Facetime Bug Let Others Hear Audio Before Picking Up

AlphaAtlas

[H]ard|Gawd
Staff member
Joined
Mar 3, 2018
Messages
1,713
9to5Mac reports that a major bug in FaceTime allowed anyone with an iDevice running iOS 12.1 or latter to call someone else with FaceTime, and hear audio from their end without the other person ever picking up. Apparently, all you have to do is type your own phone number to the "add person" prompt, and FaceTime will start the call. Additionally, if the recipient of the call presses the power button, a video feed is also sent to the caller without the recipient ever knowing. Apple says that a fix should be pushed out later this week, and that they've disabled group FaceTime to mitigate the issue until then, though 9to5Mac says they were still able to reproduce the issue last night after Apple supposedly took Group FaceTime offline. Thanks to Schtask for the tip.

Macrumors uploaded a demo of the bug, which you can see here.

We have also replicated the problem with an iPhone calling a Mac. By default, the Mac rings for longer than a phone so it can act as a bug for an even longer duration...
 
Disabled already on all of our devices for the whole family. Nobody really needs to look at a face to talk. I think it's kind of dumb.
 
This isn't a bug it's feature.
Only Apple could come up with such an amazing new feature.
 
  • Like
Reactions: magda
like this
what-happens-iphone-las-vegas.jpg
 
Disabled already on all of our devices for the whole family. Nobody really needs to look at a face to talk. I think it's kind of dumb.

Correct me if i'm wrong i thought facetime was a service and seeing a face was optional. meaning facetime can be audio-only
 
Correct me if i'm wrong i thought facetime was a service and seeing a face was optional. meaning facetime can be audio-only

Correct, FaceTime can be used audio only or audio & video.

Terrifying bug, at least Apple responded immediately and disabled FaceTime Groups (I don't believe you can exploit this bug anymore even if it's enabled on your handset?) until a fix can be developed.

They have had a few security issues in iOS and macOS lately which is concerning, but that AI just found like 14,000 unique vulnerabilities in Debian (which I also use as Ubuntu, and yes, not all as severe as this) so I give them credit for shutting the service down rather than trying to keep it quiet while they patched.

These days, sadly, it's the reaction to the security flaws that either does or doesn't impress me as bugs are just a way of life in all systems.
 
This from the same company who allowed unlimited password entry attempts for Apple cloud allowing thousands of celebrities to be brute force and or dictionary hacked in record time? The company responsible for the fappening failed at security again ?? No way!

But they have a giant billboard about privacy. I guess Jennifer Lawrence and the nudes leaked from their platform might have something to say about that. Just might.
 
Its a backdoor , c' mon.
I would bet there was ways to make it not ring.

I have been of the opinion that if something is hooked to a network it is safe to assume there is a backdoor in it or it is spying on you.

Almost daily my observation is proven correct for all intents and purposes.
 
Back
Top