:29
Left unsaid is how NASA will get humans to the Moon and (eventually, probably decades from now) Mars. The Trump administration has re-assembled the National Space Council, which was disbanded in 1993.

isis-killer-beheading-video-story-top Trump Justice Dept. Ends Transgender Workplace Protections
Oct 06, 2017 - 00:29
At present, there is no federal law explicitly prohibiting workplace discrimination against transgender people. Sessions's memo urges the Department of Justice to "interpret Title VII as written by Congress".

isis-killer-beheading-video-story-top Watch Live as Astronauts Fix a Robotic Arm on the ISS
Oct 06, 2017 - 00:26
They replaced one of two Latching End Effectors (LEE) which had lost the ability to grip effectively, said the U.S. space agency . One LEE is connected to the ISS by attaching the arm to the station; the other is extended into space and grabs the objects.

Las Vegas Strip shooter targeted aviation fuel tanks, source says
Oct 06, 2017 - 00:26
Ms Danley was out of the country at the time of the attack and said Paddock sent her to see her family in her native Philippines. She said she was devastated by the carnage and would cooperate with authorities as they struggle to get inside Paddock's mind.

isis-killer-beheading-video-story-top Gerrymandering case could reshape Texas' politics
Oct 06, 2017 - 00:26
Depending on the remedy that the court requires, the reverberations could be significant for redistricting after the 2020 census. The Supreme Court is taking up a case about political maps in Wisconsin that could affect elections across the country.

isis-killer-beheading-video-story-top Iraq Retakes Town of Hawija from Islamic State
Oct 06, 2017 - 00:25
The town became the main stronghold of the terror group in the region after the Iraqi army regained control of Mosul in July. More than 7,000 civilians escaped the city during the first 10 days of the operation, the United Nations said.

isis-killer-beheading-video-story-top Catalans Stall Independence Push With Leaders Divided
Oct 06, 2017 - 00:25
Catalan authorities claim that according to preliminary data, 90 percent voted "yes" to independence from Spain . The court stated that such a move would be "a breach of the constitution", BBC reported Thursday.

isis-killer-beheading-video-story-top Denis Villeneuve: I felt intimidated making Blade Runner 2049
Oct 06, 2017 - 00:24
Jared Leto plays her creator, Niander Wallace , an Ozymandias type with a data-enhanced brain but blind eyes. The fun started after host Alison Hammond admitted that she'd "never seen" the original 1982 film .

isis-killer-beheading-video-story-top Tillerson Denies Wanting to Resign, But Doesn't Deny Calling Trump a 'Moron'
Oct 06, 2017 - 00:24
Moreover, all this fakenews buzz started from the stupid news - as if Rex Tillerson called the US President a " moron ". Tillerson declined to address whether he referred to the president as a "moron", as reported by NBC.

isis-killer-beheading-video-story-top Woman who lived with Las Vegas shooter described as 'person of interest'
Oct 06, 2017 - 00:20
Twelve rifles were fitted with so-called bump stocks , allowing them to be fired nearly as though they were automatic weapons. The sheriff also said that Paddock may have had an accomplice, although there was no evidence yet to support this claim .

isis-killer-beheading-video-story-top Forecast: Watching the Gulf of Mexico!
Oct 06, 2017 - 00:18
So far in 2017 there have been 13 named tropical storms in the Atlantic Basin, of which eight were hurricanes. Strengthening also is likely over the northwestern Caribbean Sea Thursday night and Friday .

isis-killer-beheading-video-story-top Netflix is raising its subscription prices
Oct 06, 2017 - 00:17
Users will receive 30 days of notice before the price hike begins as the rollout proceeds over the course of several months. The basic plan, meanwhile, which only offers standard definition on one screen, will remain $7.99.

isis-killer-beheading-video-story-top Putin and Saudi king turn the page on decades of tensions
Oct 06, 2017 - 00:11
The message of further joint Saudi-Russia action on output helped push up oil prices on Thursday. Therefore this visit of King Salman is expected to script a new beginning in the region.