Apple Users May Lose Face With New FaceTime Bug

February 26, 2019

Apple users are targeted again. An unpleasant bug was reported by 9to5Mac that may allow someone calling on FaceTime to hear conversations and even see video with the call recipient not even realizing it’s happening. It affects those with any iPhone running on versions 12.1 and above and even on MacOS running Mojave. There is something you can do in the short term, until Apple gets a fix out, but it will not be a permanent solution for anyone who uses FaceTime.

How to disable FaceTime on an Apple device:

  1. Open Settings on your iPhone or iPad
  2. Scroll down and select FaceTime
  3. Toggle off the green button at the top of the screen.

How to disable FaceTime on a Mac:

  1. Open the FaceTime app
  2. Go to FaceTime on top of the screen
  3. Select "Turn FaceTime Off."

This bug affects the Group FaceTime functionality that was added with version 12.1 on the iPhone and with Mojave. That allows multiple participants to video chat together. All someone has to do to eavesdrop is start a FaceTime video call and while the call is dialing, swipe up from the bottom of the screen, tap to add someone and enter the caller’s own phone number. Even if the recipient hasn’t accepted the call, the caller can hear or see what’s happening on the other end.

Adding insult to injury, the recipient won’t even know what’s going on. There is no indicator that the call is connected in any way. In addition, if the caller presses the power button from the lock screen on the phone, video may be sent to the caller. On the Mac, the eavesdropping can even last longer because calls on the Mac ring longer by default. 9To5Mac did mention there are other was this bug can be exploited, but didn’t describe them. So, just disable FaceTime for the time being. Apple has also said it disabled the Group FaceTime functionality as well. However, better to do it yourself just to be on the safe side.

Make sure to update your devices as soon as the fix for this is released. Apple has “promised” this would be by the end of the week.


SOURCE: https://www.stickleyonsecurity...