Android camera spying flaw confirmed, could affect ‘hundreds of millions’ of users
- The security flaw lets apps record videos, audio and click photos without permission.
- Google and Samsung have fixed the security flaw, but other companies could still be vulnerable.
- Hundreds of millions of users could be affected due to this
Android cameraspying flaw.
AdvertisementGoogle has confirmed a massive Android camera spying flaw that could affect ‘hundreds of millions’ of users. The flaw has been fixed by Google and Samsung, but other smartphone companies are yet to release the security fix.
According to findings of security research firm Checkmarx, it is trivial to bypass Google’s restrictions on accessing cameras and microphones.
‘Hundreds of millions’ of users could be vulnerable
While Google fixed the security hole in July with an update to its camera app, it indicated that Android smartphones made by other companies could still be vulnerable. Samsung joined Google in rolling out a fix, but it is not clear exactly when that happened.
While Samsung ships millions of smartphones, companies like Xiaomi, Oppo, Vivo, OnePlus and others make up the rest of the Android ecosystem with millions of shipments every month. Google’s Pixel line-up is still miniscule when it comes to shipments in the Android ecosystem.
Apps can record video, audio and click photos without permission
The Android camera spying flaw allows apps to record videos, audio and click photos without the camera permission. All they need is access to the device’s storage, and once that is granted, they can access the camera without user intervention. In cases where the user is away from the phone, the app could essentially get photos and videos without the user noticing it.
The clicked videos and photos would then be saved to the internal storage while still being hidden from the user. Since all Android apps and games are allowed to use the internet without permissions, they could then upload the saved photos and videos to their server in the background.
Furthermore, apps can also determine the GPS location of the user thanks to the geolocation data saved in the photos and videos.
Your calls can be recorded, too
The camera spying vulnerability reportedly affects calls as well. According to Checkmarx, malicious apps can access the proximity sensor and identify when it is placed near the ear. The app could then record both sides of the call and click photos while it is doing so.
AdvertisementPopping up cameras
Users who have smartphones with pop-up cameras are more likely to notice this security flaw. When a malicious app or website tries to access the camera, the camera will pop-up automatically, making it evident to the user that something fishy is going on with the phone.
Google and Samsung issue statements
Google issued a statement in this regard, saying, “We appreciate Checkmarx bringing this to our attention and working with Google and Android partners to coordinate disclosure. The issue was addressed on impacted Google devices via a Play Store update to the Google Camera Application in July 2019. A patch has also been made available to all partners.”
Samsung, too, issued a statement: “Since being notified of this issue by Google, we have subsequently released patches to address all Samsung device models that may be affected. We value our partnership with the Android team that allowed us to identify and address this matter directly.”
Here’s a video that demonstrates how the Android camera flaw works.
Popular on BI
- Ukraine's drones are becoming increasingly ineffective as Russia ramps up its electronic warfare and air defenses
- 'Die-hard' Nintendo fan spent over $40,000 buying stock and then asked top executives why the company won't make more of a fan-favorite series
- Mark Zuckerberg told Meta staff he's upping performance goals to get rid of employees who 'shouldn't be here,' report says
- It’s not the CM seat but the one who wields ‘bow and arrow’ will be the Sena head
- SIMPLY PUT: extreme weather is the new normal in India
- Antonia Wade, PwC's global CMO, tells Insider how B2B spending changes in tough economic times
- Ban on single-use plastic kicks in across India as the country recognises the choking impacts of plastic waste on the environment
- Bank FDs will draw down from mutual funds if interest rates go up to 7.5-8%, says report