Apple has always required apps request permission to access a user’s location and to send them push notifications. More recently we’ve seen things like Contacts, Calendars, and Reminders added to the list of resources that apps have to explicitly get permission to access. In iOS 6, Apple went as far as to give Privacy its own category in the Settings app. So we should be covered now, right? Well, maybe not.
As platforms evolve and new functionality and trends arise, implications for privacy and security constantly need to be re-evaluated. One of the more recent trends is an increasing number of apps moving in to the second screen market. Rather than strictly using iPhones and iPads as primary devices, functionality is now being explored where these devices becomes an accessory; a secondary device to supplement a primary device like a TV. Large media companies like Fox, CBS, TBS and HBO, sports networks and game makers are among the many who are actively trying to engage their audiences by providing additional content to mobile devices. So how does this technology work?
Whether a viewer is on the east coast, west coast, or in another country, and whether they’re watching a show live or on their DVR, the app has to be able to deliver the relevant content at the appropriate time. In order to do this, the application makes use of audio fingerprinting, much like the technology that apps like Shazam use to figure out what song you’re listening to. An algorithm is used to generate a hash that serves as a fingerprint for a given timeframe of audio. This hash can then be compared against hashes calculated by a remote server. Once the application identifies where the viewer is in the broadcast based on their hash, it is able to determine which content should be displayed to the user for their current time.
In order to generate these hashes, an app needs access to your device’s microphone. When you’re in an application that is trying to sync second screen data, the app is continually recording audio from your device’s microphone in order to generate audio fingerprints. Mind you, this doesn’t just mean whatever sound is coming from your TV, but also conversations you might be having with friends, or your dog barking in the background, or music you have playing in another room. Just think about that for a minute.
What’s strange here is that iOS does not require applications to get a user’s permission before doing this. Any app can record audio and transmit it to their servers at any time without asking you. Most applications will display some type of notice that audio syncing is about to begin, but this is because for legitimate apps, they usually want to explain the experience and give the user instructions like turning up the volume on their TV and making sure their device’s microphone is clear. What about a nefarious app? It could start recording audio as soon as it is launched without any additional user interaction. Similarly, there is nothing preventing an application from taking photos or recording video from your device’s camera. While iOS requires apps to obtain permission to access the camera roll for saving photos and videos to it, there’s nothing stopping a malicious application from recording photos or videos and saving them within the application or sending them to a server, without asking the user. Apps like this aren’t unheard of on other platforms; OS X, Android, and Windows have all seem their share.
So what could Apple be doing? Currently iOS turns the status bar red when an application is recording audio, but apps can control the status bar while running, so this can’t be relied on. A small light could be added to the front of the iPhone that turns on when audio or video are being recorded, like MacBooks have. Apple could also add the microphone and camera to iOS’ privacy settings, require applications to get a user’s permission before accessing either of them, and give users the ability to revoke this access on a per-application basis at any time. A request in Apple’s bug reporting tool for this last feature was recently closed as a duplicate, indicating at least one other developer would also like to see this functionality added.
In the meantime, there’s not much users can do to protect themselves. The more adventurous folks among us may try spying on apps with tools like Charles Proxy or PhoneView to look for any suspicious activity or files. Perhaps Clueful will even consider adding detection for such practices to their service and add the results to their app reports. Of course if you’re really concerned and want a solution immediately, a few pieces of strategically placed electrical tape may help to put your mind at ease.