FaceTime Bug That Lets People Spy on Others Demoed in Video [Updated]

[MacRumors]

There's a major issue affecting FaceTime right now, which all MacRumors readers should be aware of. A bug with Group FaceTime can let someone force a FaceTime call with you, giving them access to your iPhone, iPad, or Mac's video and audio even when you don't accept the FaceTime call.

In the video below, we demonstrate how the bug works. We do not condone MacRumors readers invading peoples' privacy, and these video is meant to make it clear how simple it is to exploit this bug to emphasize its seriousness.

Subscribe to the MacRumors YouTube channel for more videos.​

As outlined in our original post on the issue, this FaceTime bug is very easy to exploit. All someone needs to do is call you and then add their own number to the FaceTime call to force a connection with you.

From there, they can hear your audio, even though on your end, it looks like the call wasn't accepted yet. If you hit the power button to make the call go away, it gives the person on the other end access to your camera. This bug can be initiated on an iPhone and it affects iOS and macOS devices running current software, including iOS 12.2.

This is a huge privacy issue and while Apple says a fix is coming "later this week," iPhone and Mac users concerned about spying should turn off FaceTime all together. Enabling Do Not Disturb also appears to work as a preventative measure.

Update: Apple appears to have temporarily addressed the issue by disabling Group FaceTime calls server side. On Apple's System Status page, Group FaceTime is listed as unavailable.

Article Link: FaceTime Bug That Lets People Spy on Others Demoed in Video [Updated]

 

[RedGala]

WOAH

 

[jedivulcan]

Turning off Facetime. That's scary as hell.

 

[drinkingtea]

Why show a video of how to replicate this issue? Why is that necessary? We’re already aware of the problem; no need to show people how to replicate it. This is a security and a privacy problem.

 

[domneedscoffee]

>Huge FaceTime security bug
>Let's show the broad public step by step how to do it as "a preventive measure"

Or just tell people what happens and what to do until there's a fix. Stupid.

 

[Art Mark]

It's a bug. Not exactly an earth shattering one like the chip design flaws from last year. A software bug. It'll be fixed. Calm down. Return to your previously planned activities.

 

[Anonymous Freak]

Just confirmed between my wife and my phones - both on iOS 12.1.3.

 

[Macalway]

Meanwhile, I'm having a ball!

Thank you Hack Rumors Woaaaa!

 

[Shanpdx]

the response from apple and tim cook will define tim cook's legacy. there is no scott forstall around this time to blame.

week(s) is not acceptable ... every minute is ticking clock.

 

[jclo]

Why show a video of how to replicate this issue? Why is that necessary? We’re already aware of the problem; no need to show people how to replicate it. This is a security and a privacy problem.

It's not meant to be an instructional video, it's to show people who aren't aware how easy it is to exploit so they can understand the seriousness and disable FaceTime. Anyone who wanted to exploit it could easily find the steps on virtually any other site because it's absolutely everywhere now. There's no hiding the execution of a bug like this. Might as well spread awareness so MR readers can be safe.

 

[BornAgainMac]

NudityTime

 

[Hieveryone]

JEEEEESUS CHRIST!

That’s so messed up.

What if I’m in the shower or something. Dang!

 

[Wags]

Seems almost deliberate in the iOS. Making the power button activate video would be somewhat expected action of someone on other end to lock their screen or end task.

 

[Bawstun]

Massive failure after massive failure. Dissappointing, but Cook is in over his head. Not a visionary.

 

[julesme]

Maybe this is why Zuckerberg puts tape over his webcam.

 

[1050792]

"What happens on your iPhone stays on your iPhone' say what?

 

[bernuli]

The next phone I buy will have a LED next to the camera that lets you know it is active.

 

[fermat-au]

This is a BAD bug.
It is even worse for Apple, given their current marketing push towards privacy.

 

[drinkingtea]

I wonder how many Russians have tried FaceTiming Trump?

 

[I7guy]

Massive failure after massive failure. Dissappointing, but Cook is in over his head. Not a visionary.

Massive failure after massive failure? Sure there isn't another company you are referring to or hyperbole for hyperboles sake?

 

[TVreporter]

Is this just on iOS 12? Wife’s phone still on 11.

 

[JosephAW]

I thought he was going to tell us how to mute audio while a FaceTime connection was in progress.

 

[wangkesen]

The next phone I buy will have a LED next to the camera that lets you know it is active.

That’s not really going to make much different. Physical cover would be better.

 

[simonmet]

It's a bug. Not exactly an earth shattering one like the chip design flaws from last year. A software bug. It'll be fixed. Calm down. Return to your previously planned activities.

It’s concerning to me that bugs of this severity not only occur but do so with some degree of frequency. They are not merely software bugs to calm down about. MacRumors describes it as serious. Every iPhone unlock or remote access/control exploit is a major failure.

 

[Banglazed]

https://www.apple.com/support/systemstatus/

FaceTime is now down