After hearing this, you’ll probably want to stay off FaceTime for a while.
Apple is currently working on a major bug that had FaceTime users being able to spy on other people’s conversations.
In October, when iOS 12.1 was launched, Apple welcomed the ability to hold group video calls. But a major (and creepy) bug surfaced this week, having Apple to completely pull the group FaceTime feature offline from the server.
The FaceTime bug
The bug in Apple’s FaceTime application lets users hear the other person, and in some cases see video, even if the receipted never accepted the call.
The FaceTime bug was first noticed and reported by trade publication 9to5Mac Monday night.
Apple news website 9to5Mac wrote that the bug was “spreading virally over social media and lets you hear the audio coming from their phone.”
The publication explains that the bug could be replicated by starting a FaceTime call with any iPhone contact and then adding your own phone number in the “Add Person” field, which is how you start a group call. Before the original recipient accepted the call, the caller could hear the audio from the recipient’s iPhone.
“The damage potential here is real,” 9to5Mac wrote. “You can listen in to soundbites of any iPhone user’s ongoing conversation without them ever knowing that you could hear them. Until Apple fixes the bug, it’s not clear how to defend yourself against this attack either aside from disabling FaceTime altogether.”
The bug was also shown when an iPhone called a Mac-computer.
But it doesn’t end there, an additional bug was also found, which broadcast the call recipient’s video when they press their iPhone’s power or volume button to dismiss the call.
It’s not clear how long these bugs have affected FaceTime, but it’s possible that they’ve existed since group FaceTime was released at the end of October.
The glitch isn’t just creepy for the users, it’s also another major backlash for Apple. The bug could negatively affect investors, who’ve already been on the alert since the tech company said it was lowering revenue expectations.
How to turn FaceTime off
“We’re aware of this issue and we have identified a fix that will be released in a software update later this week,” Apple said in a statement.
Shortly after the announcement, Apple’s System Status page had been updated, showing group Facetime as “temporarily unavailable.”
New York Governor Andrew Cuomo urged New Yorkers to turn off FaceTime until the problem was fixed.
“The FaceTime bug is an egregious breach of privacy,” Cuomo said in a statement, to New York Post. “I am deeply concerned by this irresponsible bug that can be exploited for unscrupulous purposes.”
Disable FaceTime for now until Apple fixes https://t.co/FNbPAmZsLf
— jack (@jack) January 29, 2019
On Twitter, worried users, including Twitter chief executive Jack Dorsey, recommends everyone to turn of the FaceTime function, which can be done via iPhone’s settings menu:
1. Go to Settings.
2. Scroll down to FaceTime.
3. Select Turn FaceTime Off
Twitter reacts to FaceTime bug
The issue quickly went viral on Twitter, with users sharing their own experiences and warning other iPhone users about the issue.
— Benji Mobb™ (@BmManski) January 28, 2019
The Facetime bug works in both iOS and MacOS, so now would be a good time to disable Facetime on everything and then pour out a 40 for the Apple security team.
— Eva (@evacide) January 29, 2019
We must keep fighting for the kind of world we want to live in. On this #DataPrivacyDay let us all insist on action and reform for vital privacy protections. The dangers are real and the consequences are too important.
— Tim Cook (@tim_cook) January 28, 2019
……. and FaceTime happens today! ? pic.twitter.com/7mFmPN8KlL
— Appu (@ApoorvKhairnar) January 29, 2019
— Andy Baio (@waxpancake) January 29, 2019
When someone is trying to #FaceTime you, and you can’t ignore it because of Apple bugs.
I spent 45 minutes on this, and I don’t regret it. pic.twitter.com/2XBHKPo3Ta
— David M Sula (@DavidMSula) January 29, 2019
The FaceTime bug definitely proves that your phone can be used as a remote listening device “without any authentication”.
— Marcus J. Carey (@marcusjcarey) January 29, 2019