A number of popular apps for the iPhone to record everything that happens on the screen of the smartphone, according to foreign media. The owner is not even aware of the secret surveillance, as the resolution on the collection of information is not required.
Every click, every tap
Many smartphone owners know that a little-known apps can’t be trusted. But as it turned out, the danger may be and popular program, created by leading brands in the world. According to TechCrunch, a number of apps for iPhone secretly records all the information from the screen of a smartphone, without notifying the owner.
The number of companies found to have engaged in questionable data collection, called fashion brands Abercrombie & Fitch and Hollister, Air Canada and Singapore Airlines, hotel reservation service Hotels.com the company-the organizer of the travel, Expedia and others.
To collect information of the above applications use the service Glassbox, which allows you to record everything that happens on the screen, including touch and swipe user, and then re-play the recording to see how that person interacted with the program. Thus, it is possible to detect errors in the code or usability issues.
Information collected from smartphone users, carefully collected and sent to third parties for analysis. Based on these data is generated by advertising, targeted at specific people.
The problem is that some of these applications do not provide adequate protection for the transferred information. So, Air Canada was missing any encryption of user data, which means virtually free access to the database for the airline employees. And if she becomes the victim of a hacker attack, the attacker will automatically receive access to the names, passwords, and Bank card customers without the need of deciphering.
In addition, users of these popular apps are not even aware of the surveillance, since the program does not request permission to collect data. According to TechCrunch,
At the time of publication notes all these apps are available for download in the AppStore. It is possible that after public outcry Apple is interested in the violation of the rights of users and require companies to bring their apps in line with the laws. In addition, according to the rules of the General regulations on data protection (GDPR), violators can face multimillion-dollar fines.
Apple needs to answer
At the end of January it became known about the presence of a frightening vulnerability in FaceTime app, which iPhone owners to communicate with each other. As it turned out, the user can listen to his interlocutor before he agreed to take the call.
The person on the other side “wire” is not even aware that it’s being monitored — there is no indicator on the screen does not appear.
It was reported that the problem of unauthorized wiretapping lies in the functions group calls to FaceTime, which was launched in November 2018.
Interestingly, the news about the bug entered in the data protection day is an international holiday, established in 2007 specifically to network users as a reminder about the rules of online behavior to protect their personal information online.
Apple acknowledged that FaceTime is really a dangerous bug, and within a week had quickly released an update with a patch that fixed the problem.
However, the vulnerability is already interested in the U.S. Congress — to the head of the company Tim cook sent a letter which States that MPs are “deeply concerned” about situation with FaceTime.
“We want to know when Apple first learned about the security problems, what was the impact on the privacy of users and whether there are other vulnerabilities, about which nobody knows”, — said in the letter signed by the two congressmen.
Apple is required to respond by 19 February of the current year. If Congress is not satisfied with the response “Apple” brand, it is possible that Tim cook could be invited to Washington to testify.
Read more •••