Uber Had Secret Access to iOS Screens, Thanks to Apple

Today’s topics include Uber’s removal of screen-viewing access to iOS devices; ZTE’s reported launch of a folding smartphone; Apple updating macOS High Sierra with patches for two critical flaws; and Microsoft unveiling its TechSpark initiative to help tackle skills gaps and digital divide in rural areas.

In an unprecedented move, Apple granted Uber the ability to access iOS devices' frame buffer directly, enabling the ride-hailing company’s app to see what was showing on a rider’s screen. Uber, which in the past has been found to violate customers' privacy or push the bounds of legality, claims it has removed such access to iOS screens.

In an email to eWEEK, Uber spokesperson Melanie Ensign said, “This API has already been removed with an update now available in the App Store. It was only used for a short period of time.”

Apple granted Uber such access because of the Apple Watch’s inability to render maps needed by the Uber app, thus prompting the map to have to be rendered on the iOS device instead. Apple had to give permission for such an action, which is normally restricted for use by Apple itself.

According to a report last week, China’s ZTE will soon unveil a dual-screen Axon Multy handset that will unfold into a 6.8-inch display meeting at a central hinge. The device will feature a Qualcomm Snapdragon 820 processor, 4GB of memory and 32GB of internal storage, and initially will be sold exclusively through AT&T and priced at about $650.

Mobile analysts appear to have mixed opinions about the prospect of a foldable smartphone. "It's interesting for sure, but ZTE … simply doesn't have the brand cachet outside of China that Samsung and Apple do," said Lynette Luna of research firm GlobalData.

However, Dan Olds of Gabriel Consulting Group was more upbeat about the possibility, telling eWEEK: "There isn't a whole lot of differentiation in phones these days, but … in my mind, this is a game changer.”

Less than two weeks after Apple unveiled High Sierra, the company has already released a macOS update to patch two critical vulnerabilities.

One of the flaws could have enabled an attacker to steal passwords from the macOS keychain. "A method existed for applications to bypass the keychain access prompt with a synthetic click," Apple warned in its advisory. "This was addressed by requiring the user password when prompting for keychain access."

The second critical issue that Apple patched was a flaw in the StorageKit library. "If a hint was set in Disk Utility when creating an APFS encrypted volume, the password was stored as the hint," Apple also warned. "This was addressed by clearing hint storage if the hint was the password, and by improving the logic for storing hints."

Microsoft has unveiled a new civic initiative called TechSpark, which will connect remote, non-wired areas, with the goal of enabling those regions to participate more fully in the digital economy.

"Our goal is to learn more about regional challenges and how technology can help better contribute to local economic growth," wrote Microsoft's President and Chief Legal Officer Brad Smith. TechSpark will kick off in Fargo, N.D., followed by northeast Wisconsin, then other regions in Virginia, Texas, Wyoming and Washington state.

Microsoft is also partnering with community colleges and other educational institutions to help adults land jobs that don't necessarily require a four-year degree and to narrow the skills gap affecting many industries. In addition, Microsoft will use its Rural Airband Initiative to bridge the digital divide for 23 million Americans in areas lacking broadband internet connectivity.