30 Sep iOS App Able to Grab Location Info from MetaData Due to Permission Loophole
A mobile dev expert recently identified a loophole allowing rogue iOS apps to access and extract geo-location data stored in images.
Felix Kraus, Founder of Fastlane Tools which was acquired by Google, discovered the loophole in the model for iOS permissions last week. He has relayed the information to Apple.
According to Kraus, permissions are bundled in the same umbrella permission. The iOS is unable to differentiate or restrict apps that only require accessing photos or apps that can extract EXIF metadata.
To demonstrate the gravity of this loose end, Kraus created an app called DetectLocations that can grab image metadata from a user’s phone and plot the location on the map.
Source: Bleeping Computer
