A Major FaceTime Bug Let Callers Eavesdrop on You Even if You Didn't Answer
FaceTime is supposed to be an easy way for people to connect, but it looks like it's also easy to exploit. On Monday, 9to5Mac revealed a significant bug with Apple's FaceTime video calling app. Replicated by other outlets, the glitch allows callers to access the microphone and even front-facing camera of the person they're calling -- even when the call recipient doesn't answer the phone.
The process is simple enough that many people replicated it and shared their results. Call up a friend on FaceTime and swipe up while it's ringing. Add the originating number with the "Add Person" option before anyone answers. It would appear that FaceTime then believes a conference call is taking place and gives the caller access to the microphone of the person they called, whether or not that person actually answered the phone.
9to5Mac was also able to replicate the bug by calling a Mac computer.
On top of it all, The Verge revealed that the problems didn't end there. In the unintentional conference call, if the recipient hits the power or volume button their phone begins to transmit video from the front-facing camera as well. The glitch was replicated by many people after it was made public. (See the video below from Nic Nguyen.)
Later Monday, 9to5Mac reported that Apple took FaceTime's conference call capabilities offline, protecting users against any further malicious use of this flaw. An Apple spokesperson told the Verge, "We’re aware of this issue and we have identified a fix that will be released in a software update later this week."
Without specifics, it might be wise to disable FaceTime on your phone, iPad, and/or computer. To do this, go to the Settings app on your iOS device. Toggle FaceTime and you've shut it down. On a Mac computer, open the FaceTime app. Under "FaceTime" on the menu, there's an option to "Turn Off FaceTime." Now your mom won't be able to call you and see your smiling face, but someone unknown person won't be listening to scroll Twitter either.