Apple 'gave Uber unprecedented access to iPhones', cybersecurity expert claims

Ride hailing app spokesman says software has now been completely removed

Jemma Crew
Friday 06 October 2017 19:52 EDT
Comments
'I look forward to working with the UK business to help them manage and implement that change,' said Ms Powers-Freeling
'I look forward to working with the UK business to help them manage and implement that change,' said Ms Powers-Freeling (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Apple granted ride hailing app Uber "totally unprecedented" permission allowing its app to read iPhone screens even when only in background use, it has been alleged.

Will Strafach, the CEO of Sudo Security Group, pointed out the "anomaly" on Twitter earlier this week, saying it was "very unusual" and could only have been granted to the taxi-hailing company by Apple.

Asked why this was a concern, the security expert tweeted that it apparently gave the company the "ability to read directly from the screen even in background".

Another Twitter user claimed the permission would enable Uber to record the screen of the device even when app was closed and in theory potentially access sensitive information.

In reply to Mr Strafach, Melanie Ensign, the head of security and privacy communications for Uber, said: "(The software) was used to render Uber maps on iphone & send to Apple Watch before Watch apps could handle it. It's not in use & being removed. Thx!"

Mr Strafach replied: "Do you have any details on how Uber convinced Apple to grant this entitlement? (totally unprecedented)."

He said he could not see evidence of any other app having been granted a similar sensitive entitlement.

An Uber spokesman said the software was only used for a short period on an old version of the Apple Watch app and had not been in use for some time.

The spokesman said: "It enabled the app to run the memory-intensive rendering of maps on the iPhone & then send the image to the Watch app. It was never used for any other purpose and has been non-functional in our code for quite some time.

"The memory limitation of Apple Watch was fixed by subsequent updates in the OS (operating system) and we've issued an update to our app to remove the (software) completely."

It comes days after a "constructive" meeting between Uber's new boss and London's transport commissioner to discuss the firm's future in the capital.

Uber seeks to continue operating in the city, after regulator Transport for London refused to renew the firm's licence on the grounds of "public safety and security implications".

Press Association

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in