Skip to main content

Apple disables group calling in FaceTime in response to eavesdropping bug

Apple has disabled the group calling feature within its FaceTime calling service while it works on a patch to fix a nasty bug that allows eavesdropping.

Apple’s status page shows that group calling via FaceTime is “temporarily unavailable” — that’s a stop-gap move while the company to deliver a more permanent fix to the problem this week. We were unable to set up a group call when we tried, having earlier been able to do and replicate the issue.

All being well, this fix means that users don’t need to completely disable FaceTime due to the bug, but it is understandable if some people are hesitant to switch it on again.

The vulnerability was unearthed on Monday and it is activated when a user initiates a group call but adds themselves as a participant, as we explained in our earlier post:

The bug relies on what appears to be a nasty logic screwup in FaceTime’s group call system. While we’re opting to not outline the steps here, the bug seems to trick the recipient’s phone into thinking a group call is already ongoing. A few quick taps, and FaceTime immediately trips over itself and inexplicably fires up the recipient’s microphone without them actually accepting the call.

Weirder yet: if the recipient presses the volume down button or the power button to try to silence or dismiss the call, their camera turns on as well. Though the recipient’s phone display continues showing the incoming call screen, their microphone/camera are streaming.

Apple told us and other media that it plans to issue a more permanent solution in the coming days.

“We’re aware of this issue and we have identified a fix that will be released in a software update later this week,” a spokesperson said.

It’s interesting to note that the group calling feature actually took longer than planned to arrive in iOS follow a hiccup. It was added then removed from the beta version of iOS 12 in August while it took time to roll out to all users. The feature was absent when iOS 12 shipped to all in September and, instead, it arrived with the launch of iOS 12.1 in October. Apple never provided a reason for the delay.

The bug is an embarrassing incident for Apple, which has long emphasized its focus on privacy as a business and within its products. That included a recent banner at CES which triumphantly proclaimed: “What happens on your iPhone, stays on your iPhone.”



from Apple – TechCrunch https://tcrn.ch/2Bbmx6i

Comments

Popular posts from this blog

Axeleo Capital raises $51 million fund

Axeleo Capital has raised a $51 million fund (€45 million). Axeleo first started with an accelerator focused on enterprise startups. The firm is now all grown up with an acceleration program and a full-fledged VC fund. The accelerator is now called Axeleo Scale , while the fund is called Axeleo Capital . And it’s important to mention both parts of the business as they work hand in hand. Axeleo picks up around 10 startups per year and help them reach the Series A stage. If they’re doing well over the 12 to 18 months of the program, Axeleo funds those startups using its VC fund. Limited partners behind the company’s first fund include Bpifrance through the French Tech Accélération program, the Auvergne-Rhône-Alpes region, Vinci Energies, Crédit Agricole, BNP Paribas, Caisse d’Épargne Rhône-Alpes as well as various business angels and family offices. The firm is also partnering with Hi Inov, the holding company of the Dentressangle family. Axeleo will take care of the early stage in...

Puls raises $50 million for in-home technical support

A fund affiliated with the Singaporean government has a great interest in making sure that American consumers are getting the tech support they need. Temasek, the multi-billion-dollar investment fund associated with the government in Singapore, has led a $50 million round for  Puls Technologies, Inc. , a San Francisco-based company aiming to be the tech support for American homes and offices. Current investors Sequoia Capital, Red Dot Capital Partners, Samsung NEXT and Viola Ventures all participated in the new financing, alongside additional new investors Hanaco Ventures and Hamilton Lane. Founded only three years ago, Puls pitches a service that can match consumers with the appropriate technician in a little over an hour, any day of the week. The company has built a network of 2,500 technicians in the top 50 cities in the United States, and will provide same-day installation and repair of over 200 products. Some things the company’s technicians can service include smartphon...