A Bug in FaceTime Allows One To Access Someone's iPhone Camera And Microphone Before They Answered the Call; Apple Temporarily Disables Group FaceTime Feature (thenextweb.com) 88
Social media sites lit up today with anxious Apple users after a strange glitch in iPhone's FaceTime app became apparent. The issue: It turns out that an iPhone user can call another iPhone user and listen in on -- and access live video feed of -- that person's conversations through the device's microphone and camera -- even if the recipient does not answer the call. In a statement, Apple said it was aware of the bug and was working to release a fix later this week. In the meanwhile, the company has disabled Group calling functionality on FaceTime app. From a report: The issue was so serious that Twitter CEO Jack Dorsey, and even Andrew Cuomo, governor of the state of New York, weighed in and urged their followers to disable FaceTime. [...] That's bad news for a company that's been vocal about privacy and customer data protection lately. The timing couldn't be worse, given that Apple is set to host its earnings call for the October-December quarter of 2018 in just a matter of hours.
How did this happen? (Score:2)
Re: (Score:1)
Now you understand why phones built like this will never be secure.
Re: How did this happen? (Score:1)
It sucks but it could be worse - you could have an Android phone that will never get any security fixes.
Re: How did this happen? (Score:4, Insightful)
What is your bug-free development methodology?
Re: (Score:1)
Nothing is perfect, but having a QA process involving more than zero people over longer than zero hours is a great place to start.
Re: (Score:2)
That is not a QA process. QA is a profession, with skills and mindset all its own.
Re: How did this happen? (Score:2)
Android has way more exploits than iOS in the wild due to the wholly inadequate update system. Open source software in general has had its fair share of bugs too.
Re: (Score:3)
IFF Facetime were a TNO platform, it would be fairly straightforward to ensure that all data that traverses from point A to point B in the software is encrypted. If it's not encrypted, nothing hits the network event loop, and unit tests make sure of it.
Facetime, of course, isn't TNO, it's "Trust Apple". They manage your keys, not you, and they are to be trusted with closed-source to not screw that up. There's no regularized enforcement of sensitive data always being encrypted (obviously).
A "paranoid" e2e
Re: How did this happen? (Score:5, Informative)
It sucks but it could be worse - you could have an Android phone that will never get any security fixes.
Err. This is an application. You understand that applications and the OS are two different things, right?
Re: (Score:2)
Re:How did this happen? (Score:5, Funny)
The public release wasn't supposed to be compiled with CIA_FBI_NSA=TRUE
Re: How did this happen? (Score:2)
Programmers that are trying to make things work (Score:5, Insightful)
Programmers who are accustomed to desktop applications, where there is one user, are in the habit of making things work. You click the button, it does the thing. Somebody calls someone else, they can see and hear each other.
Many of the "omg how stupid can you be?!" bugs are of the "make sure it does NOT work when it's not supposed to" variety. Once you connect an application to the internet, you have to think in terms of when things should NOT happen and test for that. Programmers who learned writing Windows desktop apps don't think in that frame of mind.
For decades one of the most popular sayings in programming was "garbage in, garbage out". That's no longer an acceptable way of thinking. That garbage that comes out, random bytes from RAM, can include your private key. Once your application is on the internet, it has to be "garbage is the default thing I'm expecting, and leads to DENIED out. Only if input exactly matches the specification will you get anything out". It's a different way of thinking.
Re: (Score:1)
Programmers who are accustomed to desktop applications, where there is one user, are in the habit of making things work. You click the button, it does the thing. Somebody calls someone else, they can see and hear each other.
I think it's more a time crunch to make it work than anything else. Remember, the group FaceTime feature was supposed to be one of the headlining features of iOS 12. It was supposed to be a big deal, showing how much better Apple technology is than Android, at least based on the Apple WWDC keynote. (No, I don't understand why anyone would want a group video call feature, or how this makes iOS better than Android when there are a thousand cross-platform apps that do group video already. But the Apple execs a
Re: (Score:2, Informative)
For decades one of the most popular sayings in programming was "garbage in, garbage out". That's no longer an acceptable way of thinking. That garbage that comes out, random bytes from RAM, can include your private key. Once your application is on the internet, it has to be "garbage is the default thing I'm expecting, and leads to DENIED out. Only if input exactly matches the specification will you get anything out". It's a different way of thinking.
I think you are completely misunderstanding what "garbage in, garbage out" means. It never ever means "output random bytes from RAM". It means that if you mean to ask a program for the function of a perfectly valid input but accidentally give it a completely different but perfectly valid input, then the program responds with the function of the input you ACTUALLY gave it rather than the one you intended.
What you're claiming (as opposed to what you're intending to claim) is that if I take a calculator and ty
Re: (Score:2)
"GIGO (garbage in, garbage out) is a concept common to computer science and mathematics: the quality of output is determined by the quality of the input."
Re: (Score:2)
GIGO - means nothing more and nothing less than that you can never expect valid output (with the possible exception variations on "ERROR Invalid entry" ) unless you have valid inputs.
In the past on single user system or even on more restrictive shared systems there were lots of places where it was "acceptable" to just apply whatever algorithm your program does to the input and produce the outputs.. Were expected a an integer and someone sends the string 'A' well guess what that is still the bytes 65,00,?,?
Re: (Score:1)
How does a "bug" like this make it to a supposedly stable app?
because it is apparently time for Apple to punch the faces of their customers even more? ApplePunch FaceTime!
Re:How did this happen? (Score:5, Interesting)
Likely the app makes all the video and audio connections first, then rings the person if all the connections were successful. This way as soon as you answer you'll get the feeds instead of having to wait a few seconds for all the data to be sent. It sounds like a reasonable design choice, if you ignore the security and data billing concerns, which apparently they did. What a great way to waste someone's data. Constantly call them on FaceTime when you know they won't answer. I bet Apple has made more of these "UX above all else" decisions.
I'm now glad I keep my cameras covered. I don't know why phone cases don't include a manual shutter, even if it's just a silicone flap.
Re: (Score:2)
Why do you write this as an anonymous coward?
This is the first coherent, non tinfoil hat comment I read on it.
Re: (Score:2)
"I don't know why phone cases don't include a manual shutter, even if it's just a silicone flap."
Because people would forget about it and then get annoyed with the case. Like you said, it's a UX decision.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
What about mic(rophone)s? :(
Re: (Score:1)
How exactly does the bug work? The article just says that someone can listen in on another FaceTime user even if that user does not pick up, and it has something to do with group calling. Is there some specific sequence of actions that triggers this? Can it happen accidentally, or do you intentionally have to do some kind of trick?
Re:How did this happen? (Score:4, Informative)
As I understand it, it works like this: You call someone you want to snoop on. Then, when they don't answer, you make it a group call by saying "add member" and then add yourself. (Why are you allowed to do this? I don't know.) At this point it switches to "group" mode and now the other person is suddenly in the group call, transmitting video and audio, without ever having picked up. Presumably it would also work if you added someone else to make it a group call, but the demo I saw just added themselves.
As for how it happened, Apple missed releasing the "group FaceTime" feature when iOS 12 launched and had to delay it. Apparently they didn't delay it enough - I'm assuming they were rushing to fix whatever was holding it back, and they missed that you could force people into group calls. (I'm also unclear on if you can spy on even more people by adding them all to your new group call.)
Re: (Score:2)
Re: (Score:3)
Because both revolve around photos from digital cameras. They could've called it 'T&A Time/Book' but that'd be too on-the-nose.
Re: (Score:2)
nightcats speculated:
Preoccupation with The Face: what if these apps were called something different, like Brainbook and Heart-time? What if they were designed to explore what is deeper than appearance, mere image? Would they have a different ethos, a different cultural focus, a different user base and therefore a more sensitive development model? But okay, words mean little anymore, I suppose it's a silly question in this culture.
First of all, words do have meaning - in fact, many of them have multiple meanings. (When there's more than one definition for a term, in the sense which it is used is typically obvious from the context in which it appears - but I digress.)
Apple appropriated the compound term "face time," eliminated the space between the two words, and used it as the name of its video calling app. The original term, however, significantly predates social media. Dictionary.com [dictionary.com] gives three, somewhat relat
Re: (Score:2)
Some voice prints?
Its a feature for some.
Re: (Score:2)
Re: (Score:2)
typo (Score:4, Funny)
There is a typo in the headline. It should read: "A Feature in FaceTime Allows One To Access Someone's iPhone Camera And Microphone"
Re: (Score:1)
"A Feature in iOS Allows One To Access Someone's iPhone Camera And Microphone and record everything"
ftfy.
Facetime devs did nothing wrong. They used this feature(it's not a bug) to improve their normie user experience.
Re: (Score:2)
There is a typo in the headline. It should read: "A Feature in FaceTime Allows One To Access Someone's iPhone Camera And Microphone"
That is why smartphones should never be tolerated in the same room as anything confidential is discussed. Even if this wasn't a "flaw" in Apples own software, it could have been a "flaw" in any number of apps.
Re: (Score:1)
the manufacturer that makes a phone with a hardware switch between the physical camera and physical microphone will get my money.
Terrible link (Score:1)
I CANNOT believe this shit happened! (Score:1)
Get Federighi the fuck OUT! Whoever is in charge of software at Apple has got to fucking go! Their only competitive advantage against Google is the privacy angle, and then they pull some shit like this? Not to mention Swift is an unstable piece of shit that breaks your codebase every six months, and Xcode being trash doesn't even need to be said, that's a given. Oh, they're focusing on services now right, well, Apple Music is constantly buggy with regressions seemingly every update. Something is ROTTEN at A
The time when Apple wrote better software (Score:4, Insightful)
Re: (Score:1)
The time when *any* company wrote better software is over. Seriously every day it seems like there is another security flaw. Facebook's flaw that allowed you full write access to anyone's profile, Google+ being complete shut down due to security flaws, the ton of Windows 10 issues all come to mind.
A Bug In Slashdot... (Score:2, Funny)
A Bug In Slashdot Allows Msmash To Write Ridiculous Overkill Headlines With This One Weird Trick And The Internet Is Losing Its Mind
Second Link?? (Score:1)
All iPhones national security hazards. (Score:3)
It doesn't really matter if it gets patched in FaceTime. If Apple can do it in one app, deliberately or not, then someone can do it with a crafted app. It has to be assumed that anyone with an iPhone can potentially be listened to and watched at any time. Those involved in handling information of a sensitive nature need to act accordingly.
Note, this is not to say other types of phones aren't exploitable in exactly the same way. That also needs to be checked out before just switching everyone over to something else.
Re: (Score:1)
Old fashioned switches (Score:3)
People would make fun of the fact that in Star Trek TOS they had all these toggle switches, had to insert data cards, etc. Then in TNG it was all screen displays and touch panels. Buu recall multiple times in TNG the crew got locked out of the ships computer, warp coils would go crazy, and so forth. They had to crawl through Jeffries Tubes to find a junction, but again the hatch seals were all touchpad controlled. It was madness. But if you were on TOS, just flip a switch and the circuit was cut, no problem.
Phones will eventually get a physical switch to turn stuff like cameras, microphones, GPS off. Just like you can turn off your alerts. Won't happen immediately, and design aficionados will resist. But there will be some big reveal in the future about how these things are mis-used and the switches will start appearing.