Remember “dialers” from the dial-up Internet days? Well, apparently they’re back, this time on your iPhone.
According to a bunch of french iPhone users, some AdMob in-app ad banners, when clicked, are allegedly triggering “background calls” to premium-rate numbers.
Apple, as stated in his SDK, allows native apps to place calls without your confirmation and while this can result in some unpleasant surprises if you’re inattentive or if your kids are playing with your iPhone, there is always the possibility to quickly hang-up.
But the practice is still questionable.
This time however, users across a couple forums are claiming that this would be happening in the background, displaying only the green “call in progress” banner. Similarly to the auto-dial safari exploit that was fixed by Apple last year with iPhone OS 2.2. Here is how it looked like:
This seems to concern mainly french users for now and we don’t really know how legit is the “backgrounding” part of the story. But if this is a new twist of the auto-dial exploit, it might become pretty serious.
I guess we should avoid those banners for now…
Applications cannot place *BACKGROUND* calls. Using the tel: scheme causes the app to quit and the UI to move to the phone application, where the user has the option of hitting End Call.
That’s not what the video demonstration show… does not seems to allow the user to press “end”… could it be a bug in the UI? Or is that phone jailbroken?
That phone demonstrates a security bug in iPhone OS 2.2, since fixed.