With our smartphones sporting cameras and microphones, we’re sure that there are some who might be concerned that these hardware features could be hacked and used to spy on us. As it turns out, a hack might not have even been necessary, according to a damning report released by security firm Checkmarx.
According to the report, it has been revealed that due to a security flaw in Android, it allowed apps to potentially access the phone’s camera and microphone even without the user’s permission. As many Android users know, whenever installing and using an app for the first time, permissions are requested.
In this case, the flaw allowed apps to only request for permission to access the phone’s storage, which is pretty normal and most people would not think too much about it. Unfortunately, due to the flaw, it would still allow apps to access the app’s camera and microphone without the user knowing at all.
The good news is that Google was aware of the flaw and in a statement to the security company, they claim that it has since been patched.
“We appreciate Checkmarx bringing this to our attention and working with Google and Android partners to coordinate disclosure. The issue was addressed on impacted Google devices via a Play Store update to the Google Camera Application in July 2019. A patch has also been made available to all partners.”
That being said, Checkmarx notes that this flaw also affects Android running on other branded devices, meaning that while Pixel phones are already safe from this, it could still exist on other devices.