A glitch in Apple's FaceTime app let users hear the other person — and in some cases, see video — even if the recipient never accepted the call. The bug was widely reported late Monday, and confirmed by several technology reporters. Until it can offer a permanent fix, Apple says it has simply disabled group FaceTime calls altogether.
It's an unusual misstep for a company that prides itself on its strong privacy safeguards. And it comes in an environment of heightened scrutiny over privacy protections, as a new Congress considers whether to impose stronger regulations on technology companies like Facebook that are often accused of violating users' privacy.
The FaceTime glitch was first noticed by trade publication 9to5Mac, which wrote that the bug, which was "spreading virally over social media," lets you "immediately hear the audio coming from their phone." The publication listed a detailed succession of steps needed to reproduce the glitch, which involved starting a FaceTime video call with an iPhone contact and then immediately adding your own phone number to the call. This would trick the phone into starting a group FaceTime call and activate the other person's audio. If the recipient hit the power or volume button, the phone would broadcast video as well, the Verge reported.
Now you can answer for yourself on FaceTime even if they don’t answer🤒#Apple explain this.. pic.twitter.com/gr8llRKZxJ
— DEAD FRIENDS™ (@DeadFriendsCHI) January 28, 2019
"The damage potential here is real," 9to5Mac wrote. "You can listen in to soundbites of any iPhone user's ongoing conversation without them ever knowing that you could hear them. Until Apple fixes the bug, it's not clear how to defend yourself against this attack either aside from disabling FaceTime altogether."
The bug only worked on devices that had upgraded to iOS 12.1, which introduced group video calling. In a statement provided to USA Today and other media outlets, Apple says that it is "aware of this issue and we have identified a fix that will be released in a software update later this week." Last night, the company said it temporarily disabledall group FaceTime functionality.
New York Governor Andrew Cuomo urged New Yorkers to turn off FaceTime until the problem was fixed. "The FaceTime bug is an egregious breach of privacy," Cuomo said in a statement, the New York Post reported. "I am deeply concerned by this irresponsible bug that can be exploited for unscrupulous purposes."
It's not clear how long the vulnerability was present. Group FaceTime was introduced on Oct. 30, and according to the Verge, the flaw "could have been exploited for as long as three months."
The glitch could panic investors who have already been on alert since Apple said it was lowering revenue expectationsthis quarter, citing lower demand for iPhones and unexpected difficulties in the Chinese market. Apple's 2018 fourth quarter earnings call is scheduled for later today.
Copyright 2021 NPR. To see more, visit https://www.npr.org.
