Apple is working to fix a FaceTime bug that allows you to eavesdrop on people without their consent of knowledge. And allows other people to eavesdrop on you without you knowing. In the meantime, you should probably disable FaceTime altogether.
The Group FaceTime Feature Is Bugging People
This FaceTime bug was discovered after a video showing it in action went viral. It was then reproduced by various websites including 9to5Mac. The upshot being there’s a way of hearing (and possibly seeing) people on FaceTime without them answering your call.
You call someone, and then before they answer, you call yourself as well. When you answer, it triggers a Group FaceTime call, and you’ll be able to hear the person you originally called, even if they haven’t answered. And they won’t know they’re broadcasting.
— Benji Mobb™ (@BmManski) January 28, 2019
This isn’t limited just to audio either. It seems there are a number of ways to gain access to someone’s camera too, so you can see them without them realizing. Some require the recipient to press a certain button, but others can be triggered by the caller.
The Group FaceTime feature was introduced with iOS 12.1 in October 2018. So, although this bug has only been publicized this week, it’s entirely possible it has been exploited for the last three months. Which isn’t a good look for the security conscious Apple.
Apple Is Working on a FaceTime Security Update
Apple is now working on a fix. According to Apple’s System Status page, the company has disabled the Group FaceTime feature, which should prevent anyone being able to exploit the bug. However, a more permanent fix will likely arrive via a security update.
Apple needs to fix this, and fast. But beyond that it needs to invest in more testing to prevent really simple bugs such as this making it out into the wild. As much as we might want to see FaceTime for Android, this is enough to put anyone off using it.