Camera Roll Security Flaw Discovered In iOS

Another day and another security flaw has been detailed in iOS. The issue, this time, gives developers easy access to the device-holders camera-roll via the gps functionality.

Another day and another security flaw has been detailed in iOS. The issue, this time, gives developers easy access to the device-holders camera-roll via the gps functionality. The application would ask user permission to detect the current location of the handset and voila, access to the camera roll bug which resides there.

The then accesible data could then be uploaded to a server by the application which can, in turn, upload your photos and videos too. This is so that the app can scrape the geo-location data from the pictures but something is obviously going wrong somewhere.

The flaw was first discovered by David E. Chen, co-founder of app developer Curio.

“Conceivably, an app with access to location data could put together a history of where the user has been based on photo location, the location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.”

It has to said though that for the issue to occur it would take a rather nasty app developer to take advantage of the bug  and it would then have to get past Apple’s stringent controls and test procedures before approval.

While this is obviously an issue, it’s not terrible and definitely not as bad as some of the issues faced recently. For me, personally, I would have worried about this 10 years ago but now with everyone sharing their location data on the abundance of social sites that now plague the web, can you really complain?

Let us know what your thoughts are throught the usual routes.

Irony, don’t you just love it.



SUPPORT FSM

Monero (XMR) 43GnqUNJrTi9QyL7kEH8vM8pgWGCE6bjv1FSRipeNMM4TTeNnUVsRBb6MfMpQYxtLE7ReonxVVSXz2rFCEdW5H11LC3x73b
Bitcoin (BTC) 3PvaJPytg4pApTP5yCGpr62pRtudMgyfMQ
Ethereum (ETH) 0xd3c8677A4CfD9e8b4dFBb7720be2adb490Bd36b2