Share
Apple has disabled a group-chat function in FaceTime after users said a software bug could let callers activate another person’s microphone remotely.
With the bug, a FaceTime user calling another iPhone, iPad, or Mac computer could hear audio — even if the receiver did not accept the call. The bug is triggered when callers add themselves to the same call to launch a group chat. That makes FaceTime think the receiver had accepted the chat.
“This is a big hit to their brand,” said Dave Kennedy, CEO of Ohio-based security firm TrustedSec. “There’s been a long period of time people could have used that to eavesdrop. These things definitely should be caught prior to ever being released.”
There is no longer a danger from this particular bug as Apple disabled group chats, while regular, one-on-one FaceTime remains available.
NBC News and The Wall Street Journal reported Tuesday that the family of a 14-year-old high school student in Tucson, Arizona, tried to inform Apple about the bug more than a week before it became widely known to the public. The boy, Grant Thompson, said he discovered it by accident while calling friends to play the game “Fortnite.”
It’s hard to know if anyone exploited the bug maliciously, said Erka Koivunen, chief information security officer for Finnish company F-Secure. He said it would have been hard to use the bug to spy on someone, as the phone would ring first — and it’s easy to identify who called.
Apple Declined to Say When It Learned About the Problem
Apple said Tuesday that a fix will come in a software update later this week. Apple declined to say when it learned about the problem. The company also wouldn’t say if it has logs that could show if anyone took advantage of the bug before it became publicly known this week.
“All bugs are obvious in retrospect,” said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation. “The truth is bugs are subtle, code is complicated and sometimes things get through.”
Galperin said Apple should develop a better process for fielding reports about potential security flaws. She said the 14-year-old’s discovery of the problem “just tells us a lot about reporting security bugs depends on knowing the right person.”
Apple had introduced the 32-person video conferencing feature in October for iPhones, iPads, and Macs. Regular FaceTime calls aren’t affected unless the caller turns it into a group chat.
Word of the bug came as Apple reported that profit for the last three months of 2018 dipped slightly to $20 billion while revenue fell 5 percent from the prior year to $84 billion. Earlier this month, Apple said that demand for iPhones was waning and that its earnings for the final quarter of 2018 would be below its own forecasts — a rare downgrade from the company.
RELATED TOPICS:
Trump Criticizes Judge and His Daughter After Gag Order in Hush-Money Case
11 hours ago
CA Insurance Market ‘in Chaos,’ Says Former Insurance Commissioner. Can Lara Fix It?
12 hours ago
Stock Market Today: S&P 500 Sets a Record After Wall Streets Breaks Out of Its Lull
12 hours ago
House Speaker Mike Johnson Headed to Fresno on April 4
12 hours ago
Bredefeld, Smittcamp Debate the Salary of Valley Children’s CEO
12 hours ago
CA’s Liberal Government Has a Long History of Caving to Special Interests
13 hours ago
Police Had About 90 Seconds to Stop Traffic Before Baltimore Bridge Fell. 6 Workers Are Feared Dead
14 hours ago
NBC Has Cut Ties With Former RNC Head Ronna McDaniel After Employee Objections, Some on the Air
14 hours ago
Here Are Some Numbers That Will Help You Get Your March Madness Fix for the Sweet 16
14 hours ago
Ukrainian Navy Says a Third of Russian Warships in the Black Sea Have Been Destroyed or Disabled