Mistaken API

ComputingVoIP

iOS 13 privacy feature will force total overhaul for Facebook apps

VoIP services ostensibly stay running in the background so they can connect calls quickly, but they also let those apps collect information about what users are doing on their devices. Restricting the programs that can simply be open at any time on its mobile hardware fits the narrative Apple is crafting about being a trusted place for customer privacy in an increasingly untrustworthy industry.

When they say connect quickly, they mean connect at all.

The background feature is eminently exploitable, it always has been. There are very few circumstances under which an iOS app may do any background processing, VoIP is one of the very privileged examples.

I release a music player on the AppStore, like any music player app, it requests background privileges. I don’t but I could be doing anything while you are playing, mining bitcoin, selling your location and much worse. I don’t! But I could do, Apple does nothing obvious to stop me.

There are loads of features we developers would love to add to apps, that require them to listen on a specific port for incoming connections. VOIP is a classic example. SIP, the non proprietary VoIP protocol, requires that it can listen, to be able to receive calls. VoIP is one of the very few blessed scenarios where iOS developers could request the privileges to run in the background.

If developers like feckbook are exploiting this, it is because the API is inadequate.

Apple developed their backgrounding APIs with too much trust, you can either do nothing or you can do anything.

No app needs to be able to do anything in the background.

Mainline 3rd party messaging apps can handle sending special notifications to their bound app, eg. incoming calls, users will probably benefit from the lack of shenanigans feckwits like feckbook play with their privacy.

Forcing this onto generic VoIP apps will break them.

Apple is the failure point here, their APIs need a way to provide listen, without providing do what the feck you,like.

Pointing the finger at Messenger and WhatsApp is beside the point.