APPLE MIGHT BE HOT FOR PRIVACY, but a newly-uncovered FaceTime bug allowed anyone to call an iPhone or Mac and listen in before the other person picks up.
The bug, spotted by 9to5Mac on, er, Data Privacy Day, works by exploiting a bug with Apple's Group FaceTime feature, first introduced in iOS 12.1 and macOS Mojave 10.14.1.
If you make a FaceTime call from an iPhone running iOS 12.1 or later, then swipe up on the screen to add your own number to the call before the other party picks up, you can hear all the audio from the other phone even if the other person never answers.
Though the bug still alerts the recipient to the call, that person has no way of knowing that the caller can hear what they're saying.
It gets worse, though, as the glitch also unwittingly transmits video if the recipient of the call presses the power or the volume-down button - an action that is typically used to silence or ignore an incoming call.
In a statement, Apple said it's "aware of this issue and we have identified a fix that will be released in a software update later this week."
Until then, however, Apple's system status page shows that Group FaceTime is "temporarily unavailable." With Apple turning off access to the feature, that should prevent anyone from exploiting the bug until it can roll out a proper fix.
The bug, which was ironically uncovered on Data Privacy Day, has drawn a lot of attention. Twitter CEO Jack Dorsey has called on iDevice users to "disable FaceTime for now until Apple fixes", and, er, New York Governor Andrew Cuomo has slammed the bug as an "egregious breach of privacy that puts New Yorkers at risk.
"In New York, we take consumer rights very seriously and I am deeply concerned by this irresponsible bug that can be exploited for unscrupulous purposes," Cuomo warned. µ
It's the week in Google news
Erik Estrada wouldn't have stood for this
Hacks in support of WikiLeaks founder target gov websites