Apple Temporarily Disables Walkie-Talkie App for Apple Watch Due to Eavesdropping Vulnerability

[MacRumors]

Apple has disabled the Walkie-Talkie app for Apple Watch due to a bug that could allow users to eavesdrop on others, reports TechCrunch.

The company issued a statement noting that it was just notified about the vulnerability and has temporarily disabled the Walkie-Talkie functionality while a fix is developed. The Walkie-Talkie app will remain installed on users' Apple Watches, but it will not be functional until the fix is deployed.

Apple's statement:

We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer's iPhone without consent. We apologize again for this issue and the inconvenience.

Walkie-Talkie debuted last fall in watchOS 5, and it allows users to easily communicate with each other via voice from their wrists using a push-to-talk function.

As TechCrunch points out, the issue is reminiscent of a serious Group FaceTime bug discovered early this year that could allow callers to hear a user's audio without the call being accepted. In that scenario, Apple remotely disabled Group FaceTime once the issue was discovered, and pushed out an emergency bug fix a week and a half later as part of iOS 12.1.4.

Article Link: Apple Temporarily Disables Walkie-Talkie App for Apple Watch Due to Eavesdropping Vulnerability

 

[kildraik]

I’ve honestly never used the feature. None of friends or peers use it either. Is anybody else not missing this?

 

[farewelwilliams]

"It has awesome security" -Steve

 

[where is it]

Is Apple becoming the new Microsoft of old? Bug ridden software, slowly being hacked away. Even the official statement contradicts itself. What is going on over there?

 

[Zachari]

Is Apple becoming the new Microsoft of old? Bug ridden software, slowly being hacked away. Even the official statement contradicts itself. What is going on over there?

No. Things happen, billion dollar companies have imperfect humans.

 

[christarp]

I’ve honestly never used the feature. None of friends or peers use it either. Is anybody else not missing this?

I really want to use it and like it, but on my S2 (and my girlfriends S2) it just seems to not connect a lot, and generally is very hit or miss.

 

[tomnavratil]

Toxic comments as usual. This is a standard process when a critical bug is found. No company is bug-free even if you have a robust QA process in place. Anybody who worked in a bit more complex software development can relate to this, often you find bugs that could have been in the code for years.

 

[twistedpixel8]

I really want to use it and like it, but on my S2 (and my girlfriends S2) it just seems to not connect a lot, and generally is very hit or miss.

I find just about everything on my S2 very “hit and miss” lately. Frequently having to tap things twice to get a response, Siri takes forever to act on anything or even show she’s listening to what I’ve said. Honestly expected S2 to remain relevant for a while longer.

Still gets reasonable battery life though so I guess that’s something!

 

[Porco]

Iffy-Squiffy Walkie-Talkie?! Fixey-Quickxy: Lovely-Jubbly.

 

[recoil80]

Toxic comments as usual. This is a standard process when a critical bug is found. No company is bug-free even if you have a robust QA process in place. Anybody who worked in a bit more complex software development can relate to this, often you find bugs that could have been in the code for years.

And disabling the feature until the fix is released is the right thing to do. Hopefully a new watchOS version will be released early next week and walkie talkie will be live again

 

[Azzin]

Is Apple becoming the new Microsoft of old? Bug ridden software, slowly being hacked away. Even the official statement contradicts itself. What is going on over there?

Using the phrase bug ridden software is just hyperbolic IMHO.

They found a bug, they temporarily disabled an app to prevent issues, they’re fixing it.

Sounds ok to me.

I wonder if other manufacturers would fix an equivalent bug so quickly?

 

[YaBe]

Toxic comments as usual. This is a standard process when a critical bug is found. No company is bug-free even if you have a robust QA process in place. Anybody who worked in a bit more complex software development can relate to this, often you find bugs that could have been in the code for years.

I would agree, if the same way of thinking were used for other manufactures as well, unfortunatly people defend (rightly) when it's Apple, and bash (wrongly) when it is another company.

If the post was about Samsung flaw, we would have looooots of complaining.

No company is bug free, but the "Old" Apple was definetly better at releasing stuff (yes they also had a smaller user base wich helped).

 

[zonk44]

Wasn’t eavesdropping a feature of walkie talkies? That part was the most fun in the good ol days imho

 

[EldonChew]

Just curious how are they doing this?

Does it go along the line of:
All iDevices/Mac pings and checks with a list on Apple server everyday can if an App is blocked on that list, iOS/macOS will not run it?

 

[Ghost31]

Is Apple becoming the new Microsoft of old? Bug ridden software, slowly being hacked away. Even the official statement contradicts itself. What is going on over there?

What the heck are you talking about? They found a vulnerability and instead of letting people be exposed, they shut it off. Thereby protecting users. This is a good thing and something we WANT them to do. How you could spin this as something bad is beyond me

 

[jezbd1997]

Just curious how are they doing this?

Does it go along the line of:
All iDevices/Mac pings and checks with a list on Apple server everyday can if an App is blocked on that list, iOS/macOS will not run it?

No they would either block access or disable the servers specifically used for the feature/s.

 

[EldonChew]

No they would either block access or disable the servers specifically used for the feature/s.

Oh I see

Can Apple stop an iOS/watchOS/macOS app from completely launching one fine day?

I remember reading something along the line a while back but can't confirm

 

[Marekul]

Is Apple becoming the new Microsoft of old? Bug ridden software, slowly being hacked away. Even the official statement contradicts itself. What is going on over there?

imo yes.

What the heck are you talking about? They found a vulnerability and instead of letting people be exposed, they shut it off. Thereby protecting users. This is a good thing and something we WANT them to do. How you could spin this as something bad is beyond me

It is not a good thing when you have critical vulnerabilities in your software. Password-less root login, Facetime eavesdropping, keychain "keysteal" exploit, walkie talkie eavesdropping, so many more, and still no bug bounty program for MacOS. How you could spin this as something good is beyond me

 

[dz5b609]

imo yes.


It is not a good thing when you have critical vulnerabilities in your software. Password-less root login, Facetime eavesdropping, keychain "keysteal" exploit, walkie talkie eavesdropping, so many more, and still no bug bounty program for MacOS. How you could spin this as something good is beyond me

Because the reason you learn about these vulnerabilities is that Apple actually gives a **** and takes immediate measures while most other companies just ignore vulnerabilities (and the tip givers) until a journalist comes around and makes it a big story. Or worse try to make a solution while keeping the vulnerability up because they want to avoid bad press.

 

[smileman]

Dear Apple,

For those of us who don't use Walkie Talkie (or some of the other built-in apps) please give us the option to disable/delete them.

Having an extra app on any device that one is not using just creates a potential additional security hole + takes up storage space.

Thanks.

 

[pika2000]

Is Apple becoming the new Microsoft of old? Bug ridden software, slowly being hacked away. Even the official statement contradicts itself. What is going on over there?

At least the current Apple is more transparent when there are problems.
In the old Apple under Jobs, everything will be distorted under the reality distortion field as if everything is perfect. In reality, there are plenty of bugs back then as well. You just don't hear it as much.

 

[Delgibbons]

"It has awesome security" -Steve

Put the big billboards up! Have them everywhere!

 

[akash.nu]

I don’t know anyone who actually uses this feature. Tried with a colleague once & it failed. Never tried again.

 

[mi7chy]

Nice track record especially when your competitor discovers and tells you how to fix an iMessage bricking bug.

https://bugs.chromium.org/p/project-zero/issues/detail?id=1826

 

[Icaras]

I’ve honestly never used the feature. None of friends or peers use it either. Is anybody else not missing this?

Of course I’d miss it. I love walkie-talkie as it’s a quick and easy way to get in touch with someone super fast when you want immediate feedback without having to make a phone call. For example, my girlfriend and I use it all the time when we’re shopping at the mall or somewhere with a lot of square footage where we want to go to separate stores or departments of a much larger store. Really useful and powerful.