Disable access to camera and microphone when closing the app
I think this is technically a bug report, not a question.
We are testing our video-conference platform based on WebRTC. We have noticed a very worrying behavior out of Firefox for Android. After giving permission to access the camera and microphone, the streaming works of course. But after closing the app, it still captures and sends data from the camera! Even after force-closing the app! Even after closing every app! Other computers can still see what the smartphone camera sees. Turn off the display and yup...still recording. To close the streaming session either you go into settings and disable permissions, or you terminate/uninstall the app.
Please find a way to test this and fix it asap.
I've been a hardcore Firefox fan for over 10 years. Likely I'm not affected by this bug (which sounds like an Android security issue more than anything else) since I have an iPhone. But still, Firefox literally advertises its focus on security, it really disappoints me to find out that Firefox on Android practically lets anyone spying on people really easily. Because I'm guessing that any web app can exploit this, maybe request permission to use camera for taking a picture, setting an avatar, or something, and such permission is never revoked.
We experienced this issue on high-end Sony and Huawei smartphones, running Android 6 and 7. We were able to replicate the problem multiple times.
All Replies (3)
I wonder if this is related to the issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1224916
P.S. forgot to mention that Firefox version was the newly installed from the store
This is something like https://bugzilla.mozilla.org/show_bug.cgi?id=1349714 . But I think, that you should create a new bug here => https://bugzilla.mozilla.org/enter_bug.cgi
Okay, thanks. I posted a bug report there as well.TyDraniu said
This is something like https://bugzilla.mozilla.org/show_bug.cgi?id=1349714 . But I think, that you should create a new bug here => https://bugzilla.mozilla.org/enter_bug.cgi
Okay, thanks. I posted a bug report there as well.