FaceTime Vulnerability Is an Eavesdropper’s Dream Come True


facetime vulnerability

First reaction: doesn’t matter unless you’re Taylor Swift, Kim Kardashian, or a politician making sure state secrets are kept that way – secrets.

Second thought: it’s still not cool knowing that such a FaceTime vulnerability exists.

Salesforce security engineer Martin Vigo is credited for finding the security flaw, ID-ed CVE-2016-4635.

The flaw has since been (supposedly) patched, according to Apple’s iOS 9.3.3 update page.

FaceTime

Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated

Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic.

In one sentence: someone can continue listening to you even after your FaceTime call has ended (or you think has ended).

For sure, you’ve seen the update notification on your iOS devices, as well on El Capitan. If you haven’t updated yet, then here’s a solid reason why. Especially if you use FaceTime for calls other than keeping in touch with grandma.

Via


Noemi

Freelance writer; digital hobo; professional nap-taker; wannabe beach bum; seeker. SHINY!

0 Comments

Your email address will not be published.