Firefox Android: Camera remains active even when the phone is locked

For a user to be affected by this they woul need to:<p>* They would need to visit a website using webrtc<p>* Grant Firefox the Android camera&#x2F;microphone permissions<p>* They would then be prompted to allow the website access to the camera and microphone<p>* For this to be a persistent problem the user would need to check a box that says &quot;Remember my decision for this site&quot; this is unchecked by default in the above dialog<p>As comments here and in the bug there are cases where leaving the camera active is useful so this is not as cut and dry as the title leads you to believe.

Only somewhat related but I have a phone where the front camera mechanically pops up when it&#x27;s used. I&#x27;ve noticed that by default, when I visit many websites, without notification the camera pops up and down quickly. After every Firefox update, I have to go into android settings and deny camera permissions. I&#x27;ve just assumed a page attempts to access the camera via JS but I&#x27;m not sure, it could also just be a bug in FF.

Since Covid19 I&#x27;ve been using Jitsi a lot. I gave the same &quot;chatroom&quot; to my parents and parents in law, as a way to speak to the kids. Then at some point I&#x27;m getting a message from my father saying they can hear my parents in law speak from their living room in our Jitsi room. It turns out the app does not hang up when moving to another app. So they probably spend a couple of days streaming... No idea if others visited the room, it has a rather unique but not very long name and no password... I know one should hang up, but, keeping a video+audio stream alive in the background should also lead to some warning imho. Btw, this was the iPad Jitsi app keeping the connection alive, not the website.

This <i>could</i> be desirable behavior in some circumstances, e.g. recording video where someone might seize the device and try to stop the recording, or snoop through the device while it&#x27;s unlocked.

Seems not a bug: you may want this behavior, and the proper way to stop recording is to close the website or the app, not locking your phone.

I wish there was a hardwired led indicator, one for mic and one for camera.<p>When not in use neither the mic nor the camera would get power and the leds tied to the same power connection. If they&#x27;re on, you know they&#x27;re on.<p>Yeah for &quot;ok google&quot; or whatever service it would be on all the time, but you&#x27;d know.<p>A physical switch to cut power would be nice too.<p>I know there are likely some software complications such as checking &#x27;hey does the camera work &#x2F; is it there&#x27; but maybe that&#x27;s more of a symptom of a problem.

Please keep this as an _option_. The current lack of having background video streaming prevents me from using my old androids as dashboard AND a network camera, even though they have the capacity to be both.

This is the behavior I expect and desire from my phone. Locking the screen should not suddenly end my video call. To end my video call, I should press the &#x27;end call&#x27; button. I can think of scenarios where I would want my phone to record without showing any notice at all (some people have mentioned law enforcement interactions, I think this is a good example of such a situation).

This could (maybe even should) be handled by Android permissions itself e.g allow app to be access camera when screen is off or locked. But this has been inactive mostly inactive for a year, which shows where priorities lie.

Doesn&#x27;t Android require the camera permissions in order to use the microphone? I mean, it makes sense to keep a webrtc connection alive even if you lock the screen (if you&#x27;re on a voip ball for example)

This is why I still use [bouncer] despite the fact that it&#x27;s roughly been replaced by Android&#x27;s new only-while-app-is-running style permission.<p>I have great* confidence the camera is off when, after hitting the home key, I actually see the permissions for the app switch off.<p>[bouncer]: <a href="https:&#x2F;&#x2F;play.google.com&#x2F;store&#x2F;apps&#x2F;details?id=com.samruston.permission&amp;hl=en_US" rel="nofollow">https:&#x2F;&#x2F;play.google.com&#x2F;store&#x2F;apps&#x2F;details?id=com.samruston....</a>

Also, Firefox for Android has Google AdMob integration and uses firebase as a hosting service for some scripts.<p>I lately started to use Appwarden [1] to check some apps, and I&#x27;m amazed how messed up the App ecosystem is in terms of advertising trackers and abusive CDNs - even if you use only AOSP builds, no gapps, and only f-droid, you can get compromised very easily.<p>[1] <a href="https:&#x2F;&#x2F;gitlab.com&#x2F;AuroraOSS&#x2F;AppWarden" rel="nofollow">https:&#x2F;&#x2F;gitlab.com&#x2F;AuroraOSS&#x2F;AppWarden</a>

&#x2F;Offtopic<p>I remember that at some point it was possible to open a Youtube video in Firefox for Android, lock the screen, and it kept on playing. It was great for some podcast-like &#x2F; talking channels.<p>Then either Firefox changed or Youtube cracked down on this.

Ok, but why is this up to the browser? If it was any other app, how can users be protected? Shouldn&#x27;t this be enforced by the hardware ideally?

Interesting, but why is this possible in the first place on Android?

Meh.. If I was in a video chat and my phone locked i wouldnt want it to get discconected

wow that is really bad, I am increasingly loosing fate in Firefox and I have been using it since v1.0

It is only a year old. I mean how high of a priority can it be to not send your camera when your phone is locked or when you send the app to the background?