A critical bug in FaceTime allows anyone to eavesdrop on your conversations even if you don’t answer. This is quite rightly one of the biggest goof-ups by Apple in a long long time and, as a result, the service has now temporarily gone offline.
Table of Contents
FaceTime “spy bug” poses a major security threat to Apple’s user base
A critical bug in FaceTime allows callers to access another person’s microphone even if they don’t answer the call.
It lets almost anyone without any technical know-how the power to spy on you. Further, a stationary Apple device can easily be monitored for longer periods of time.
This has a lot of ramifications – for example, imagine having a conversation with someone while the eavesdropper calls you and starts listening without you answering the call.
Twitter user “Benji Mobb” was the first to discover this bug. He also uploaded a short 12-second video that shows how the bug works.
— Benji Mobb™ (@BmManski) January 28, 2019
Surprisingly, this bug is not limited just to audio, anyone can access your camera if you press the power button to reject the call.
Here’s how the FaceTime “eavesdrop bug” bug works and how you can reproduce it.
How the FaceTime spy bug works
- Call another FaceTime user and manually add their number as an additional person.
- You will now have a conversation with yourself and one other person. That’s it! You can now access the other person’s microphone and spy on their conversations, even if they did not answer the call.
- You can also access their camera for a brief period of time when the receiver presses the power and volume buttons to reject the incoming call.
This bug works on all recent iPhone devices and Mac computers, including the iPhone XS/XS Max and XR. As far as compatibility goes, iOS 12.1 and later versions are vulnerable to this bug.
Apple takes FaceTime offline
Since this bug affects the vast majority of iPhone users, Apple has already taken down the FaceTime service.
According to Apple’s system status webpage, FaceTime is no longer functional and marked with a yellow “Issue” icon.
The FaceTime group calls feature will not return until the developers patch the bug.
Apple will likely push a firmware update that deals with this bug in a couple of days. However, a server-side fix would be a better choice as users will not need to forego their current firmware version and upgrade to iOS 12.2.1.