Apple is a company that prides itself on the security of its products. Apple has a lot to lose as one of the world’s biggest tech companies. It prides itself on having a lot of control given it produces a complete set of technology. That’s both the operating system software and hardware it all runs on, whether you’re talking an iPhone or a Mac.
It must have been embarrassing, then, for a major flaw to emerge in the company Facetime video calling service. The bug exploited a flaw in its group calling service.
Group calling allows you to call more than one person, as you’d expect.
If you started a group call and added yourself (along with 1 other person) to the call you could listen to everyone’s microphones, even if they hadn’t picked up the call!
To make matters worse, under certain circumstances, the video camera on some system could be viewed, again without the second caller actually agreeing to take the call.
If you have your iPhone or Mac with volume enabled you’d spot an incoming Facetime request. Not so much if you had your device on silent, or you were away from it.
To make matters even worse, Apple was reportedly told about the flaw some time ago. 9to5Mac reported that a concerned mother tried to contact Apple about the flaw some time before knowledge of it became widespread. Apple didn’t take them seriously.
That’s a huge black eye for Apple in the security stakes, because it could have patched away the issue well before the exploit itself became public.
Once it had become publicised, Apple yanked the Group Facetime servers offline, and it says it’s tested internally to patch the flaw.
A software update, due to appear at some point this week should disable the flaw on iOS and macOS devices, as well as re-enable Group Facetime calls.
The reality here — and what we, as consumers can learn about security as a result — is that modern application software is very complex stuff, built by fallible human beings.
No software, anywhere is 100% free from bugs, but what effect those bugs may have can vary. Some may cause crashes. Some may cause weird screen effects, and some — like the Facetime bug — may cause genuine security worries.
This bug was particularly troublesome in that, unless you’d already specifically disabled Facetime because you never used it, regular users would have done nothing “wrong”.
They left nothing insecure. Yet they still could have had their privacy compromised.
So what can you do? While it’s a scary situation, it’s also a reminder of why it’s a very good idea to make sure that you’re up-to-date with security releases and patches for your operating system, whether you’re an Apple Mac/iPhone user, or indeed more of a Windows/Android user.
There’s good sense in waiting on major operating system updates — again, because of the potential of crippling bugs in early software.
When patches relate to issues within that software, as Apple’s Facetime update is sure to, it’s smart to keep yourself up-to-date.
It’s likely that Apple will aggressively push the update to fix Facetime out with a lots of pop-up windows reminding you to upgrade.
You can take matters into your own hands by checking regularly for software updates.
On Macs, click on the Apple symbol, then App Store, and then on updates. On iOS devices, open Settings, then General, then Software Update. As long as you’ve got an active Internet connection, you’ll be informed if there are relevant updates to install.