WARNING: Go update your mobile NOW – Apple bug let people secretly listen in on conversations

1
FACETIME BUG: The company has released the iOS 12.1.14 software update that affects iPhones and iPads after a bug was publicised over a week ago. Photo: Shutterstock


APPLE has launched a new iOS update to fix a FaceTime flaw that allowed people to eavesdrop on other people’s iPhones before they even picked up the call.

The company has released the iOS 12.1.14 software update that affects iPhones and iPads after a bug was publicised over a week ago.

The new update is only minor but still noticeable as it reboots the FaceTime feature that was disabled at the end of January.

The iOS flaw has been classified as a huge privacy error that allowed anyone to listen and even see what the receiver was doing on the other end, even if the FaceTime call was not answered.

To update your iPhone, navigate to Settings > General > Software Update.

The tech company has released their latest update after a teenager and mother from Arizona, USA, reported the bug in January by attempting to contact the company multiple times and claim to not have received a reply.

Apple initially addressed the issue on January 28, nearly ten days after the bug was claimed to first be reported, by disabling the feature.

On February 1, the company released an apology statement:

“We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.

“We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.”

On February 7, Apple announced the fix:

“Today’s software update fixes the security bug in Group FaceTime. We again apologise to our customers and we thank them for their patience.

“In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime.

“To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS.”

The privacy breach has since led to investigations, lawsuits, and a congressional inquiry.

The mother of the teenager told USA press ‘there needs to be a better process for the average citizen to report things like this, and a timelier response’.

1 COMMENT

  1. Simple answer: not tested properly. When companies have a deadline to meet, it is always testing that gets cut and squeezed and test managers have to start prioritising instead of testing everything. This is hardly a one-in-a-million sequence of events, it should be a standard element of the test script suites. But when you are doing a final pass of the code, not everything is re-tested, although automated test tools should pick this kind of thing up these days.

LEAVE A COMMENT

Please enter your comment!
Please enter your name here