Uber, Apple and You--How Uber is Getting Special Access on iPhone


(Brandon Bhangoo) #1

It was the last Tuesday in February 2018 when Uber successfully updated their iOS app. The update included a patch that released the Maps and Siri integration that have been removed for some unknown reason in one of Uber's monthly updates in January. It seems that the issue was with Uber and not Apple.

image

Here are screenshots of Uber version 3.284.10001 which reintegrates Apple Maps extensions and Siri voice control that were lost in January 2018.

For a few weeks users were unable to activate their ride booking extension in the Uber iOS version, and that meant that the service was not available while using Apple maps for navigation. The other issue was with Siri activation, anyone using Siri when trying to book a ride would receive the following error message: "I wish I could, but Uber hasn't set that up with me yet."

This particular issue was reviewed by Uber and Apple technicians and the result was found in the Uber app code. So, Uber developers had to decode and recode as soon as possible. Why is this so important to point out?Well its due to a forgotten story of the Apple iPhone iOS feature called" entitlement." This feature is part of the iOS code and is found on every iPhone and iOS mobile device. "Entitlement" is the function that gives Apple access to every iOS mobile device and reads the devices information. _ _

Why is this important to Uber?

It's important because Uber is the only third-party company in the entire world that has access to this feature as part of an agreement between Apple and Uber when Uber wanted access to their app due to technological reasons back in 2015, when the earlier versions of Apple Watch could not handle the advanced features of the Uber map.

Every Apple iOS device has an interface within its code that uses integration software with names starting with "com.apple.private," These bits of code are so sensitive that Apple will ban a third party app that integrates them into their code. When you check out Uber's app, you find the following bit of code embedded into it; "com.apple.private.allow-explicit-graphics-priority."

Why is this particular code so sensitive?

Because it enables Uber to capture iOS screens no matter what app is running at the time. So basically, a driver or a customer of Uber who have installed the Uber app on their iOS mobile device, Uber can record any screen, including and not only bank accounts, messaging, credit cards and, well, anything and everything that is on the screen at the time of the capture.

While Apple did give Uber permission when the Apple Watch could not handle the map, it seems rather peculiar that after so many issues with Uber, including the famous 2016 hack and the current Waymo case, you would think that Apple would have demanded, or Khosrowshahi, would have removed the code from the Uber app. This also comes after Apple invited previous CEO Travis Kalanick to a dressing-down at Apple HQ, when they found out that he was using the Apple code to track users illegally. This was a few weeks before the Apple Watch was introduced, and where Uber was an integral part of the Apple Watch launch.

Bottom Line

The code could still be embedded in the app, or it could have been taken out. I don't know, whatever the situation, the fact that we have such an upgrade to Apple Maps and Siri raises the question, does Uber still have the Apple entitlement code in its app?


(Andrew Martin) #2

I am not worried about Uber tracing me, go ahead, after all Google is the front for the CIA and the Secret Service, so what if we have an Uber conspiracy theory too. So long as the map works, Siri works and I don’t get abducted by aliens with an anal fetish I’l be all right.


(Steve Mann) #3

I knew I should have worn my aluminum foil hat!