Facebook’s iOS ‘bug’ secretly filmed users. IT, take note.
News reports last week — subsequently confirmed by a Facebook executive’s tweet — that the Facebook iOS app was videotaping users without notice should serve as a critical heads up to enterprise IT and security execs that mobile devices are every bit as risky as they feared. And a very different bug, planted by cyberthieves, presents even more frightening camera-spying issues with Android.
On the iOS issue, the confirmation tweet from Guy Rosen, who is Facebook’s vice president of Integrity (go ahead and insert whatever joke you want about Facebook having a vice president of integrity; for me, it’s way too easy a shot), said, “We recently discovered our iOS app incorrectly launched in landscape. In fixing that last week in v246, we inadvertently introduced a bug where the app partially navigates to the camera screen when a photo is tapped. We have no evidence of photos/videos uploaded due to this.”
Please forgive me if I don’t immediately accept that this filming was an error, nor that Facebook has no evidence of any photos/videos being uploaded. When it comes to being candid about their privacy moves and the real intentions behind them, Facebook executives’ track record isn’t great. Consider this Reuters story from earlier this month that cited court documents establishing that “Facebook began cutting off access to user data for app developers from 2012 to squash potential rivals while presenting the move to the general public as a boon for user privacy.” And, of course, who can forget Cambridge Analytica?
In this case, though, intentions are irrelevant. This situation merely serves as a reminder of what apps can do if no one is paying enough attention.
This is what happened, according to a well-done summary of the incident in The Next Web (TNW): “The problem becomes evident due to a bug that shows the camera feed in a tiny sliver on the left side of your screen, when you open a photo in the app and swipe down. TNW has since been able to independently reproduce the issue.”
This all began when an iOS Facebaook user named Joshua…