Apple just released iOS 16.3, which fixes a privacy flaw in Apple Maps. According to 9to5Mac, the issue allowed apps to gather user location data without permission, which worried privacy activists.
iFood, a Brazilian meal delivery startup currently valued at $5.4 billion, is one of the apps known to have exploited the problem.
Privacy Bug Spotted
iFood was found to be accessing the user’s location even while the app was not open or in use, according to Brazilian writer Rodrigo Ghedin. This went against an iOS option that restricts an app’s use of particular phone functionalities.
iFood continued to gather location data despite users refusing to grant the app access to their whereabouts. The bug’s status in the Common Vulnerabilities and Exposures (CVE) database is “reserved,” which means more information is not yet accessible.
An app “may be able to bypass privacy choices,” according to the security problem in Maps, according to the iOS 16.3 release notes. After noticing iFeed’s strange behaviour, the user restarted his iPhone, which appeared to fix the problem. He then swiftly updated to iOS 16.3 as soon as it was made available. Ghedin claims that he didn’t disclose any other strange behaviour.
The Brazilian journalist requested a statement from iFood’s press team, but we have not yet heard back. It is presently unknown how long the flaw persisted, how much location data the app acquired, and how many other apps might have taken advantage of it. The issue, however, might have been caused by iOS failing to correctly update the list of apps that can access location data.
More Details
In a document listing 12 security patches, the Apple Maps privacy flaw is highlighted along with other security-related bug fixes. Devices including the iPhone 8 and later, iPad Pro, iPad Air, iPad 5th generation, and iPad mini 5th generation and later all have the issue.
The problem is still “reserved,” therefore Apple hasn’t addressed it yet. Once the majority of iOS users have updated to iOS 16.3 or a patched version of an earlier edition, this information will undoubtedly become public.
This exploiting of the problem in question is just pure speculation, but it is at least a plausible notion. The iFood app’s operations might have been made possible via an Apple flaw.
To protect their privacy, iOS users are advised to restrict which apps can access their location information and to frequently check their privacy settings. This will increase the likelihood that dubious apps won’t collect users’ location data without their knowledge or permission.
In the end, the recent privacy flaw in Apple Maps highlights the significance of people exercising caution and vigilance when securing their personal data. To make sure that private information stays just that: private, it is essential to routinely review privacy settings and limit app access to sensitive information like location data.
Stay connected with postvines for more information!!
