[mgamache]

Wondering what the legitimate use for this was?

[jsiepkes]

From the article: “Apple gave us this permission years because Apple Watch couldn’t handle our maps rendering. It’s not connected to anything in our current codebase,” Uber’s spokesperson explained.

[matthewarkin]

The article states they were rendering maps screens on the phone and shipping the screenshot to the watch to handle performance issues with the watch.

[deathanatos]

I don't buy this explanation. You need to full control over the screen's framebuffer to render an image?

Even if your architecture is so hosed that you are screencap'ing the actual screen to get an image to ship over a network connection … multiple people thought that tradeoff with security was worth it?

[eridius]

> You need to full control over the screen's framebuffer to render an image?

No, but you do need the ability to render in the background, and apps aren't allowed to do any GPU-based rendering in the background (you can't touch an OpenGL context, and while I haven't actually confirmed this I assume you can't touch a Metal one either). This entitlement probably let them skip that restriction to do fast rendering in the background.

[willstrafach]

I do wonder why they execlusively got it, and others (who must have had similar rendering issues) did not.

[eridius]

Presumably because they were a headlining launch app for the Apple Watch and were in the keynote.

[jsjohnst]

Wasn’t Lyft also showcased at that event?

[jsjohnst]

Also, how do they still have it if it’s not needed? First cardinal rule of elevated privileges is to immediately give them up when no longer used.

[tqkxzugoaupvwqr]

Apple Watch Series 0 is possibly still not capable of rendering maps quickly and has to rely on a companion device. I guess Apple would have to leave this entitlement for Uber until the Watch Series 0 reached end of life five years after last selling them. Which would be quite the security risk.