Apple FaceTime bug pose low security risk, says researcher

Apple was left red-faced last week when a bug was discovered in its FaceTime application, specifically when initiating group FaceTime calls.

If a group FaceTime call was made to you, it was discovered that a caller can unwittingly hear and even see what your phone camera can see without you having to accept the call.

Obviously, this has created a bit of scare for many using FaceTime as there can potentially be some privacy ramifications, but Apple has been quick to respond and have temporarily disabled group FaceTime until a fix can be implemented.

However, is the FaceTime bug a serious security breach? Victor Chebyshev, a security researcher from Kaspersky Lab doesn’t seem to think so. In fact, he says it is rather difficult to exploit the bug given the circumstances.

“From what has been reported in the media so far, it would appear to be difficult for an attacker to exploit this bug for the secret surveillance of targets, as the potential victim would receive an incoming call alert, says Chebyshev.

“The only risk scenario is where the target tends to use the ‘silent’ mode. In this case, a spy could possibly secretly listen to the target’s private conversations” he added.

Chebyshev says considering the hundreds of lines of codes required to build an app, it is impossible to guarantee a 100% bug free experience. That is where the software security community and the user community in general come in to help expose bugs and holes in the code that needs to be fixed.

“In general, software today comprises so many lines of code that it is almost impossible to guarantee that it will be 100% bug free, and software vendors rely on the security community to help them find and fix such bugs before they can be abused by attackers,” he said.

Given the complexity of developing software, Chebyshev says Apple’s speed in responding to the situation to protect its users is commendable.

“Apple deserves credit for responding quickly to notification of the bug. The company has also temporarily disabled the FaceTime Group Chat feature to further protect users from any possible privacy abuse” he said.

In the meantime, you can disable FaceTime completely while we wait for Apple to release an update with a patch to fix the bug. Here’s how to do it:

Go to: Settings, scroll down to FaceTime and select it, then toggle FaceTime off.