Apple, champion of ‘privacy,’ utterly blows it with massively stupid FaceTime bug

“A significant bug has been discovered in FaceTime and is currently spreading virally over social media,” Benjamin Mayo reports for 9to5Mac. “The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call.”

“There is no indication on the recipient’s side that you could hear any of their audio,” Mayo reports. “There’s a second part to this which can expose video too.”

“The damage potential here is real. You can listen in to soundbites of any iPhone user’s ongoing conversation without them ever knowing that you could hear them,” Mayo reports. “As it stands, if your phone is ringing with an incoming FaceTime request, the person on the other end could be listening in. What we have also found is that if the person presses the Power button from the Lock screen, their video is also sent to the caller — unbeknownst to them.”

Read more in the full article here.

MacDailyNews Take: Tim Cook’s Apple is too often slipshod and we’ve been warning about it for four long years.

SEE ALSO:
Apple was alerted about FaceTime eavesdropping bug days ago, did nothing – January 29, 2019
Apple to patch audio bug in FaceTime that allows users to hear audio and see video from users who have not yet accepted a call – January 29, 2019
Apple CEO Cook calls for U.S. Congress to pass comprehensive federal privacy legislation in TIME op-ed – January 17, 2019
Apple CEO Cook promotes privacy as ‘fundamental human right’ via tweetstorm; asks ‘What kind of world do we want to live in?’ – October 24, 2018
Open letter to Tim Cook: Apple needs to do better – January 5, 2015

34 Comments

      1. Second time in three days a DISHONEST POS, most likely banned Citizen X, has falsified a screen name that does not REPRESENT THEM.

        Consider yourself reported, low-life…

  1. Apple should block 3rd party calls immediately until they fix this bug.
    At least someone has to plan the listening in since you need to dial yourself as the 3rd party. No one is going to accidentally listening in on the person they are calling.

  2. Facetime: “It Just Works – even when you don’t want it to.”

    Tim Cook continues to do long term damage to Apple’s reputation and once previously loyal customers are now angry and dismayed and are leaving. It’s a LOT harder to win them back than having done your job to keep them in the first place. It’s unfathomable shameful neglect and incompetence.

    As a very longtime Apple loyalist I shake my head in dismay over too many Cook led screw-ups. Cook’s appointment as CEO is further proof not every Steve Jobs decision was a good one. Cook is more effective in the background and out of sight.

        1. Third time in three days a DISHONEST POS, most likely banned Citizen X, has falsified a screen name that does not REPRESENT THEM.

          Consider yourself reported, low-life…

    1. Calling on yo-Jim. If this doesn’t give credence to the fact there are fundamental issues at Apple, then what does? No, the people that point out this with vigor and the other failings, aren’t ranting irrationally. I know you like your Apple Watch, iPad and all, but the leader of this company, ever since he assumed the reigns, has dropped big balls, small balls and balls like this, which are part of what he think differentiates Apple from the rest. Security. Slipshod. Shame.

  3. Is it permanent? You make it sound like end-of-world stuff. Would a temporary solution be to not make conference FaceTime calls until repairs are finished? Like…a day?

    1. Whoa there! It’s time to panic and lament ONLY! Disregard the fact that (I believe) this affects only GROUP Facetime, a new feature that few people probably use anyways.

  4. While I agree (w/MDN) that Tim Cook is no Jobs (Ron Johnson would likely have been much better), lets get some perspective about this exploit… I replicated the “bug”, it works only when the phone is ringing so its difficult to hear (over the ringtone) (can only work -if- it’s ringing, so it won’t work on a silenced phone) and it takes at least a few seconds to set up (from the callers end) So… you can -possibly- get a couple seconds of eavesdropping, while their phone is ringing. In addition, typically, user behavior is to either answer a face time notification or refuse it (or mute it, any of those will “stop” the exploit)
    It is a serious bug, no question. But the sky isn’t falling.
    (and for all you google sycophants, there are dozens (possibly more) of un-patched security flaws & exploits in android -right now- that are far more serious)

    1. Stop rationalizing. Stop excusing.

      No, it’s not “the end of the world.” But, put it in context to Apple’s security and privacy image and claims. “Only” a few seconds of eves-dropping possible because of this bug! Unbelievable dismissal! Using Google’s sieve-nature should never be a reference to explain away Apple’s failings.

      “Only a day to fix the bug”. This is not just any software bug. This bug is related to Apple’s vaulted paean of security.

      Excellence is the reference, not Google, nor any other company’s failings. Repeatedly rationalizing errors and deficiencies only breeds more of the same because the thinking paves the way for more. It’s a bar-lowering mindset.

      Stop it Apple fans. Please.

      1. Oh puh-lease, Its not rationalization it’s simple common sense. Current smart phones are stunningly complex software systems, (Im guessing into the millions of lines of code) that all of that code will be perfect is not rational.
        However I will say the iPhone is pretty good (security, bug and exploit wise) particularly compared to what else is available.

    2. I agree with Tesselator. In context it is really much ado about nothing. It is fixable and is being fixed. Is it a barometer of how quality control at Apple is going into the toilet? Debatable.

      First world problems!!!

  5. I really tire of the constant hyperbole over some bug that is not readily or easily spottable, gets tripped over by someone and is probably easily fixable in an update.

    No one probably tried to exploited it until a bunch of blogs and news articles make it seem like its the end pf the world that someone might have seen a FaceTime conversation they shouldn’t have, which probably hasn’t happened either…

    and the constant useless blather by MDN, who probably couldn’t find a real bug in software if it slapped them upside the head…

  6. The sky is falling, the sky is falling!!!!!

    You hicks are hilarious. It looks bad from a PR point of view but lacks any practical purpose. They seem to gloss over that point in the bleeding headlines.

      1. Tim Qock has two shiny baubles dangling in between his 11th finger that are the cause of all the problems. Fire Tim Qock NOW! We don’t need his testosterone qocking up the company any more. Time to Make Apple Great Again by silencing the rooster that is Tim Qock!

        1. Fourth time in three days a DISHONEST POS, now I KNOW it is banned Citizen X, has falsified a screen name that does not REPRESENT HIM. You are drunk or high on this one. You got the screen name screwed up.

          Consider yourself reported, low-life…

  7. crazy how everyone is freaking out… relax… so your mom heard you say “don’t answer it”.. chances are she didn’t even know what was going on.

    show me ONE piece of sw that has never had a bug or one object that isn’t flawed. Maybe diamond?

    shit, even the David has some flaws – but the world isn’t fucking off its rocker because of it.

    get a grip people, stop acting like you’re the only one who’s shit doesn’t stink and grow up…

  8. The fact that the bug happened tells me that the app (aka program) is designed/structured and built in such a way that one can eavesdrop. Call this the hidden back door if you will. Then code added to block this from happening. Why couldn’t the program be written that you turn the microphone on only when the call is answered? For a company that hypes privacy issues, it sounds somewhat hypocritical if you design your product where privacy concerns are totally ignored and then just an “added feature” that can be easily defeated either on purpose or accidentally.

    1. And who are you, beken, BTW … Please provide us your credentials that would show us you are an expert in the coding field and that we should listen to you and your theories … Add Fesarius and Ronner to this list too, let’s see everyones credentials that prove they know better than Apple about security and programming … I’ve never heard of the lot of you and I can imagine why …

      1. It’s me, Brad – GoeBeken.

        Actually all the GoeB’s here are fake GoeBs, the real GoeB might still be an ass but he’s actually right on most things.

        Still, to his critics, gullibility often exacts brainlessness, so go, be – the answer to the eternal question is answered!

      2. Let’s just say I work in the IT field.
        My first Apple computer was an Apple ][+ fitted with a second CPU (Z80) to run concurrently with the original 6502 CPU.
        I have an outdated degree in computer sciences. Professionally, I have designed large data business systems in the telecom field, then the engineering field, then transportation and currently cloud based financial transaction systems. I would hardly consider myself an expert at anything as I think I am constantly learning…ro trying to learn. As a sideline, I run front of the house sound mixes for concerts.
        So much for my credentials, what’s everybody elses here? I’m very good at whining and complaining when Apple disappoints me. But I do refrain from name calling and belittling other people’s opinions so I rarely chime in at all here.

      3. “Please provide us your credentials that would show us you are an expert in the coding field and that we should listen to you and your theories ”

        You don’t have to listen to my thoughts or theories if you don’t want. Simply ignoring me is fine. I try not to impose my opinions on anybody. If you choose to belittle me, however, would tell me what kind of character you are.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.