Uber Removing Apple-Granted API That Could Have Let it Record a User’s iPhone Screen [Updated] - MacRumors
Skip to Content

Uber Removing Apple-Granted API That Could Have Let it Record a User’s iPhone Screen [Updated]

by

Uber App IconWhen the Apple Watch was first released, Apple gave Uber what's known as an "entitlement" to run a special API to improve performance of the Uber app on the wrist worn device.

That entitlement made headlines today when security researchers told Gizmodo that Uber could have used it to record a user's iPhone screen even with the Uber app just running in the background.

In a statement, Uber said the entitlement was used for an old version of the Apple Watch app and was provided to Uber because the original Apple Watch couldn't render maps.

"It was used for an old version of the Apple Watch app, specifically to run the heavy lifting of rendering maps on your phone & then send the rendering to the Watch app," an Uber spokesperson told Gizmodo, saying that early Apple Watches couldn't handle this process alone. "This dependency was removed with previous improvements to Apple's OS & our app. Therefore, we're removing this API from our iOS codebase."

The entitlement is no longer necessary and Uber is planning to remove it from the iOS codebase, according to both the statement given to Gizmodo and a tweet from Uber head of security and privacy communications Melanie Ensign.

According to security researcher Will Strafach, who first brought attention to the issue, Apple does not often give out entitlements. Strafach said he could find no other apps on the App Store that have the permissions that the Uber app has.

Strafach says there is no evidence that Uber ever misused the entitlement, but it could have been utilized to monitor activity on an iPhone, recording passwords and other personal information. "Essentially it gives you full control over the framebuffer, which contains the colors of each pixel of your screen. So they can potentially draw or record the screen," another security researcher, Luca Todesco, told Gizmodo.

Uber says the app is no longer connected to anything in the company's current codebase, but users will likely be wary anyway as there have been other privacy concerns with the Uber app. There was a feature that allowed riders to be tracked for up to five minutes after a trip, and Apple CEO Tim Cook even went so far as to threaten to remove the app from the App Store after it was found to be secretly recording the UDID of iPhones to identify them even after the Uber app had been deleted.

Update: An Uber spokesperson said that an update released on Friday removed the API.

Tag: Uber

Popular Stories

iOS 26

iOS 26.4 Adds Two New Features to CarPlay

Tuesday March 24, 2026 1:55 pm PDT by
iOS 26.4 was released today, and it includes a couple of new features for CarPlay: an Ambient Music widget and support for voice-based chatbot apps. To update your iPhone 11 or newer to iOS 26.4, open the Settings app and tap on General → Software Update. CarPlay will automatically offer the new features so long as the iPhone connected to your vehicle is running iOS 26.4 or later....
Read Full Article25 comments
Apple Business hero

Apple Unveils 'Apple Business' All-in-One Platform

Tuesday March 24, 2026 8:53 am PDT by
Apple today announced Apple Business, a new all-in-one platform that unifies device management, productivity tools, and customer outreach features. The service is designed to be a consolidated replacement for several of Apple's existing business-focused offerings, including Apple Business Essentials, Apple Business Manager, and Apple Business Connect. It provides organizations with a single...
Read Full Article46 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 3, AirPods Pro 2 and AirPods 4

Tuesday March 24, 2026 12:31 pm PDT by
Apple today released new firmware for the AirPods Pro 2, AirPods Pro 3, and the AirPods 4. The firmware has a version number of 8B39, up from 8B34 on the AirPods Pro 3, 8B28 on the AirPods Pro 2, and 8B21 on the AirPods 4. There is no word on what's included in the firmware, but Apple has a support document with limited notes. Most updates are limited to bug fixes and performance...
Read Full Article82 comments

Top Rated Comments

WannaGoMac Avatar
WannaGoMac
111 months ago
Apple is the one that gave them this capability. I am more upset with Apple than Uber. Was anyone told Uber was recording all actions on the device thanks to Apple?

Yet folks are upset with Uber??? Seems like Apple is in the wrong here...
Score: 45 Votes (Like | Disagree)
Chupa Chupa Avatar
Chupa Chupa
111 months ago
Put down the pitchforks. This is an Apple-granted entitlement.
Well I think the pitchforks need to stay raised -- just pointed at Apple. One of the features Apple uses to sell it's devices is privacy. So how the h* did it not catch this before it gave it out to Uber -- apparently some time ago. Uber has made it's share of sketchy moves but this one is on Apple. It really needs to explain how this won't happen again.
Score: 28 Votes (Like | Disagree)
R
redgreenski
111 months ago
Disappointed with Apple. Uber on the other hand has been long replaced with Lyft.
Score: 25 Votes (Like | Disagree)
JPack Avatar
JPack
111 months ago
Put down the pitchforks. This is an Apple-granted entitlement.
Score: 23 Votes (Like | Disagree)
Z
Z400Racer37
111 months ago
This company is constantly involved in scandal. I don't know why Apple deals with it. They are dishonest, they have no integrity. Ban them.
Score: 23 Votes (Like | Disagree)
zakarhino Avatar
zakarhino
111 months ago
What the f*** Apple? Why are these APIs being enabled for 3rd part devs at all? And Uber of all people, scumbag company with alarming coding practices, not to mention the disgusting history of employee treatment.
Score: 18 Votes (Like | Disagree)
Read All Comments