Major bug in FaceTime lets you spy on the person you’re calling
“What happens on your iPhone, stays on your iPhone” [unless you use Facetime, it seems]
It’s not been a great few weeks for Apple. Profit targets were missed, a photo contest blew up in their face, and now a huge privacy-related bug in FaceTime has been discovered. This broken functionality lets you call anyone with FaceTime and hear the audio coming from their phone – without the other person having to pick up the call. There’s also a way for the video feed from the other person to be sent.
All you need to do to trigger the bug is call anyone using FaceTime, swipe up from the bottom of the screen and tap “Add Person,” add your own phone number into the call and that’s it. That starts a group FaceTime call with you (twice) and the person you already called, even if the call is still ringing on their end. On your device, the UI will show that they joined the call, but on their phone, it will still be showing the ringing screen.
Oh, you can also receive the video feed
That lets you hear the audio coming from their iPhone, but it gets worse if the person you’re calling hits the Power button from the lock screen. That sends the video feed from the person you’re calling to your device. Again, they’ve still not picked up so none of this should be happening. There are also other ways to trigger the video feed, such as joining the call on a third iPhone from a FaceTime join request link.
— Benji Mobb™ (@BmManski) January 28, 2019
Mac users, this means you, as well
Mac users aren’t unscathed here either, as the same bug can be triggered if you call them. That potentially gives you more time to spy, as FaceTime on a Mac rings for much longer than an iPhone.
The bug was first found by a teenager almost ten days ago. In that time, their parent repeatedly reported the bug to Apple and also to FOX News. Nobody replied, not even to acknowledge receipt of the reports. Apple could do better here at communicating, especially if this bug report should be eligible for a payout from the company’s bug bounty program.
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport…waiting to hear back to provide details. Scary stuff! #apple #bugreport @foxnews
— MGT7 (@MGT7500) January 21, 2019
We must keep fighting for the kind of world we want to live in. On this #DataPrivacyDay let us all insist on action and reform for vital privacy protections. The dangers are real and the consequences are too important.
— Tim Cook (@tim_cook) January 28, 2019
Apple has taken the Group FaceTime server out of commission while it works on a fix, which should come later this week. In the meantime, disable FaceTime on all your Apple devices until you know you’ve gotten the update.
- You can now use Bluetooth controllers with Fortnite on Android and iPhone
- No one asked for it, but Apple may be working on a new iPod
- According to a new report, Apple is working on its own game streaming service
- You may soon be able to send a Facebook Message to Instagram and WhatsApp users
- Bluetooth 5.1 means you’ll know exactly where you misplaced your trackable items