Android apps can capture images without user consent

At a time when the privacy and security of the user is increasingly in demand, new cases of vulnerabilities and problems come to light This time the problem is the discovery, after an exhaustive investigation, of the possibility of using applications to capture images and even videos from the terminal's camera without the user knowing anything An activity of espionage that has been shown to be possible on the platform Android

The researcher who discovered and created the first application capable of carrying out this mission was Szymon Sidor A computer scientist who ran into with this idea when researching a different project for the university where he works. Thus, almost by chance, he decided to delve into the aspect of espionage through the terminal's camera, trying to bypass the current limitations that force a preview to be displayed on the screen.of what the camera captures, in addition to always being able to see the application process running.

After each mistake, with a new attempt, this researcher managed to create his own application to take photographs and capture videos even when the terminal has screen offTo do this, he astutely turned to the Facebook Messenger application, which allows you to have conversations from Facebook contacts in bubbles on the screen even when the application is not being actively used and, therefore, there is no record of its process to alert the user. Thus, taking advantage of the same bubble system, he managed to overcome the first barrier.

However, there was still the difficult part, avoiding showing on the screen the images that are captured through the camera. After trying to cover these images with other tools or make them translucent, Sidor managed to represent them in as just one pixel of the screen Thus, by reducing its size to a virtually unseeable portion, even knowing where to look, this issue was solved. In this way, the rest of the screen remains off except for said negligible pixel to capture images without the user knowing what is happening.

The alarm raised by this question is related to the possibility of creating an application that allows us to carry out this image capture in addition to send them to a remote server An issue that would not only offer to see what the user is capturing with his rear and front camera , but access to other data associated with the photographs such as the location All a blow to the privacy and security of the user in whatGoogle should work to prevent the proliferation of these types of spying apps and tools.

There is currently a good variety of applications that seek to capture spy images on Google Play, however they have not managed to skip theadvisors and notifications that can put the user on the track that his terminal could be spying.An activity that, on the other hand, is completely illegal, recently finding a case in Spain that has resulted in an arrest Faced with such violations, the user must remain attentive to permissions that request apparently simple applications, using the logic and common sense as the first barrier against the installation of suspicious tools.