Facebook fixes iOS 13.2.2 bug that launched users' cameras without authorisation

The Facebook logo displayed on a screen in white text on a blue background

Facebook's iOS app has been the subject of users' anger following reports of it enabling their phone's camera without permission.

According to Guy Rosen, VP of integrity at Facebook, the camera activation is the result of a bug that seems to be affecting iPhone users running the most recent iOS 13.2.2 version. Not everyone perceives it as an accident, though, with one user alleging the findings were evidence of Facebook wanting to "look into people's private lives".

The issue seems to be triggered when users expand multimedia in the app, be it an image or video, and then swipe down to return to the news feed or whatever page they were originally on.

Videos capturing the issue have been tweeted multiple times by different users. One person claimed to have tested the issue on multiple phones running iOS 13.2.2 and received the same results.

In a separate but related issue raised by a software tester on 2 November, a bug in Facebook's iOS app pushed the user automatically into a Facebook/Instagram story UI after returning the phone into portrait orientation from viewing a video in landscape.

The same individual also reported unauthorised audio being played out of Instagram even when the phone was locked.

Rosen replied to one of the numerous tweets saying "thanks for flagging this. This sounds like a bug, we are looking into it".

"We recently discovered our iOS app incorrectly launched in landscape," he added in a follow-up tweet. "In fixing that last week in v246 we inadvertently introduced a bug where the app partially navigates to the camera screen when a photo is tapped. We have no evidence of photos/videos uploaded due to this."

Facebook also said it planned to push a complete fix for the issue on Tuesday, with v247 now being the most up-to-date version.

Despite the quick patch, the news will be unwelcome for the company that has been criticised so heavily for its privacy violations in recent years.

Unconfirmed speculation from users of the Facebook platforms has alleged the apps to be 'listening' to people's conversations and using the data to target them with adverts in social feeds.

"A while ago, me and a couple of mates were talking about Formula 1 because one of them is a huge fan but the other friend and I don't really know much about it. When they got up to grab a drink, I was flicking through Instagram and a sponsored advert came up advertising the upcoming race and Sky Sports deal," one afflicted user told IT Pro. "I found it pretty strange considering I have very little interest in F1 and the advert popped up while I've been talking about it."

It has never been proven, the allegations have lingered for years and have consistently been downplayed by the company. Instagram CEO Adam Mosseri has previously denied these claims, citing "dumb luck" as an explanation.

Panda Security addressed the issue in July, saying the "more likely reason" for these user reports is down to the extensive data mining algorithms used by the company to profile its users. The company added that the only way to avoid these "spooky, invasive ads is to avoid social media altogether".

Connor Jones
Contributor

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.