Apple Endures More Questions on iPhone Security in View of FaceTime Vulnerability
The Twittersphere’s response to news of an Apple FaceTime glitch that went viral Tuesday ranged from outrage to grins as iPhone users processed the possibilities that could have ensued before Apple turned off the feature that experienced the bug. Fingertip Solutions tweeted: “A major privacy flaw in #Apple’s FaceTime lets others listen in on you before you answer the call," broadening the message to say the bug “allows someone to dial one of their contacts and listen in to the recipient’s microphone before they actually answer the call.”
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
John Meyer, a tech entrepreneur and investor, posted a screenshot of the original bug report to Apple Friday from the mother of the teenager who discovered the snafu. The mother “was baffled that Apple Support asked her, an average citizen, to sign up for an Apple developer account” so she could submit an “official bug report, in order to be taken seriously,” posted Meyer. A Jan. 22 email from the mother said she was following up on an earlier email about the issue, a “major privacy and security flaw,” to which she had received no response from the company. She offered to send a video to the company demonstrating the defect in action.
Apple turned off the offending Group FaceTime function where the bug was said to reside while it studied the issue. Media sites advised iPhone users to turn off FaceTime altogether and gave video tutorials on how to do so. Numerous Twitter users posted screen shots of an iPhone’s system status saying Group FaceTime was “temporarily unavailable.”
@WinconSecurity tweeted that the issue is likely “an outlier” but "underscores the need for organizations to take #cybersecurity seriously and ensure they use secure devices.”
@SamMcAllister was among CES attendees who poked fun at Apple’s bravado over its iPhone security. He tweeted a photo of an Apple billboard during CES in Las Vegas -- “What happens on your iPhone, stays on your iPhone” -- which he noted has “aged poorly." A 24 Hours Poll on Twitter asked how many people used FaceTime: 40 percent yes, 33 percent no and 27 percent “used to.”
Users noted the irony of Apple CEO Tim Cook’s Monday tweet: “We must keep fighting for the kind of world we want to live in,” said Cook, citing Data Privacy Day. "Let us all insist on action and reform for vital privacy protections. The dangers are real and the consequences are too important."
Apple isn’t alone in negative media reports for mics picking up conversations people think are private. Google was in the news this month (see 1901230043) when a hacker issued a false warning about an impending nuclear attack via a Nest security camera. Amazon has had issues with Echo speakers recording conversations people didn't know were being heard. And smartphones have come under attack by users who believe they’re “always listening" to conversations, even those not part of a phone call.
Apple didn’t respond to our questions. Macworld praised the company's head-on handling of the issue, shutting down the feature while it investigated. But, it said, “The question remains: How did it happen in the first place? Group FaceTime was delayed from the initial iOS 12 launch, so it’s not like Apple rushed things." The bug wasn't particularly intricate "so Apple’s engineers should have spotted it” in the three years since it has been live, it said.
The slow reaction to glitches, which also happened in iOS 11 and macOS High Sierra last year, “should have gone out of style by now,” Macworld said, after Apple said it was auditing its development processes to prevent similar flubs. “A year later, it seems as though Apple hasn’t actually learned anything from its mistakes,” it said. As for the mother of the teenager in the FaceTime snafu, the magazine said, "Why aren’t they taking every privacy complaint seriously, even if it’s from a faceless Twitter user?"