07 Oct Researcher Says Uber App was Granted Screen-Recording Ability
Earlier this week, security researcher Will Strafach found that Uber’s app had the ability to record the iPhone’s screen, an entitlement that no other third-party app has.
The undocumented private app permission can only be granted by Apple, and are normally not given to most developers. A number of experts including Apple expert Luca Todesco considered the revelation to be “frightening”, since attackers would want to target the Uber app to gain code execution rights in order to log the user’s credentials.
Strafach says he cannot imagine how Uber was able to get such privilege for their app from Apple, even after breaking a number of the phone maker’s rules.