

Gmail app hack works 92 percent of the time - bcn
http://www.wired.co.uk/news/archive/2014-08/21/gmail-hacks-92-percent

======
userbinator
_Our attack requires neither specific vulnerabilities nor privacy-sensitive
permissions_

Access to the camera is not a "privacy-sensitive" permission...? That's news
to me.

 _Since the delay to get a camera preview frame is only the initialization
time (500-1000 ms), the camera is very likely still pointing at the same
object, thus obtaining a similar image._

Maybe it depends on how people use cameras, but I find that I often start
moving the camera away from the subject too soon after hitting the shutter
button, resulting in an unrecognisably blurred image. Holding it still for
>500ms after that would be a very rare thing for me to do.

------
scottoreilly
I'm pretty sure Wired completely botched this article. It says that the hack
works "across Android, iOS and Windows devices" by monitoring "a newly exposed
public side channel, which details the shared memory statistics of other
processes."

That just isn't possible on iOS unless your phone is jailbroken. Sure enough,
the source article is only about android. This kind of "journalism" is so
frustrating.

------
michel-slm
Not the submitter's fault, but the title is really misleading -- contrast with
the first paragraph:

"Computer scientists have discovered a method of hacking smartphone apps
across Android, iOS and Windows devices that is effective up to 92 percent of
the time on six of seven popular apps, including Gmail."

~~~
cfontes
There should be a way to punish head lines like this.

~~~
michel-slm
In terms of Wired's own classification of wired-tired-expired, I guess it's
clear which bucket this falls into

------
valleyer
Can iOS apps take control of the camera in the background?

