A security researcher this week uncovered special permissions in Uber’s app that allow the company to access new screen-recording features in iOS 11.
Will Strafach, the researcher that uncovered the “entitlement,” said these features are normally off limits to app developers without special permission from Apple. To his knowledge, Strafach told ZDNet’s Zach Whittaker, Uber is the only third-party app granted such an entitlement.
The specific permission, Apple expert and jailbreak author Luca Todesco told ZDNet, is known as “com.apple.private.allow-explicit-graphics-priority.” It allows developers to read and write to part of the iPhone’s memory that contains pixel and display data. He compared Uber’s access to that of giving app developers keylogging abilities for iPhone users.
It’s not the first time Uber has been in hot water over tracking users. Apple CEO Tim Cook warned the company earlier this year against tracking iOS users, even threatening to kick Uber out of the App Store if it was caught violating the rules again, according to a NY Times report.
TNW has reached out to both Apple and Uber for comment.
Update (4:03 PDT): An Uber spokesperson reached out to TNW and offered the following commentary about the report.
This API isn’t connected to anything in our current codebase, meaning it’s non-functional & there’s no existing feature using it. It was only ever used to render maps for an early version of our Apple Watch app, but has been dormant for quite some time.
We are working with Apple to remove it completely ASAP.