Apple recently launched iOS 16.3, which includes a fix for a privacy bug in Apple Maps. The bug enabled apps to collect user location data without consent, causing concern among privacy advocates, 9to5Mac reports.
One of the apps known to have taken advantage of the bug is iFood, a Brazilian food delivery app that is currently valued at $5.4 billion.
Privacy Bug Spotted
According to Rodrigo Ghedin, a Brazilian journalist, iFood was discovered to be accessing the user's location even when the app was not open or in use. This violated an iOS setting that limits an app's access to specific phone features.
Despite users denying the app location access, iFood continued to collect location data. The bug was marked as "reserved" in the Common Vulnerabilities and Exposures (CVE) system, indicating that further information is unavailable.
According to the iOS 16.3 release notes, the security issue in Maps stated that "an app may be able to bypass Privacy preferences." The user who noticed iFood's odd behavior reset his iPhone, which seemed to resolve the issue, and promptly updated to iOS 16.3 as soon as it was released. He reported no further unusual activity, according to Ghedin.
Read Also : Google Maps Android to Add EV Charging Station Routes for Clean Energy Car Owners via the App
iFood's press team was contacted by the Brazilian journalist for a statement, but a response has yet to be received. It is currently unknown how long the vulnerability existed, how much the app collected location data, and how many other apps may have exploited the bug. However, the bug may have been related to iOS not updating the list of apps that can access location data properly.
More Details
The security-related bug fixes, including the Apple Maps privacy bug, are listed in a document mentioning 12 security patches. The bug was available on devices such as the iPhone 8 and later, iPad Pro, iPad Air, iPad 5th generation and later, and iPad mini 5th generation and later.
Since the bug is still "reserved," Apple has not yet commented on it. Information will probably be made public once most iOS users have upgraded to iOS 16.3 or a patched version of an earlier release.
It is just pure conjecture that this exploited the bug in question, but it is at least a reasonable theory. Apple's bug could have enabled the iFood app's actions.
iOS users are urged to limit app access to their location data and frequently review their privacy settings to safeguard their privacy. This will make it more likely that suspicious apps will gather no location information about them without their knowledge or consent.
Ultimately, the recent privacy bug in Apple Maps emphasizes the importance of users being cautious and vigilant in protecting their personal information. It is critical to check privacy settings regularly and limit app access to sensitive information such as location data to ensure that private information remains just that - private.
Stay posted here at Tech Times.