Skip To Content
BuzzFeed News Home Reporting To You

Utilizamos cookies, próprios e de terceiros, que o reconhecem e identificam como um usuário único, para garantir a melhor experiência de navegação, personalizar conteúdo e anúncios, e melhorar o desempenho do nosso site e serviços. Esses Cookies nos permitem coletar alguns dados pessoais sobre você, como sua ID exclusiva atribuída ao seu dispositivo, endereço de IP, tipo de dispositivo e navegador, conteúdos visualizados ou outras ações realizadas usando nossos serviços, país e idioma selecionados, entre outros. Para saber mais sobre nossa política de cookies, acesse link.

Caso não concorde com o uso cookies dessa forma, você deverá ajustar as configurações de seu navegador ou deixar de acessar o nosso site e serviços. Ao continuar com a navegação em nosso site, você aceita o uso de cookies.

Uber Removes Code That Could Have Let It Surveil iPhone Users

After dealing with past controversies in which it followed passengers through a "God View" and tracked users who deleted its app from their phone, Uber now has another surveillance mishap on its hands, though the company says this one was unintentional.

Posted on October 5, 2017, at 7:53 p.m. ET

Daniel Leal-olivas / AFP / Getty Images

After dealing with past controversies in which it followed passengers through a "God View" and tracked users who deleted its app from their phone, Uber had to deal with another potential surveillance mishap, though the company said it was unintentional.

Earlier this week, security researchers determined that Uber's ride-hailing iOS app had code which could have allowed the company to record a user's iPhone screen. Apple had given that code, called an "entitlement," to Uber to improve the functionality between the app and the Apple Watch, according to an Uber spokesperson on Thursday.

"You should know this API isn't connected to anything in our current codebase, meaning it's non-functional and there's no existing feature using it," said the spokesperson in an emailed statement. "We are working with Apple to remove it completely ASAP."

On Friday, Uber published an update to the Apple App Store, fixing the issues, a spokesperson confirmed.

A spokesperson for Apple declined to comment.

A source familiar with the situation said that Uber was having memory management issues with the early version of the Apple Watch, leading Apple to grant an exception to add the code in question. That exception was never rescinded, and its existence hypothetically allowed Uber, or a nefarious actor with access to Uber's network, to monitor an iPhone user's screen.

"It has remained in the Uber binary for the past 2 years so far - it is odd how they are only (hopefully) removing now that it has been mentioned publicly," said Will Strafach, one of the researchers who discovered the code, in a message to BuzzFeed News.

In 2014, an Uber executive in New York was investigated for tracking a BuzzFeed News reporter with a "God View" without her permission. That executive later left the company. And earlier this year, the New York Times reported that Apple CEO Tim Cook met with then-Uber CEO Travis Kalanick in 2015 to discuss how, in attempt to fight fraud, the ride-hailing company was tagging iPhones that had deleted the app, a violation of Apple's rules.


This story was updated with a comment from security researcher Will Strafach.


This story was updated with details about Uber's improvements to its app on Friday, which removed a potential security hole.

A BuzzFeed News investigation, in partnership with the International Consortium of Investigative Journalists, based on thousands of documents the government didn't want you to see.