
Facebook says a bug caused its iPhone app’s inadvertent camera access - Liriel
https://techcrunch.com/2019/11/12/facebook-iphone-camera-bug/
======
saagarjha
> “I guess it does say something when Facebook trust has eroded so badly that
> it will not get the benefit of the doubt when people see such a bug,” said
> Strafach.

~~~
lmilcin
Exactly. That what happens when you are repeatedly caught lying and then
reversing your statements only after you were caught and then pretending
nothing happened.

~~~
president
Sadly, it seems to be the norm in business and society these days. It all
started when people started espousing "it is better to ask for forgiveness
than to ask for permission" nonsense, which I guess is one of the pillars that
made Silicon Valley what it is today. And now it's a race to the bottom as
everybody now needs to follow the same philosophy to compete.

~~~
lmilcin
In a way it is the same thinking that speeding drivers use. They need to get
somewhere in a hurry and it is too much to be bothered and slowed down by
being careful. Traffic rules as a source of nuisance. Then when an accident
happens or get caught by police they will blame bad luck or everybody else.

Thinking long term (playing the infinite game) is so overrated...

~~~
w1nst0nsm1th
Make me think of "tax are bad" people.

------
Wowfunhappy
And this is the problem with losing trust.

It's perfectly plausible that this _could_ have been a bug. It could also have
been some type of performance enhancement, e.g. initialize the camera in the
background so you can begin a video call more quickly.

But do you believe them? Facebook has scourged any goodwill I ever had for
them.

~~~
wewegogo
but why when scrolling instead of when the app is initialized?

------
egdod
None of these “bugs” ever seem to result in accidentally accessing _less_
data. How odd.

~~~
BoorishBears
What is this comment even trying to say?

There are plenty of bugs that result in less data... many of them are called
crashes and FB has them just like any other app.

~~~
aaroninsf
ELI5:

It's a pithy sardonic addition to the chorus of scorn rightly directed at
Facebook, rearticulating the consensus opinion that one consequence of their
persistent malfeasance and its regular public disclosure is a profound loss of
trust, such that genuine mistakes will never be perceived as such; and
furthermore, this creates a self-perpetuating cycle in which embarrassing true
bugs are interleaved with further documentation of bad faith in such a way
that the distinction is not only lost but essentially irrelevant.

~~~
BoorishBears
ELI5 of my comment:

The comment I replied to is not nearly as pithy as it thinks and comes across
as more corny than commentary.

------
rshnotsecure
I have been going back and forth on this heavily, but two weeks ago I reached
out to ISC2 and ISACA’s ethics boards to begin exploring the process of
terminating the certifications of several FB employees that potentially (let
me emphasize 110% blameless until proven otherwise) have been in violation of
the ethics code for both of those orgs.

I asked ISC2 in particular that if a certain employee was shown to be on XYZ
team that handled XYZ task, if they had say ignored multiple outreaches from
the community, and then also (this is key) not raised concerns internally to a
reasonable degree that a single individual can in a megacorp...could their say
CISSP be revoked. The answer I got was a strong yes in the hypothetical
stories I proposed.

I also emphasized that I would be writing an apology to said employee, and
offer to resign / terminate my CISSP/CCSP if wrong because we have to prevent
this process from becoming a no-lose vindictive game.

------
unkclelanny
I’ve long suspected this as the Facebook app in particular causes the phone to
get hot around where the main camera module ic is located. It is also a
battery drain. They appear to be doing this in collaboration with Apple as the
battery usage for the camera does not increase despite the camera constantly
being initiated while using the Facebook app.

I’ve also noticed that when certain ad platforms inject their code into Safari
taboola/outbrain the same heating occurs. This would make sense as taboola and
outbrain appear to be linked to Israeli intelligence.

I guess they not only don’t care about our privacy they also don’t care about
our battery life / health of our devices either.

It sort of reminds me of how windows would spin up your HDD In the middle of
the night and scan through your entire hard drive causing it to prematurely
fail. All under the guise of windows update or whatever the cover was for what
I consider criminal damage.

~~~
saagarjha
> They appear to be doing this in collaboration with Apple as the battery
> usage for the camera does not increase despite the camera constantly being
> initiated while using the Facebook app.

I’m sure any battery usage from this would just be listed under Facebook.

~~~
mattacular
Right, battery usage is reported by app not by hardware function. It seems
unlikely Apple would be willfully letting Facebook have special capabilities.

~~~
Liquix
Not too long ago, the idea of the NSA & GCHQ working together to silently
strong-arm tech giants to spy on their own citizens/customers was a laughable
conspiracy theory.

Then we learned about PRISM. Hard proof that Apple, Facebook, Google, and the
NSA secretly collaborate to mass-collect data on US citizens. It's 100%
reasonable (and perhaps in our best interest) to assume any large tech company
will and does cater to the NSA/CIA/GCHQ/Mossad's interests before their
customers' \- or even their shareholders'. Revenue and market share are
important, but a powerful agency threatening your company takes priority over
anything.

 _Until proven innocent, we should assume that any and every large tech-
centric corporation either has been or can be forced to cooperate with PRISM.
IMHO now that the public has access to the Snowden leaks and Vault 7, it is
irresponsible (and perhaps dangerous) to think otherwise._

~~~
mattacular
Yes, all that is true, and why I used the word "willful" in my comment.

------
lalos
It's very telling when the CEO of the company puts stickers on his cameras.
Bug or not, I guess it's better to follow suit with those that know what's
going on. [https://simplecapacity.com/wp-
content/uploads/2016/07/Mark-Z...](https://simplecapacity.com/wp-
content/uploads/2016/07/Mark-Zuckerberg-Tapes-His-Camera-And-Audio-Jack-With-
Pieces-Of-Tape.-THIS-Tells-You-Something....jpg)

~~~
eindiran
Putting stickers over your cameras might be a reasonable thing to do, but it's
pretty silly to pretend your threat model is the same as Mark Zuckerberg's.

~~~
dylan604
I keep reading similar statements on HN. Are we honestly saying that because
of Zuck's "stature", there are more people actively attacking him than people
taking access of an attack vector to gain access to as many people/devices as
possible? Sure, some hacker might get some cred points for being the one to
hack the Zuck, but ultimately these guys are after financial gains. This seems
to be a prime example of quantity over quality being the better option.

~~~
ben_jones
If I was a billionaire I would pay security experts to make sure my workspaces
were secure, things like locking down USB ports and blocking video/audio
inputs that aren’t used would be a completely expected part of that. Still
rich with irony though.

------
bigyanshr
It easy, nowadays, to do anything and say it's a bug. Easy to escape that way
than getting your ass kicked by loads of lawsuits.

~~~
0x00000000
Same exact thing with the Robinhood infinite leverage. People tried to defend
them saying “robinhood isn’t responsible because it’s just a bug”. Being
ignorant of FINRA regulations and refusing to fix it when it has come up
multiple times is not a bug. Not every fuckup is “a bug”. Calling it a bug
does not release you from all liability.

------
sdan
What's concerning is if FB could potentially target users based upon
interests/variety of other user data to "introduce" these types of "bugs".

Not trying to start a conspiracy, but given the data and reach FB has, they
could potentially target unknowing/non-techy people somewhere in the world and
do it without their knowledge/care.

------
llarsson
Booting the camera so it is quickly available? Sure, that is a user-facing
benefit.

My immediate hunch is rather that they love tracking emotional responses such
as widening eyes as people interact with content. Because knowing the true
emotional responses instead of just hitting "like" on a post would be
extremely valuable data.

~~~
szhu
It's the rear camera that's activated...

[https://twitter.com/neo_qa/status/1190639141979140097](https://twitter.com/neo_qa/status/1190639141979140097)

------
throwaway122378
Each time a “bug” like this surfaces they should be massively fined.

------
edf13
> Facebook vice president of integrity Guy Rosen

The same Guy Rosen who was the CEO of Onvao - the infamous data grab app that
Facebook purchased.... yeah, that integrity guy...

~~~
miloshadzic
WTF does a VP of integrity do? Have lunches with the VP of honesty?

~~~
mic47
Integrity teams at FB are teams that handle abuse on the platform, and other
bad things (fake accounts, spam, malicious developers, malicious ads, ...).
Why integrity? Bunch of teams (not all) that did abuse had integrity in their
name (like site integrity, platform integrity), so I guess that the name just
sticks.

And what does VP of integrity do? Manages organization that handles abuse on
the platform.

~~~
miloshadzic
I guess VP of Abuse is just not a good look

~~~
mic47
well, VP of Abuse is exactly as good as VP of Spam. You know, it's not clear,
whether you are trying to to reduce abuse/spam, or create it.

~~~
mcintyre1994
To be fair it’s often not clear whether Facebook are trying to reduce
integrity, or create it. :)

------
dylan604
i'm no fan of FB, and do not have their apps installed. however, the rationale
is that they initialize the camera so there is little delay when the user
actually wants to use the camera, but the skeptics think the camera being
initiated has a more nefarious purpose. scientific method would suggest these
are testable theories to prove/disprove. could we not test the network traffic
to see if a sudden spike in outbound data flows due to the camera data being
sent to the mothership? is it possible that the app can analyze the video
content locally on the device without needing to stream the video content back
to the mothership? users with limited data plans would be destroyed by a
constant "live" stream of video, but i am not hearing of these complaints in
the wild.

~~~
HeadsUpHigh
No idea mate but what I've noticed is that when I had the facebook app
installed it used to completely trash my battery on every android device I
tried it on while running in the background. Imo there must be _some_ kind of
processing that they are doing locally.

~~~
dylan604
Would energizing the camera chip the entire time you are using FB apps not
explain the battery drain by itself?

~~~
HeadsUpHigh
As far as the older androids I'm talking about I'm pretty sure that they
didn't have the camera open 24/7 because the battery drain would have been
even higher( based on my perception when taking a lot of photos), plus the
camera used to overheat so I would have noticed. What I'm saying is that they
are probably datamining and processing something. Not sure what that would be,
but android at least is pretty pervasive with it's app permissions and used to
be even more so so it could be anything on the phone really.

------
Tempest1981
Discussion here:
[https://news.ycombinator.com/item?id=21513471](https://news.ycombinator.com/item?id=21513471)

------
Grangar
Ah, yes, a bug, how unfortunate.

------
appstorelottery
Perhaps the bug was showing the camera image?

------
yalogin
How would the app even acces the camera without user approval? They must have
done some nefarious shit to get around apple’s ACLs.

~~~
daxelrod
This only works when the app has already been granted camera access.

------
alanwil2
I noticed that the FB app is very dodgy. Now, I use a shortcut to FB in the
web browser to check on things on my android.

------
jakeogh
Why open source matters.

~~~
saagarjha
How so?

~~~
phkahler
You can look at the code to see what it's _actually_ doing.

~~~
ProAm
People rarely look at the code even when its open source

~~~
dehrmann
Not only that, even if you have reproducible builds, they're a lot harder to
verify on mobile targets where you can't just compare all the installed files.

~~~
jakeogh
What am I missing? The binaries are the same. I dont see why paths matter. One
can hash and intersect the sets.

------
lprd
Color me unsurprised.

------
asenk
Good time to remind that Facebook has previously intentionally bypassed
permission dialogs to gather data without user permission:

[https://assets.documentcloud.org/documents/5433555/Note-
by-C...](https://assets.documentcloud.org/documents/5433555/Note-by-Chair-and-
Selected-Documents-Ordered.pdf#Page=11)

~~~
nealdt
Also nice reminder about that lovely photo of Zuck with a sticker covering up
his webcam. Now why would he do something like that ... ?

~~~
have_faith
Because he's much more likely to be targeted than any of us for things like
that?

~~~
goatinaboat
In a building he owns, on a network he owns, defended by an army of network
engineers he employs?

No, he’s not protecting himself from any _external_ threat.

~~~
vonmoltke
This is common practice among US government employees as well. The fact that
Zuck does it as well doesn't say anything about Facebook's practices WRT their
users.

~~~
goatinaboat
_This is common practice among US government employees as well_

Sure, but they are protecting themselves from the Russian hackers that are in
all the US government networks. Zuck is protecting himself from Facebook
itself.

------
Finnucane
Once again, my paranoia about never using FB from my phone is retroactively
justified.

------
coldtea
Of course it did...

------
GrumpyNl
Is not bug, people worked hard on this feature.

------
gigama
Bugs are what you get when you move fast.

------
supermatt
Such bullshit.

They definitely initialize the camera in the background. That is how you are
able to simply swipe to your camera view and it is immediately active.
Otherwise you would get a slight delay while the camera is initialised.

What they are calling a bug is that the user actually saw it it rendered to a
view...

Have no doubt - this happens on ALL apps that dont have an apparent delay on
switching to a camera view. That facebook are saying this is a bug that they
have "fixed", rather than admitting that they intentionally initialize the
camera in the background makes me concerned as to why they would want to hide
that fact...

~~~
jhgg
Looking at the videos, it looks like the camera opens when the main view is
swiped to the right. And you can see a ~300ms delay between when he swipes
down and when the camera starts. This makes sense, because the way you open
the story feature on FB is to swipe right. It's a good UX feature to start
booting the camera as soon as you initiate the gesture, rather than when
you've fully navigated so the camera is ready when you've finished your swipe.

Their layering system also pushes the view slightly to the right to create a
perspective effect when it transitions back to the app from viewing an image.

Of course, this triggers the component that thinks the app is starting to pan
to the right - and starts the camera and renders to the view behind the main
view.

This seems totally plausible to be a bug - and I'm not sure why other
commenters on HN aren't bringing this up.

Their app is fairly complicated, and it's totally reasonable that the team
that worked on the story feature assumed that the only thing that would cause
the view to move right was a user gesture. However, it looks like their
layering system also caused it to move right as part of a perspective
transition. This sounds like a bug to me.

If you really wanted to keep the camera open in the background, there are
other ways to do so, such as literally not rendering the image to a visible
framebuffer upon initiating the AVCaptureSession. iOS does not require you to
attach a AVCaptureVideoPreviewLayer to the capture session - and you could
very easily just take those frames and process them without ever showing a
preview to the user.

The bug is not that they were capturing in the background, but that the
perspective transform of the main view caused the view behind it (for the
story camera feature) to think the user was swiping the main view to the right
and to start up the camera to make sure it's ready asap. Running the camera in
the background is actually pretty expensive - you don't want to suck power
doing so. As much as facebook wants your data, it also wants you to regularly
interact with the app. If users think the app is draining battery too fast -
they'll use it less throughout the day to preserve battery life. Making sure
it isn't a power suck is important to their core business.

~~~
coldcode
I have heard that facebook's app delivery pipeline is automated (so that they
could release in a day if they wish) but also that they dogfood their apps
with employees. So not sure how such an obvious bug us released. Either their
employees don't use the app or their 100% automation is pathetically bad.

~~~
kelnos
Or they knew about the bug, but considered it just a visual glitch (not
considering people might get upset about privacy implications), and didn't
prioritize fixing it.

------
kresten
I think it’s just bug.

~~~
bigiain
You'll have to excuse me for being at least a little suspicious when one of
the biggest surveillance capitalism companies on the planet ships an app
version with a "feature" that looks a lot like surreptitious surveillance.

Facebook have demonstrated capability to do accurate face recognition, and
it's hardly a stretch to assume they couldn't do enough object and possibly
brand recognition from a live video feed from you phones camera as you're
using the app.

Perhaps people might not make assumptions or jump to conclusions like those,
if the company was one that had a solid track record of respecting user
privacy and getting the protection of privacy right. That company is not
Facebook...

But what would I know, I'm just "a dumb fuck"...

------
villgax
Same goes to WhatsApp if your camera preview is accessible on swiping to the
left or whatever. They must be sending small snippets of video/audio/images
periodically, its too tempting to not do so at that scale if you already have
the permissions.

~~~
rrix2
Except that they'd be hung by their toes if they were caught doing that.

