This post has been updated here: FaceTime Glitch Update
FaceTime Bug Allows Audio and Video Eavesdropping
This week a major flaw was uncovered in Apple’s FaceTime application. The bug, which was first reported by 9to5Mac, allows callers to hear the audio coming from the numbers they called, without the recipient’s knowledge. Dismissing the phone call by pressing the volume or power buttons will allow the caller to also see the recipient’s video feed.
Since the glitch’s discovery, Apple has disabled FaceTime services for all its users. As they work to fix the glitch, FaceTime will remain unavailable. Apple has said in a statement that a software update would be released ‘later this week”.
Does the Apple FaceTime Glitch Continue to Pose a Threat?
When Apple shut down the FaceTime service, the associated threat went away with it. What some might call a brute-force tactic was, nonetheless, very effective. For those people concerned about their security when FaceTime comes back online, the application can be disabled as follows:
- Click the Gears menu
- Select FaceTime
- From the FaceTime menu, toggle the switch off
How the Apple FaceTime Glitch Works
To activate the bug:
- Start a FaceTime video with a contact
- Before the recipient answers, swipe up and tap Add Person
- Add your own phone number as the additional person
- This will start a group FaceTime call which will include the audio of the recipient, regardless of whether or not they answered the call
- To trigger the video feed, the recipient must hit their Power Button or Volume buttons to dismiss the call
Once the audio and video feeds are triggered, there is no indication to the recipient that they can been seen and heard.
According to Apple, this bug only effects iPhone users running iOS 12.1 or later. Earlier version of iOS do not support group FaceTime.