April 23, 2019

Apple warns app developers to remove or disclose screen recording code

10 February 2019, 09:55 | Cameron Gross

Credit Pexels

Apple’s crackdown on screen-recording apps is a privacy win

End users of these popular iOS apps have no knowledge of their activities being recorded.

In a statement to Gizmodo about the report, a spokesperson for Glassbox said the tool is used to weed out potential bugs or errors and improve overall user experiences.

According to security research The App Analyst, whose work was earlier reported on by TechCrunch, Glassbox gives developers a "session replay" technology that allows them to see exactly how you used the app. One app developer was told by Apple to remove code that recorded app activities, citing the company's app store guidelines.

The session replay technology enables app developers to record users' every single tap, keyboard entry, button push, etc.

The report said none of the apps involved appeared to ask users for explicit permission to record screen activity or disclose their apps use such software. In addition, Glassbox has stated that its service is meant to help its clients improve the user experience on their apps and nothing more. Some of these apps properly mask that sensitive information before sending them off to remote servers. It allows companies to integrate their screen recording technology in their apps to reproduce how the user interacts with the apps.

The analyst said that the data was 'mostly obfuscated, 'meaning masked, but did see in some email addresses and postal codes.

While the software can prevent sensitive data like credit card information or passwords being recorded by blocking it out, the App Analyst found that this feature was not always successful, leading to personal information being displayed.'s policy does not mention recording users' screens, nor does Expedia's. But what is being uncovered, or at least brought to light in 2019, is that most users are entirely unaware that the developer might record every move they make inside an app.

One particular app belonging to Air Canada had suffered a major data breach, when it was discovered the airline carrier was not masking its consumer data properly whenever the Glassbox program sent details from mobile devices to its client's servers.

Expedia noted that its brands aren't using Glassbox on any of its "native applications for iOS or Android".

Abercrombie confirmed that it uses Glassbox but the company's privacy policy makes no mention of session replays, reports TechCrunch. The main issue with the usage of this software is that the travel companies and the hotels don't inform the users about the use of this technology. This includes user information entered in, and collected on, the Air Canada mobile app. None of these apps need user permission to record users' screens.

Neither Apple nor Glassbox immediately responded to a Fortune request for comment.

In addition, the company said it doesn't share information with third parties and that all the data it collects is "highly secured and encrypted". In addition, Glassbox said the data they capture is "highly secured, encrypted, and exclusively belongs to the customers" the company supports.

Other News

Trending Now

Aurora Innovation self-driving startup scores big Amazon investment
Bagnell was a founder member of Carnegie Mellon's Robotics Centre and Uber's Advanced Technology Centre. Rowe Price also invested along with Inc and several venture capital firms.

Greek Parliament Ratifies Protocol on Northern Macedonia's Accession to North Atlantic Treaty Organisation
Moscow had taken a dim view of the name accord, and of Macedonian membership in North Atlantic Treaty Organisation . One lawmaker described the pact as "worth spitting at", another that Greece was "humiliated".

30 years of the Mazda MX-5 Miata
The veil was lifted from the limited edition model at the Chicago auto show in the USA , which is just getting underway now. Each will wear an exclusive Racing Orange hue on their flanks, as well as on their brake calipers and interior accents.

Longest-serving Congress member John Dingell dies at 92
Dingell was a champion of the auto industry and was credited with increasing access to health care, among other accomplishments. At Georgetown University, he earned a bachelor's degree in chemistry in 1949 and a law degree three years later.

Southampton vow to ban fans over Emiliano Sala 'aeroplane' mockery
Earlier today, the club registered a 2-1 win as Kenneth Zohore scored a dramatic injury-time victor against Southampton . But David Ibbotson, from Crowle, who was lying Sala to the United Kingdom to join Cardiff City , has not been found.

Former New York Times Editor Reviewing Book After Accusations of Plagiarism
On Wednesday , Michael Moynihan of Vice News claimed passages of the book were "often not true" or were "plagiarized". My book has 70 pages of footnotes, and almost 100 source citations in the Vice chapters alone.

Get ready for Vivo V15 Pro on February 20
Moreover, Vivo has also reduced the price of the Vivo NeX which is now available for 39,990 INR ($562 approx.) on Amazon India . Speaking of which, we're looking at a 32-megapixel camera here, that's all the info that Vivo shared regarding it.

Sharma claims record as India cruise past New Zealand
New Zealand , on the other hand, would not be happy with their inconsistent batting performances throughout the Indian series. Sharma, who is standing in as captain while Virat Kohli is rested, had demanded greater consistency ahead of the match.

Scientists test 'beer before wine and you'll feel fine' hangover theory
Old folk wisdoms such as " Beer before wine and you'll feel fine; wine before beer and you'll feel queer" exist in many languages. It was discovered that, no matter what order drinks were drunk in, participants still reported the same hangover scores.

Germany Says Facebook Cannot Combine Data From WhatsApp, Instagram
In fact, the company says, it's keeping everyone safe from stuff like terrorism and child abuse. Online privacy is a grave concern in Germany as they lead the global charge against Facebook .