Apple FaceTime security flaw exposed
Apple has temporarily disabled the group calling capability in its FaceTime application after discovering unscrupulous users could listen in on other users even if they didn't answer the call.
Apple says it will have a security update for the service later in the week and took the additional step of disabling the service directly in the meantime.
The flaw was relatively easy to exploit - a user would start a FaceTime call and then add their own number again as a third person in a group chat. The recipient's microphone, and in some cases video capability, would then be active until they accepted or rejected the call.
The website 9-5 Mac first reported the bug yesterday, and Apple has been praised for the speed of its response. But today, 9-5 Mac says it has been contacted by a user who claims her son found the problem and she warned Apple about it more than a week ago. Apple is yet to comment on whether this is accurate or not.
Amusingly, the flaw was revealed on Data Privacy Day, an EU day of awareness started in 2007 to raise awareness about the importance of protecting privacy.
You must be logged in in order to post comments. Log In