Man holding an iPhone 7
iPhone camera permissions could be invading your privacy Reuters

It is the typical Orwellian nightmare that new technology has foisted on humans, your smartphone recording your every move. When you download an iOS application, especially those in the social media category, one of the most common permissions you will grant it is access to the iPhone's camera.

It is easy to hit the 'Allow' button and forget about it, but Google researcher Felix Krause has warned that doing so can let iOS applications run wild – and may jeopardise your privacy.

In his analysis, published this week (25 October), Krause said that giving apps access to the camera will let them take images without your consent, secretly record you and even run cutting edge face tracking features.

He teased the following scenario: "Have you ever used a social media app while using the bathroom?"

Of course, this is not a bug, security vulnerability or flaw. Instead, it is simply a reminder to watch what you are clicking – and not to get complacent with permissions.

Krause called it a "privacy loophole that can be abused".

He wrote: "Once you take and post one picture or video via a social network app, you grant full access to the camera, and any time the app is running, the app can use the camera.

"[Apple] iOS users often grant camera access to an app soon after they download it. These apps, like a messaging app or any newsfeed-based app, can easily track the user's face, take pictures, or live stream the front and back camera, without the user's consent."

That is not all they can do, he warned. Krause, who recently discovered a convincing phishing scam targeting Apple devices, said that some iOS apps can "live stream their camera onto the internet" and use the front and back camera to judge the user's location.

Additionally, granting camera access to some modern apps can – thanks to new Apple's Vision technology in the most recent software – now be used to gauge the "emotions" of users and "detect if the user is on their phone alone or watching together with a second person".

In a video uploaded to YouTube, Krause demonstrated just how easy it would be to snoop on users via the camera by creating a fake social media-style iOS application.

"After a bit of scrolling, you'll suddenly see pictures of yourself, taken a few seconds ago while you scrolled through the feed," he explained. "You realise you've been recorded the whole time."

The researcher said that users can remain protected by using camera covers, but advised that Apple should design a method of granting apps only temporary access to the camera. Like laptops, he said the iPhone should come with an LED indicator to show when the camera is on.

To check what apps have been granted access to your camera you can go to Settings > Privacy.

More from IBTimes UK
IPhone Apple IOS