facetime   670

« earlier    

How to download and install iOS 12.1.4 on your iPhone or iPad | iMore
Update: Apple sent iMore the following statement regarding the iOS 12.1.4 patch:
"Today's software update fixes the security bug in Group FaceTime. We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime. To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS."
audio  bug  facetime  ios12  privacy  security  video 
10 weeks ago by rgl7194
Apple Releases iOS Software Update Fixing The Group FaceTime Security Flaw
Today, Apple released a software update, iOS 12.1.4, that includes an important fix for a bug in the Group FaceTime video chat feature.
The security flaw gave callers access to the call recipient's microphone and front-facing camera. "We again apologize to our customers and we thank them for their patience," an Apple spokesperson said in a statement.
After performing a security audit, the company also discovered a previously unreported vulnerability in a separate feature that allows participants to capture Live Photos during a FaceTime call. "To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS," the spokesperson said.
audio  bug  facetime  ios12  privacy  security  video 
10 weeks ago by rgl7194
Apple Releases Fix for Group FaceTime Snooping Bug in iOS and macOS
Apple has released security updates for iOS and macOS that fix a severe bug in FaceTime that allowed callers to listen in, and potentially view, the people they were calling without the call being answered.
At the end of January, videos started circulating on social media about a serious bug in iOS and macOS that allowed users to initiate a Group FaceTime call and listen in on those they were calling without that person answering the call or even knowing that their microphone was activated. To make matters worse, if the person receiving the call pressed the power button to mute the ringing, their front-facing camera would turn on allowing the caller to see what was happening in the room.
As you can imagine, this bug had serious privacy ramifications and could be used by people to listen in on rooms or potentially get images of people in very private situations.
Apple stated that they would create a security update and release it the following week. While they were fixing the bug, they disabled Group FaceTime, so that the bug could not be abused.
Today, Apple has released iOS 12.1.4 and a macOS Mojave 10.14.3 Supplemental Update that fixes this FaceTime bug. According to the release notes, this bug was caused by a logic issue in how Group FaceTime calls were handled.
"A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management."
audio  bug  facetime  ios12  privacy  security  video 
10 weeks ago by rgl7194
Apple Releases iOS Update to Fix FaceTime Bug and Compensates Teen Who Discovered the Problem – MacStories
Today, Apple issued an update to iOS that fixes the serious bug that we reported on last week, which could be exploited to eavesdrop on someone using FaceTime. With iOS 12.1.4 in place, Apple has turned Group FaceTime back on server-side too, but it will only work with the updated version of iOS and later releases.
In a statement to MacRumors, BuzzFeed, and other media outlets Apple said:
Today's software update fixes the security bug in Group FaceTime. We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime. To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS.
audio  bug  facetime  ios12  privacy  security  video 
10 weeks ago by rgl7194
Apple pushes fix for “FacePalm,” possibly its creepiest vulnerability ever | Ars Technica
Bug in FaceTime Group feature allowed people to eavesdrop on users' audio and video.
Apple has patched one of its creepiest vulnerabilities ever—a flaw in its FaceTime messenger app that made it possible for people to eavesdrop on audio and video captured by iPhones and Macs.
The bug in Group FaceTime, a feature that allows conference-call-style chats, made it trivial for someone to eavesdrop on someone else simply by initiating a FaceTime call, swiping up and choosing “add person,” and entering their own number to add themselves as a participant in a Group FaceTime call. While people on the receiving end would see a call was coming through, they would have no idea that the person trying to connect could already hear nearby audio and, in many cases, see video.
Two other potentially serious iOS security bugs Apple fixed Thursday have been under active attack in the wild, security researchers with Google's Project Zero said. One bug indexed as CVE-2019-7287, is a memory corruption flaw in the IOKit. Apple said it may allow apps to execute arbitrary code with kernel privileges. Another memory corruption bug in Foundation, CVE-2019-7286 may allow an application to gain elevated privileges.
The in-the-wild exploits could be severe because based on Apple's vulnerability description, they fundamentally subvert Apple's security model, which prevents apps from accessing other apps and from interacting with the security of iOS itself. A Google spokesman declined to provide details about the attacks. An Apple representatives also declined comment.
audio  bug  facetime  ios12  privacy  security  video 
10 weeks ago by rgl7194
Daring Fireball: Apple Is Compensating the 14-Year-Old Who Discovered Major FaceTime Security Bug
Tom Warren, reporting for The Verge:
Apple released iOS 12.1.4 today to fix a major security flaw in FaceTime that allowed people to eavesdrop on iPhone users. The bug was originally reported to Apple by Michele Thompson after her 14-year-old son, Grant, discovered that you could add yourself to a Group FaceTime call and force recipients to answer immediately. Apple was initially slow to respond, but the company has now credited the discovery to Grant Thompson of Catalina Foothills High School.
Apple also tells The Verge that it’s compensating the Thompson family for discovering the vulnerability, and providing an additional gift to fund Grant Thompson’s tuition. Apple hasn’t revealed exactly how much it’s paying the Thompson family.
facetime  audio  bug  ios12  legal  privacy  security  video  daring_fireball 
10 weeks ago by rgl7194
Daring Fireball: Apple Apologizes for Group FaceTime Bug, Software Update With Fix Delayed Until Next Week
Apple:
We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.
We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.
Good on Apple for thanking the Thompson family, and for acknowledging that something is wrong with their process for escalating critical bugs reported by regular customers.
In the meantime, regular 1:1 FaceTime works and is safe to use. But Group FaceTime is unavailable until the software update rolls out next week.
audio  bug  facetime  ios12  legal  privacy  security  video  daring_fireball 
10 weeks ago by rgl7194
Si ves un error al intentar activar iMessage o FaceTime - Soporte técnico de Apple
Para poder usar iMessage o FaceTime, debes activarlos en tu iPhone, iPad o iPod touch. Si ves un mensaje de error durante la activación, sigue estos pasos.
imessages  apple  facetime  tigo 
11 weeks ago by luispautt
Newly-Discovered Bug in Group FaceTime Inadvertently Allows Eavesdropping - SecureMac
When Apple debuted iOS 12.1 late last year, one of the flagship additions to the system was Group FaceTime. This long-requested feature allows multiple users to enjoy simultaneous face-to-face video chat through FaceTime. However, in the wake of a serious flaw in Group FaceTime that was disclosed this past week, the feature is currently inaccessible on all iOS devices.
At issue is the potential risk for spying on the audio (and in some cases, video) feeds from a phone targeted through the flaw. Unlike many iOS bugs, this one does not require a convoluted series of steps or an awkward sequence of button presses. In fact, all signs point to a teenager making the original discovery of the flaw about a week before its widespread recognition.
To exploit the bug, all one has to do is initiate a FaceTime call and, before the recipient answers, add oneself to the call as an additional user. This step provides the user’s own phone with the option to accept the call. If they do, the user will now be able to hear everything being said near the microphone of the target device.
The good news is that this is not (initially) a silent bug; that is, it is not possible to trigger the flaw and eavesdrop through the target phone without also triggering that device’s ringer. However, that does little to mitigate the privacy and security risks posed by the ability to overhear someone without their consent, even for a few seconds at a time. Worse, if the user dismisses the FaceTime call request, it appears their phone begins transmitting the phone’s camera video feed — all while the user believes they are not in a call at all.
This is not the first time privacy flaws have been discovered in Group FaceTime. A previous issue patched in November allowed users to bypass the lock screen to explore a target’s address book without authorization. For now, Apple has chosen to shutter Group FaceTime temporarily, disabling server access for all users.
Although an extreme step, the effort demonstrates a clear commitment to minimizing risk and reducing the number of users potentially affected by individuals attempting to exploit the bug. The Cupertino tech giant has said a fix, which should close this loophole for good, will be available for download within approximately the next week. Users should take care to watch for this upcoming patch.
Check back here for updates on this story as they become available.
audio  bug  facetime  ios12  privacy  security  video 
11 weeks ago by rgl7194
Lawyer sues Apple, claims FaceTime bug “allowed” recording of deposition | Ars Technica
Texas attorney: I didn't update my iPhone to enable "unsolicited eavesdropping."
A Houston attorney has sued Apple over the recently disclosed FaceTime bug, which can allow third parties to surreptitiously listen to FaceTime calls via an iPhone microphone.
In a lawsuit filed Monday evening in Harris County District Court, Larry Williams claimed the company was negligent when it allowed the microphone to be used in this way.
"Plaintiff was undergoing a private deposition with a client when this defective product breach allowed for the recording of a private deposition," he wrote.
"The Product was used for its intended purposes because Plaintiff updated their phone for the purpose of group Facetime calls but not unsolicited eavesdropping. Plaintiff suffered injuries."
Williams also alleged strict products liability and breach of express warranty, among other counts.
The case was first reported Tuesday by Courthouse News.
Apple is expected to release a fix to the bug later this week.
audio  bug  facetime  ios12  privacy  security  video  legal 
12 weeks ago by rgl7194
How to turn off and restrict FaceTime on iPhone or iPad | iMore
How do you turn off FaceTime?
FaceTime is automatically activated as part of the overall setup process you go through the first time you turn on a new iPhone, iPod touch, iPad, or Mac. If, for some reason, it isn't activated, or if you want to restrict access for your children, or even turn it off entirely, you can do that too.
How to turn on FaceTime
How to turn off FaceTime
How to disable FaceTime over cellular
How to use parental controls to restrict FaceTime in iOS 11 and earlier
How to use parental controls to restrict FaceTime in iOS 12
audio  bug  facetime  ios12  privacy  security  video 
12 weeks ago by rgl7194

« earlier    

related tags

/r/technology  'egregious  112  12.1  2018  2019  6  :(  adjustments  ai  aims  alfred  an  and  andrew  android  andy-baio  answer  apologizes  app  apple's  apple  applecommunity  appstore  ar  at&t  audio  back  bash  be  best  bounty  breach  breakup  bug  bugs  calibration  call  callers  calls  camera  cameras  cancelling  car  cellphones  chat  cheating  chill  chilling  china  cinema  cli  coach  comcast  command  cool  cool_tools  crash  creepy  cuomo  daring_fireball  debacle  digital  disable  disabled  dismissed  display  does  doesn’t  down  eavesdrop  eavesdropping  edibuddies  editing  education  effects  email  encryption  fail  fcc  feature  filters  finally  fix  fixes  football  for  friend  funny  goes  googlewallet  governor  group  health  hide  how  ichat  if  imessage  imessages  in  include  incorrect  interview  ios  ios10  ios12  ios6  ios7  iphone  is  isight  jamesfraleigh  jm  kanye  kardashian  kim  krazam  lawsuit  legal  lepoole  lets  live  mac-hardware  mac  macbookpro  macos  madisonrivercommunications  marketing  meeting  memes  message  messages  met  metropcs  millenial  mobile  more  netneutrality  next  noise  noisecancel  not  now!  number  ny  of  on...  on  os  osx  other  out  over  ovum  p2p  panorama  party  patents  patenttroll  performance  permission  permits  phone  photobooth  plus  privacy'  privacy  programming  protocol  radio  rams  reddit  reference  releases  report  says  screenshare  screensharing  security  shutdown  sip  skype  snoop  snooping  software  spunti  squadgoals  stop  support  surprises  t-mobile  technology  terminal  tethering  that  the  therapeutic  this  tigo  to  tomorrow  tools  twitter  use  users  verizon  video-chat  video  virtualprivatenetwork(vpn)  voice2  voip  vulnerability  webcam  webrtc  week  west  while  will  with  without  workflow  working  x  you   

Copy this bookmark:



description:


tags: