If you care about security you might want to move the iPhone Camera app
blog.jgc.orgI'm at the point where I want a pop-up for every time my phone wants to use location/camera/mic/contacts. Or at least more options to require this for individual system services/apps.
Also, while we are at it, why can't I disable network access entirely for some apps? If I have a game that doesn't need the internet then it doesn't need the internet and I don't want it to have access to the internet, ever. I have been putting my phone in airplane mode just to use some of the apps and not have them phone home. This is a clearly missing (intentionally not added?) privacy feature.
> why can't I disable network access entirely for some apps
Agreed, the only reason we don’t have a streamlined version of Little Snitch (very flexible network monitor) built in to the OS is that it’d destroy billions of revenue for the advertising industry.
> it’d destroy billions of revenue for the advertising industry.
Excellent.
What hidden consequences am I missing? I don’t see a downside.
I spent too much time fortifying devices and blocking their shit from getting in.
> I don’t see a downside.
You don't, Apple does :)
you're missing the fact that OS developers like ads, because they want the OS to be a platform where devs can make money.
I avoid ad supported apps, so if those devs move to companies that I support, it might actually help me?
If it damages the the OS, that’s a problem for me on a Mac/ios but not so much with Ubuntu.
It’s not that long ago that I was paying for OS updates (that seems wild, I had to go and check). If it went back to that and I had no ads, it would be a straight win.
> I'm at the point where I want a pop-up for every time my phone wants to use
I’m in the EU on holiday. It’s amazing how quickly you get used to the damn cookie popup that appears on every single site. Having it for apps wouldn’t seem likely to be more intrusive.
> disable network access entirely for some apps
NetGuard can do this via "local VPN" on GrapheneOS/Android, https://netguard.me/
iOS Lockdown app provides device-wide adblock by destination host, but not per-app outbound rules.
1Blocker lets you run a local VPN for iOS. It's defaulted to in-app trackers. But you can also just bulldoze all of an app's endpoints.
Quite sure it's done in order to speed up the camera app performance and reduce the time to first photo time. The camera module requires some tenths of a second to boot up and it makes sense to start that process at the earliest indication of user's interaction. In this case, a touch-down is a good indication, even if user ends up swiping instead of touch-up. The same thing happens in the lock screen, if you hold your finger on the lock screen and move 1 pixel to the left, the camera module starts up even if you don't finish your swipe to camera gesture.
Wouldn't surprise me either. I know a guy who worked at Apple on iOS perf and the one time he was telling me about it years ago, it was "camera app doesn't start fast enough, so we reworked memory management". Apple really cares about the camera.
I bet this is in the new version 26. That version is so garbage and I regret updating. 95% of the time, when I open the phone, it doesnt unlock my phone with face and I have to enter PIN. Sometimes I cant take photos also. In the browser, when I touch the address field nothing happens and I can go on and on and on. Just leave the shit as is, people. Its like if I have a screwdriver in my workshot and every other month, when I come back to use it, you change some bullshit, so I have to operate it slightly different. Fuck that
Yeah, makes total sense why they'd do it, but in my case it was increasing "alert fatigue" (why is my camera on?) and so I moved it.
While we're talking about silly(?) iOS design decisions, the one I can't get over is allowing users to change lock screen timeout without pin/faceid via Settings > Display & Brightness > Auto-lock. This should really be under Face ID & Passcode or Privacy & Security.
From a phone getting taken from your hand perspective, this is the first thing they will change.
Thank you for sharing this.
I don't have the camera app in my app grid, but sometimes I see the green dot and have no idea what is triggering it. I even disabled the camera permission for all apps and started to turn it on from scratch only for apps I find necessary, but didn't know what was triggering it.
I am not why this logging thingy isn't enabled by default, but I am very happy it's possible to turn it on.
> if you hover your finger over the Camera app icon without actually opening the app, the camera starts operating iOS 18.3, cannot recreate this. If I long-press the icon then yeah obviously it triggers, but just “hovering” does nothing for me. In addition, if I put my finger on the camera app icon and then swipe pages it doesn’t trigger the dot either. Is this a new thing in 26.x?
Edit: actually there is a timing sweet spot on the swiping that I can get to do it, but still nothing with just pure hovering
I couldn’t get it to trigger until I opened the camera app and made sure to switch to the front facing camera before exiting. After doing that I was able to consistently trigger the indicator when swiping across and long-pressing the icon.
EDIT: it also only seems to happen if the camera icon is on one of your Home Screen pages. I haven’t been able to reproduce the behavior when swiping across the icon while in the App Library. Wonder why they decided to do it that way? Do most people keep a camera icon on their Home Screen? That would be baffling to me. Why clutter your Home Screen when you can so easily access the camera from the lock screen or by using the physical camera button on newer iPhones?
> Why clutter your Home Screen when you can so easily access the camera from the lock screen
Half the time since updating to iOS 26 on my 13 mini, if I try to activate the camera from the lock screen the app opens but the camera fails to start and the view just stays black, and then I have to exit and try again. It's quite annoying. This does not happen with the camera app after unlocking the phone.
Mine does this too. I wonder if it’s exclusively an iPhone 13 mini thing because I don’t understand how it shipped.
There are so many bugs in iOS 26 I've personally experienced. I'd believe anything at this point.
I keep opening my phone "favorites" section and it erroneously reports no favorites. They either eventually load after seconds+ or I have to force close to get them to show.
Do you also have the slow-motion bug where every second or so a frame or two gets dropped, resulting in stutters in the video?
Hmm, I don't think so, but I do get the awful indoor lighting flicker when shooting slow-mo at 240fps that completely ruins indoor videos, and it really seems like Apple could just fix that if they cared at all.
I’m pretty sure that’s because the lights are actually flickering. The lights are the issue not the camera.
Rooms with these lights give me migraines. I can always tell when lights in a room are like that, and I use the 240hz slow motion on my phone to double check or figure out which specific lights are the issue.
I hate these lights and I don’t understand why places use them.
> I’m pretty sure that’s because the lights are actually flickering.
I didn't say it wasn't. I said I bet that Apple, the company that can zero-shot high resolution synthetic 3D views from flat photos, could make the flicker not show in the video if they tried so that slow motion videos shot indoors aren't completely ruined by AC flicker.
> I’m pretty sure that’s because the lights are actually flickering
They are, but the camera stack should be detecting and compensating for that - it's pretty easy to detect, since it should be a fixed 50/60Hz depending on geographic location. You typically have to implement this filtering on all manner of light sensors.
It’s not just about matching the frequency but also the phase.
This is easier when your lights are all in phase and also in a single frequency, but you might also have bulbs that are at different frequencies (120 vs 60) or electric hookups that go out of phase.
It’s a very tricky problem to solve and to the best of my knowledge, nobody truly has. Film lights do clever and expensive tricks to match phase but that’s not feasible in a domestic setup.
Um. 240 is a multiple of 60.
iPhone 13 regular here, same problem. I reported it repeatedly during the iOS 26 betas but they don’t give a damn.
In don't understand accessing anything from the lock screen. It's locked, nothing should operate.
It’s a special mode called secure access. You cannot actually access any existing data from it; but taking camera photos is a primary action that people use their phones for. Why wouldn’t you want to accelerate that?
Not to mention with this feature, I don't have to hand an unlocked phone to a stranger if I want a photo taken.
> Why clutter your Home Screen when you can so easily access the camera from the lock screen
Because if using the phone then you need to access the lock screen to use the camera?
That means hitting the power button twice (slowly so you don’t trigger the wallet) and then a long press on the camera.
Alternatively it’s just a swipe and a tap if it’s on the home screen.
I swipe down to see the notifications/lock screen, then right to access the camera.
sure, but with typical one-handed operation you cant reach the top of the screen to swipe down.
Fair enough, but then I can think of an even better place to put the icon: the control center that is a single swipe away from any screen in the OS. This is all moot in newer iPhones tho, as the physical camera button in the lower right is the easiest and fastest way to get to the camera.
Anyhow, this is all just personal preference, of course. Anyone is free to put a camera icon anywhere they please. I just personally can’t stand clutter in my home or lock screens, so I tend to keep the number of apps there to a minimum and access everything else either via Spotlight or Control Center widgets.
Yeah, control centre also works, but that requires using 2 hands to do comfortably.
> Do most people keep a camera icon on their Home Screen? That would be baffling to me.
probably. it is a TikTok world after all. or, pretty sure it's on the home screen by default and no one probably bothers to move it.
Because it's on the homescreen in the default layout and a large number of people don't change their defaults?
No issue making this happen on IOS 26. Camera was lower left icon exactly where I touch go swipe, holding phone in left hand.Put finger down and swiped, green light on. Moved it to the right side.
Non-preloaded apps can't access your camera feed unless they are open in the foreground (zero days aside, but you're probably not interesting enough to burn one on).
I think iOS 26 is also just broken when it comes to the indicator, sometimes I’ve quit the Camera app and I’ve noticed the indicator will stay in use whenever I’m on Springboard. Not sure what they did this year to break it :/
If it's not a bug, then that's an information for you that the Camera is being used by whatever process is going on out there. Maybe if someone chimes in if they have knowledge about the green dot? Is it part of the OS as an app/process or does it have a parallel system independent of apps running?
On iPhone 16+, it uses Secure Exclave, https://9to5mac.com/2024/06/03/m4-ipad-pro-security-feature-...
“Hover” seems to be causing some confusion. It’s more of a “shallow” press. Like the opposite of “pressing into” when 3D Touch was a thing
Yes, maybe hover wasn't the best word.
Wild how a single poor word choice can derail so much of HN's comments into the kind of nit-picking we're seeing here. Thanks for correcting! We'll probably have much better comments here because of it.
Sure, but I didn't express myself clearly enough and HN was a great editor :-)
touch + swipe away to cancel app opening
Wait, iphones now support detection of finger hover? I remember hearing about iOS introducing software support for this, presumably for when the hardware can catch up. But never heard of it actually being implemented.
Of course not. Only tapping. But the camera hardware gets booted up as soon as you tap the icon, without waiting to see if the tap is a swipe, and without waiting for you to lift your finger (which is when other apps would open).
> Of course not
Actually of course yes, every capacitive touchscreen has basic hover capabilities in some form, it’s just a fairly narrow range (a few mm at most) and not exposed as a public API.
I think capacitive touchscreens always did? It was never reliable enough or something. The panels generate scanned strength maps for the whole displays. Values for locations that aren't being touched aren't zeroes.
Yes, but it’s a couple mm at most and not exposed as a public API.
I think this is more of an Apple specific hack to get latency down; boot the cameras up as early as possible.
Can third party apps use this to speed up their use of camera hardware too?
I doubt it - Apple has a bad habit of putting in specific behaviors for certain home screen icons in Springboard (consider the clock and calendar icons) which are tied to the app identity but executed by Springboard.
There's an API in iOS/iPadOS named UIHoverGestureRecognizer, but it only detects hover from cursors and from the Apple Pencil. The Apple Pencil hover is neat and actual "hover" detection in the way you're thinking; it can be detected up to 12mm away from the screen. But right now there's no actual detection for finger hover, even though Apple patented a technique for it almost 10 years ago.
I put all of my apps into category folders at the top row, so I can see my background photo that I really enjoy. Once you do this for long enough, it is jarring to see the chaotic placement of app icons all over the screen on most people's devices.
Also I never use the camera app icon, I swipe left from the lock screen 99% of the time, and the remaining 1% is from things like auth apps opening it to scan QR codes for new accounts, etc.
Launching apps with one tap instead of two is a lot more important to me then the background picture.
This is such ridiculous scaremongering.
If you use your phone and take photos with it, then what difference does it make that it uses the camera when you unlock it? If your phone is compromised, you're already cooked.
Hovering does not do anything. They mean pressing and dragging your finger away from the icon.
If you very gently and shortly press the button, it'll not open the camera app. Confusing to be honest.
I inadvertently trigger the camera all the time, perhaps due to sweaty hands. Thank you.
I think it’s so smart of them to do this to improve UX, which I really care about. You can just tell they had a creative workshop around optimizing camera startup time (which is super important to optimize and one of the many reasons I own an iPhone!).
I’m happy to see them being so open about it in the privacy report. It shows that it’s a real priority for them: It would’ve been easier to hide this as an implementation detail and not have people wonder about it. Another big reason to own an iPhone.
However, it is yet another example of them making full use of owning the platform in ways I assume other players can’t. The Apple camera app will always start faster than others, which is a loss for customization and competition.
Yeah but also if they did make that an API imagine apps abusing it… instagram posts abusing HDR is bad enough as it is lol
>Because hovering a finger on the Camera app icon is enough,
Like others I can't get this replicated either.
And even if I did not sure I'd care. My iphone has so much information on me already an extra 500ms of camera on seems pretty immaterial compared to other risks (like tracker in your pocket 24/7, constantly leaking info to god knows what app's servers etc)
I wasn't clear about what I meant by hovering: you touch the icon but then you move your finger somewhere else so the app never gets opened. I've edited the post to make this clearer.
I think you're missing the point of the post, which I actually also initially missed based on the misleading title. The author isn't saying that the camera app activating the camera and green light is a problem. The author is saying that he's unknowingly activating the camera app by simply touching the app icon, which in turn activates the green light and makes him think something nefarious is going on. However, this is a false positive that can contribute to alert fatigue and cause users to entirely ignore the green light.
You saved me from wiping my phone this morning - thanks. I kept seeing the dot when but the privacy report only said "camera". This gives me a lot of reassurance.
I was under the impression that sophisticated iOS malware like Pegasus can access the camera without turning on the dot. This is certainly possible on MacOS.
Are you sure about this for Macs? My understanding of recentish models is that the power for the camera passes through the light, so it’s impossible to turn on the camera without the light.
It would require a pretty advanced exploit for this.
Which is what Pegasus is/was
That may have been possible and even easy on older hardware but modern Apple hardware makes this way more of a pain in the ass. They have a whole separate hypervisor (SPTM), kernel, and userland running in a higher set of guarded privilege levels from the standard ARM exception levels.
Compromising the camera dot on modern iOS requires compromising SPTM, which is equivalent to a full jailbreak. Most modern iOS spyware doesn't actually go as far as that, it just does enough exploitation to get the data they want.
None of this applies to macOS, which doesn't use SPTM, because the whole point of SPTM is to enforce iOS code signing and lockdown rules.
Beyond hover detection causing the app to preload (TIL that's apparently a thing? Can anyone confirm?), another case I've seen is trying to slide up to unlock but accidentally triggering the lock screen camera for a millisecond or two, which also causes the indicator to linger for a few seconds.
edit: Is this actual "hover without touching screen", which is what I was shocked about, or is this more like "finger passes over the icon while swiping between pages"?
Trying to decide whether I'm taken aback more at the green dot when touching the camera icon during a swipe, or at my own failure to notice it before …
Anyone else find that the iPhone camera app crashes about half the time these days? It's killing me...
Same
Mine works fine.
More annoying is that it's really difficult for me to unlock the phone with the side button without activating Siri. Seems like there's often a lag when waking the phone that causes a long press to be detected even with a short press.
I have noticed it but I am bit split on this: I'd rather have this indicator on every time the camera is activated in anyway rather than Apple making it more "efficient" by hiding whatever activity is happening with the camera.
It's a signal that I eventually got used to and the fact that it makes me alert for even a couple of seconds, I consider that a plus.
When i think about it, I would be absolutely terrified by smartphone cameras. Think laptop accessories that cover the webcam - haven't seen any of those for smartphones. Yet we trust a green dot with all our heart nowadays. Back in the day when cameras started showing up on mobile phones there were even versions of popular business feature phones that lacked the camera (Nokia E51 if i recall correctly), probably triggered by requirements of clients with strict information security standards.
It seems we all learned to stop worrying and love the cameras.
Some industries still require camera-less phones, and there are companies who make them, or more interestingly, modify existing iphones!
Here's one vendor https://noncam.com/
Can't they just sell a case that can be locked and covers the camera holes?
when i go into secure zone at factory, they cover our phone camera lens with a piece of sticker. It was quite trouble some because my phone has 5 camera(S21U). The sticker is similar to the warannty sticker you find on electronic device, so if you try to remove they will know.
But the sticker seem generic, so i bet someone can prepare it before hand if they really want.
Cases can be removed.
And yet if you have your phone on you, you can still record everything that was said…
My wife worked in a facility that didn't allow phone cameras. You had to check it in anytime you went into one of the secure areas or prove you had one of their phones that had the camera disabled if you were important enough to require being contactable. While I'm sure one or more of the thousands of employees managed to leak some valuable info through conversations, pictures would have been worth 1000x as much if not more.
>haven't seen any of those for smartphones
Many phone cases do. Under the idea that you're protecting the camera, but it blocks it none the less.
You trust the green dot with your heart simply because they wired it in series with the camera. Can’t be bypassed unless you opened the device and bypassed the green light. This is why people with webcam covers on macbooks are fools: they fear and yet they do not care to understand what it is they fear to see if it is actually worth fearing.
The "hack" baddies do is to only activate it for 30ms or so, so there's a chance you'll miss the green light.
The API calls to turn on the camera, wait for + grab the first frame, and terminate it, are 1) non timing deterministic and 2) always take more than 30ms so that’s a pretty bad “hack”
Lol it's like calling people taking vaccine is a fool. The indicator light only tell you that you have been compromised, they do not prevent that malware from running at all. And when the light is turned on, the hacker will already have hundreds pictured of you(60 fps is 60 frames per second after all)
An indicator light cannot prevent malicious webcam activation, it can only tell you that you have been owned in retrospect.
The problem is that apparently, often enough that is just not the case.
On laptops, the LED is not powered with the camera, but controlled by it. And on smartphones, if it's a green dot on the display it can obviously be bypassed in different ways given the right vulnerabilities.
Also, aside from that, your condescending attitude is frustrating.
So anyways, here's a somewhat memorable incident of people doing the thing you claim is impossible: https://en.wikipedia.org/wiki/ISeeYou
ISeeYou went well beyond turning off the light, it also came with arbitrary code execution: https://www.usenix.org/conference/usenixsecurity14/technical...
This is only true on Macs
> This is why people with webcam covers on macbooks are fools
So you think it's fine if someone accidentally activates the camera, as long as they know about it?
All it takes is an accidental click on "Video" during a teams call in the bathroom, and you will quickly discover the utility of a cover.
I'd be far more worried about an ability for 3rd parties to record audio at any moment than for them to be able to record video of what's likely my pocket or desk surface at any given moment.
Same concern of many I have with laptops and theoretical webcam recording. Theres far worse things they could be stealthily doing.
Phone camera covers have been available for years.
There are so many things that would have to go wrong for a third party app to surreptitiously activate your camera and pick up images in the background on iOS, this is tin foil hat level concern.
It’s also hilarious how many people worry about covering up their camera on the laptop not thinking that the microphone can pick up much more information in the surrounding area - again worrying about the wrong thing.
Also see, not using biometric security because in the US, police can’t legally make you give up your password - even though police are not above rubber hose decryption, judges hold people in contempt indefinitely and iPhone and Android phones are laughable insecure after first unlock after rebooting your phone.
>It’s also hilarious how many people worry about covering up their camera on the laptop not thinking that the microphone can pick up much more information in the surrounding area - again worrying about the wrong thing.
Or they worry about the right thing, its just not what you worry about.
You ever see The Accountant? That scene where he goes home and ups the stimulation to 13/10? I live my life in that world. Good luck getting any useful intel from my phone's microphone.
The absolute best phone-camera-wise was the SNAFU in the past where every access to the camera would turn the green light on... Except for one obscure company that happened to have a free pass. I don't remember the details and won't bother to check but it went a bit like this: "Jack's Petrolhead Garage is the only company in the world that can turn the phone's camera on WITHOUT the green light turning on". Some people eventually found out about this and it made headlines.
Then of course the damage control started --and those always turning a blind eye to the state's wrongdoings are surely going to still damage control this--: "oh but Jack is the nephew of the cousin of that engineer at this company and historically they helped us write one of the first app using the camera".
Or whatever bullshit nonsense explanation they came up with.
If you ask me: Jack's Petrolhead Garage (name I made up) was a NSA front and you can shove your excuses where the light doesn't shine.
You got a source? Because th green light isn’t controlled by software. The LED is directly wired to the camera power. You cannot use the camera without the little green light turning on.
There’s no LED on iPhone
Are saying it isn’t an LED or that there isn’t a light?
My 16 has a light for camera and anther for mic. No idea if it’s an LED.
You should probably find a link to this.