What you need to know
- A vulnerability found by security researchers at Checkmarx allowed for an app with only storage permissions to access the camera on your Android phone to take photos and videos.
- The flaw was found to be present in the Google Camera and Samsung Camera apps, as well as other Android OEMs.
- Samsung and Google have since patched the flaw and Google has informed all its OEM partners and issued them patches for the vulnerability.
Recently, a security flaw was made public that allowed the camera on your Android phone to spy on you. The vulnerability was found by security researchers at Checkmarx, and it allowed for an app with only storage permissions to take control of the camera app on your phone to take photos and videos.
The team at Checkmarx found this vulnerability to be present in both the Google Camera and Samsung Camera apps, as well as camera apps from other smartphone makers. In a video demo, Checkmarx used a Pixel 2 XL running Android 9 to show how this flaw worked and several scenarios of how it could be used to spy on you.
It starts by installing an app that only asks for storage permissions on your phone, a permission that is quite common among apps. In this case, Checkmarx used a weather app that then gave an attacker access to your phone with the ability to open the camera app and take photos or videos. Not only could the attacker remotely trigger your camera and view the photos or videos, but they could also view the GPS data to get your location, as well as check the status of the proximity sensor to ensure you were not looking at the phone to see the camera app was active.
Given that the attacker could take video footage, that means they could also record the audio, giving them full access to eavesdrop on your conversations.
Thankfully, Google and Samsung have already patched the vulnerability, with Google doing so back in July with a Play Store update. Google also informed all of its OEM partners about the flaw and sent patches out to them as well.
It just goes to show the importance of regular security updates for phones, and now is as good a time as any to make sure your phone is running the most current OS and all of your apps are up to date.
We may earn a commission for purchases using our links. Learn more.
Google Pixel 4a review: The best camera under $400 is a perfect 2020 phone
It turns out Google's "less is more" approach really fits well within the constraints of a less-expensive phone, and its strengths in software and camera processing stand out against less-refined competition. The Pixel 4a picks up right where the 3a left off, with better specs, the same great camera, and a $50 lower price.
Google Pixel 4a specs: Upgrades in performance, display and battery
Google never goes overboard with Pixel specs, and that's particularly true with the "a" series. The Pixel 4a, like its predecessor, is about giving you a great all-around experience for the money by being very selective about which specs and features are included.
Google confirms Pixel 4a 5G and Pixel 5 are coming, but with few details
Google has confirmed it will have two more Pixels to launch in 2020, and they'll both have 5G. The Pixel 4a 5G and Pixel 5 will come later to complement the standard Pixel 4a, and while we have a decent idea of what they'll be like through leaks, Google isn't spilling details.
These are the best screen protectors for the OnePlus 7T
The OnePlus 7T offers a display with a 90Hz refresh rate, and it sure would be a shame if something were to leave permanent scratches and scuffs on that glass. These screen protectors will help protect your display.