Apple users have pointed out a bug on Facetime that allowed callers to eavesdrop on the person they were calling even if the recipient didn’t pick up, just like an "instant wiretap".
The flaw was first highlighted by a Twitter user last week who said their teenage son stumbled across “a major security flaw” that allows users to “listen in to your iPhone/iPad without your approval.”
9to5Mac, who were among the first to report on the glitch this week, said the bug could be found on any iPhone or iPad running iOS 12.1 or later. Apple, the developers of the video-telephoning app, have acknowledged the problem and stated they will fix it with software updated “later this week”.
In the meantime, Apple has temporarily made the Group FaceTime unavailable, in an attempt to solve the problem. As you can see on Apple’s System Status, all of their apps are up and running, except for Facetime that is experiencing an “Issue”.
Since you are no doubt curious how it all worked, here’s how people were able to play around with the bug before Apple took Group Facetime offline. First, the user would ring a contact with a Facetime Video call. While it was dialing, users could swipe up and select “Add Person”. If they typed in their own phone number, it would start a group where, somehow, users were able to hear the audio coming from a contact’s microphone, even if they didn't pick up the call.
Although the problem appears to be under control, for now, social media has been having a field day with the news.
Even the New York governor Andrew Cuomo came out with a statement advising New Yorkers "to disable their FaceTime app until a fix is made available," according to BBC News. He added: "In New York, we take consumer rights very seriously and I am deeply concerned by this irresponsible bug that can be exploited for unscrupulous purposes."
The bug couldn't come at a worse time for Apple. First of all, it was reported just a day before Apple released their first-quarter earnings.
Just to rub salt into the wound, the bug was reported in the media on Monday, January 28 (International Data Privacy Day), after a year when tech giants have come under a lot of heat about privacy and personal data.
Hours before news about the bug broke, Apple’s CEO Tim Cook tweeted about fighting for “vital privacy protections”. Apple has previously tried to maintain an image of being reliable when it comes to data security, especially after many of their business rivals were accused of democracy-shaking data breaches.