Apple: Users Were Able to Listen to Each Other via Facetime
Only a few months ago Apple introduced the group telephony function for Facetime. In the video telephony service, conferences with up to 32 participants could be started thanks to the new function. However, this new feature was accompanied by a massive security vulnerability, and Apple responded by temporarily blocking the group feature. The vulnerability made it possible to eavesdrop on called parties – even if they refused or did not respond to the call.
Facetime users already had the option of adding another person to the call during the call – i.e. before the call was accepted or rejected. If they selected their own number as a further participant, the called party could be intercepted. Even before answering the call, the caller could hear everything the called party’s device recorded. However, if the call was rejected by the called party, the wiretap was not terminated – instead, the camera sometimes even started without the user noticing. Whether the problem existed since the introduction of the new function in October or only recently is not known.
This massive security hole was made public by the website “9to5mac”, which added a video to the article, showing what happened during the described procedure. After the vulnerability became public, Apple responded immediately by disabling the Facetime Group feature. The US company wants to present a solution this week. Only then will the group function be usable again.
If you don’t trust Apple and want to protect yourself against such eavesdropping attacks and other Facetime breakdowns, you can deactivate Facetime completely in the settings of the respective device.