Apple FaceTime app disabled over eavesdropping bug as Apple promises fix within days
Callers could hear, and in some cases see, recipients before they even answered
Apple has disabled a group calling feature in its FaceTime communications app after it was found to have an eavesdropping bug.
The bug was picked up on Data Privacy Day, of all days, and exploits a flaw introduced in iOS 12.1 and MacOS 10.14.1. It enables a caller to listen-in on whoever they are calling, before they have even picked up the call - if they pick up the call.
While the recipients are alerted to the incoming call, as usual, they have no way of knowing that the caller can hear what they're saying. Furthermore, the bug also transmits video as well if the recipient presses either the power button of the volume-reduction button.
In addition to disabling the Group FaceTime feature, the company has also promised to issue a fix for the bug within days.
The bug was spotted by specialist website 9to5Mac, which pointed out how easy it was to exploit:
- Start a FaceTime Video call with an iPhone contact;
- Whilst the call is dialling, swipe up from the bottom of the screen and tap Add Person;
- Add your own phone number in the Add Person screen;
- You will then start a group FaceTime call including yourself and the audio of the person you originally called, even if they haven't accepted the call yet.
"It will look like in the UI like the other person has joined the group chat, but on their actual device it will still be ringing on the Lock screen," according to 9to5Mac, which reproduced the bug. "As it stands, if your phone is ringing with an incoming FaceTime request, the person on the other end could be listening in," it warned.