A bug in Apple’s FaceTime App has just been discovered, and it’s a huge privacy concern.
It allows users to access the audio and video from the phone they’re calling… before the person has accepted (or rejected) the call.
Gizmodo US had no problem testing the bug for themselves with an iPhone XR and XS – but it seems that the bug can be used between any Apple devices running iOs 12.1 or later.
As it turns out, it’s extremely easy to exploit the bug – which is a concern.
All you need to do is start a video call with a fellow iOS user, swipe up while it’s dialling and hit “Add person”.
From there, add your number to the screen to start a group faceTime call. The result is a call between yourself and the audio from the original call recipient if they haven’t rejected the call yet.
It basically tricks device into thinking that a conference call is already happening.
You can see it in action below:
— Benji Mobb™ (@BmManski) January 28, 2019
It has also been reported by The Verge that if the recipient presses the power or volume button to ignore the call the device will start sending video as well as audio without any notification.
Testing has confirmed that activating Do Not Disturb mode will block the microphone access.
According to Apple there won’t be a solution until later this week, so we recommend erring on the side of caution and completely disabling FaceTime access on your Apple device until the fix is in place.
To do this, go to your iOS device Settings and switch the FaceTime icon to grey. If you’re using a Mac, open up the FaceTime app. In the menu bar click on ‘Facetime’ and hit “Turn Off FaceTime.”
Unsurprisingly, memes are already cropping up on social media, including the beautifully ironic sign Apple erected in Las Vegas during CES at the beginning of January.
UNLESS THEY FACETIME YOU pic.twitter.com/OHt7340AGG
— SwiftOnSecurity (@SwiftOnSecurity) January 29, 2019