SUMMARY
Apple will update iOS to restrict Facebook Messenger, WhatsApp and other apps from making internet voice calls in the background
Messaging and calling apps can collect data in the background, while a voice call is active
WhatsApp fixed a major microphone bug in relation to voice calls in May1
To protect the privacy of its users and keep major apps from accessing microphone data in the background, Apple has announced that it would be rolling out an update to mobile operating system iOS to restrict apps such as Facebook’s Messenger, WhatsApp and other communication apps from making voice calls over the internet in the background.
According to a report in The Information, apps are able to run calls in the background when using an iPhone even when the app has not been opened. This means such messaging and calling apps can be used at a faster pace, but it also lets them collect data in the background, without the user being aware of such an activity, while a voice call is active and running.
Apple will restrict the background access for apps while users are connected to internet calls. Apple’s move is likely to have repercussions on both Messenger and WhatsApp, however, whether it affects Telegram, Skype and other platforms is as yet unknown. It is likely to have a major impact on the development of WhatsApp, which uses internet calling for voice and video calls, which it claims are end-to-end encrypted.
However, this is not the first security weakpoint found in WhatsApp’s internet-based calls. In May, it fixed a massive data vulnerability that left its over 1.5 Bn users at risk from malicious spyware. The data vulnerability which could have led to breaches and unauthorised malware installation has seemingly been present on WhatsApp for a number of years. The company reported having 400 Mn users in India last month,
The voice call vulnerability allowed attackers to inject spyware on phones with WhatsApp by using the app’s voice call function. The attack allowed hackers to surreptitiously install apps in the background during a voice call. The spyware was developed by Israeli cyber surveillance company NSO Group. However, in a statement, NSO said its technology is licensed to authorised government agencies “for the sole purpose of fighting crime and terror”. The company added that it does not operate the system itself and also has a rigorous licensing and vetting process.
