Best Top Reviews Online

Apple Takes Dramatic Steps to Address a Serious FaceTime Bug

Group FaceTime chats allowed people to eavesdrop on whoever they called, a bug so severe that Apple disabled the feature until it could fix it.

IT’S OFTEN DIFFICULT TO DETERMINE HOW SERIOUSLY TO TAKE NEW VULNERABILITY REPORTS. The jargon is incomprehensible, and the skills required to carry out the attacks are only possessed by highly skilled professionals. However, there is no ambiguity in a bug affecting Apple’s FaceTime chat. How bad is it? Rather than risk exposing people to it, Apple disabled FaceTime group chats entirely.

Unlike other high-profile gaffes, what makes this bug so concerning isn’t the breadth of information that could be obtained by exploiting it. It does not grant hackers access to your emails or banking details. Instead, it allows a FaceTime caller to hear what’s going on at the other end of the line before the recipient answers the phone. They could also trigger a video feed with a few extra steps.

A 14-year-old in Arizona discovered the vulnerability when he discovered he could eavesdrop on his friends when setting up a chat for a round of Fortnite. He informed his mother, who notified Apple on January 20 and received no response to various inquiries for more than a week.

The exploit was also relatively easy to execute. To activate the illicit audio, someone simply started a normal FaceTime call, then quickly added their number as a third person in a group chat. If the person you were calling pressed the power button from their iOS lock screen, both video and audio would have been transmitted. The bug was discovered by Apple-focused news site 9to5Mac on Monday.

The implications are obvious. While it is not the type of high-wire attack that a nation-state would attempt to steal intel secrets, it has serious personal consequences. Even eavesdropping for a few seconds on an unguarded moment, especially when the target is deciding whether to pick up your call, is an unacceptable invasion of privacy.

“We’re aware of the problem, and we’ve identified a solution that will be released in a software update later this week,” Apple said in a statement.

Rather than waiting for that fix, as is customary, Apple took the extra step of shutting down group FaceTime chats entirely in the meantime. It appears to be the first time the company has taken such drastic measures to address a software problem. The combination of high stakes and low barriers appears to have made it unprofitable.

In 2017, Apple had a rough year of security blunders, including a macOS High Sierra bug that allowed anyone to gain root access to a Mac by simply entering the password “root.” Apple, on the other hand, regrouped last year, focusing on stability improvements rather than flashy new features, a gamble that appears to have paid off.

Group FaceTime chats, which were introduced last year as well, have not gone as well. Last fall, security researcher Jose Rodriguez exploited a flaw in the new function to bypass the iOS lock screen and view an individual’s entire address book. The two issues appear unrelated, but they highlight Apple’s ongoing need to rigorously vet new software releases.

“We haven’t had the time to dig in and reverse-engineer the root cause of this bug yet, but there is no specific or special reason this would occur,” says Will Strafach, president of Sudo Security Group and an iOS security researcher. “It appears to be an unfortunate chain of bad programming logic coded into the process for handling group FaceTime.”

What is the most important thing you can do right now? Nothing because Apple has already canceled the issue. However, install that software update as soon as it becomes available, whenever that may be. There are other group chat apps to tide you over in the meantime. Take this whole ordeal as a not-so-gentle reminder that your smartphone has a microphone and a camera, as does your computer, and it’s probably not a good idea to trust all of them implicitly.

Lauren Goode contributed reporting.

Will Strafach’s comment has been added to this story.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.