Share on Facebook Share on Twitter Share on Google+ Share on Reddit Share on Pinterest Share on Linkedin Share on Tumblr Spy Phone Apps can exploit a security flaw in iPhone that lets iPhone camera to be overridden by legitimate and illegitimate apps alike. Apps can take your photo even when you don’t start the camera.Demo app by Felix Krause Credits Felix KrauseThe iPhone Permission FlawFor a hefty amount for an iPhone, least you can expect is flawless security, privacy, & standard working. The iOS has allegedly had a loophole that resulted in iPhone permission flaw. An attacker or a rogue app can take pictures off your phone without your permission.The app with permission can access your camera and take photos and videos of it. Hackers can exploit this loophole and initiate camera without your consent. Apps can take control of camera & take photos, videos, and can even start a live stream from either front or back camera.The biggest concern with this issue is that there are apps, like the camera app itself, that require camera permissions. Even legitimate apps can use iPhone permission flaw to exploit camera without user’s initiation or alerting the user. Any app with such permission can take photos off your front camera anytime, anywhere. It may take photos when you are walking, be scrolling, or be doing nothing. If it’s on then it can spy on you.How the iPhone security flaw was uncoveredA Google engineer, Felix Krause, first reported the iPhone permission flaw. Felix Krause unveiled iPhone security flaw using a demo app he created. As a security precaution, apps ask permission for stuff they want to access on your phone. But when they get these permissions what else they can do?Felix Krause demonstrated by making a demo app. The demo app took a photo of the user every second of the run. Then the app ran a facial recognition and successfully detected the user’s face. The developer also warned that the similar application can be used for unauthorized access to various accounts. Even the apps can record facial expression against the page you are surfing to monitor interest.See Also: Top 5 Popular yet Harmful Apps that shouldn’t be on your phone.Possible Exploits using iPhone permission flawThe major concern is not only about shady apps using this vulnerability. We have seen similar patterns of privacy invasion from Facebook, Uber and many other apps.Apart from taking photos and videos, the same feature can be used by spy phone apps for stealing the facial identity. The facial id feature then can be used to unlock your iPhone. The ghastly iPhone security vulnerability can be exploited in many ways. One can make a 3d model of the face using your iPhone inject this id in various systems that use it.Although making a 3d model and trying to hack the iPhone won’t be an easy task. The face id uses TrueDepth technology, it maps user’s face using 30,000 invisible IR rays. But can it make mistake? we know that the face id fails a lot before it accepts a final face id.Apple’s face identity recognition is still in its infancy and there may be possible exploits. One can scan the facial features using your camera and later masquerade the face id details into various services that support it.If governments and banks approve face id as legitimate verification way, one can practically access your entire financial, personal & professional life.Ways to prevent spy phone apps from Accessing your iPhone’s communications.If we can take few precautions we can surely prevent ourselves from potential id thefts.Offer a way to grant temporary access to the camera. – The Google developer suggested that iPhone can allow and disallow permissions on initiation. Apps that us the microphone, camera, and location services should not have permissions when not in use.Show an icon in the status bar that the camera is active. – Whenever the camera, microphone, or location services are active, it must show respective icon on status bar.Force camera’s general features. – By restricting some features on your own you can protect your privacy. You can blindside such spy phone apps by enabling and restricting common features. Like to make the shutter sound when clicking a photo, or applying an app lock over phones that require such permissions.Use DNS Monitor tools – Use Network Monitor apps to restrict apps to use the Internet, so that even if an app takes photo or video but can’t transmit it. By learning the DNS request you can make sure that if an app is spying on you or not.Changing permission on your iPhone Open Settings in the iPhone app, and go to Privacy, Select Camera, a list will pop up showing which apps have access to the camera. Uncheck the apps that do not need camera access. For example, a note making an app, or a calculator, or a shopping app etc. Repeat this process for contacts, location and photos.Felix Krause’s Demo AppYou can see the Google’s developer’s demo video down below.Concluding this article, we suggest you that you can only save yourself by being more aware of your surroundings and the tech you use. Share this article with your frinds and family, let us know what do you think about iPhone and it’s security in comments below.You might also Like Google Deepmind Tech developed Lip Reading AI algorithm.