Quick News Bit

Apple denies claim that a Maps bug shared user locations without consent

0

A few weeks after a report said an Apple Maps bug was sharing users’ location with apps without consent, Apple has denied this claim with a statement. Speaking to 9to5Mac, Apple said this privacy vulnerability “could only be exploited from unsandboxed apps on macOS,” which means this vulnerability hasn’t allowed apps on iPhone to “circumvent user controls.”

Apple also added that the report saying this Apple Maps bug was sharing users’ location was incorrect, as its own investigation “concluded that the app was not circumventing users’ control through any mechanism.” Here’s the full statement:

At Apple, we firmly believe users should choose when to share their data and with whom. Last week we issued an advisory for a privacy vulnerability that could only be exploited from unsandboxed apps on macOS. The codebase that we fixed is shared by iOS and iPadOS, tvOS, and watchOS, so the fix and advisory was propagated to those operating systems as well, despite the fact that they were never at risk. The suggestion that this vulnerability could have allowed apps to circumvent user controls on iPhone is false. 

A report also incorrectly suggested an iOS app was exploiting this or another vulnerability to bypass user control over location data. Our follow up investigation concluded that the app was not circumventing user controls through any mechanism.

What we know about this Apple Maps bug

Image source: Rodrigo Ghedin

At the beginning of the month, Brazilian journalist Rodrigo Ghedin reported that iFood, one of the biggest Brazilian startups that offer an Uber Eats-like service, was “peeking at iOS users’ location when it should not.”

iFood, Brazilian largest food delivering app evaluated at USD 5.4 billion, was accessing his location when not open/in use, bypassing an iOS setting that restrict an app’s access to certain phone’s features. Even when the reader completely denied location access to it, iFood’s app continued to access his phone’s location.

His report came after Apple released iOS 16.3, which addressed an Apple Maps issue where “an app may be able to bypass Privacy preferences.” With a device running iOS 16.2, he denied iFood his location, but even though the app was accessing it, according to the iPhone’s Control Center.

Now, Apple states that it was not the case, and the Maps bug wasn’t exploited, although the journalist could reproduce the issue.

That said, whether third-party apps were exploiting this Apple Maps bug or not, the best solution is to keep your device always updated.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment