SoylentNews is people
SoylentNews
Submitted via IRC for Bytram
A significant bug has been discovered in FaceTime and is currently spreading virally over social media. The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call. Apple says the issue will be addressed in a software update "later this week". (Update: Apple has taken Group FaceTime offline in an attempt to address the issue in the interim).
Naturally, this poses a pretty privacy problem as you can essentially listen in on any iOS user, although it still rings like normal, so you can't be 100% covert about it. Nevertheless, there is no indication on the recipient's side that you could hear any of their audio.
Update: There's a second part to this which can expose video too ...
(Score: 4, Insightful) by AthanasiusKircher on Tuesday January 29 2019, @02:33PM (2 children)
Nope, I'm not going to just set those aside.
In the past couple years there's been all this hubbub about "smart" speakers: "OH NOES! We shouldn't let such things in our houses because they are listening to us! They can spy on us!"
Yes, that's true. But the vast majority of people have let such devices into their houses years ago in the guise of cellphones and then smartphones -- which not only contain microphones but also (multiple) cameras. With closed-source software and operating systems on them, how do you have any clue how much spying they might be doing on you?
Now we have a clear example of an exploit in a standard iPhone app that could be used for surveillance. How much would you like to bet that such exploits appear in a lot of apps? People blithely even give "permissions" to their apps to access camera and microphone, etc. without even thinking. No thoughts of -- "why should this random little game need access to my microphone?" or "why should this calculator app need access to my camera?" And yet they worry about smart speakers?
And those are just the apps you've given PERMISSION to spy on you. Perhaps the OS has other exploits or even deliberate backdoors.
I used to think, aside perhaps from the NSA, that this was overreacting "tinfoil hat" attitude. Except I've had too many friends tell me about weird situations where their phones magically seem to know about their conversations and immediately offer ads for related items or search suggestions the next time they go on their phone. I have my phone pretty locked down and have never seen such a thing on my device, and I was skeptical the first few times I heard friends talking about it. But I've been present and witnessed such bizarre events too many times for it to be coincidence.
Just get used to it: if you have a closed-source device with a microphone and cameras that you carry everywhere with you, it is likely able to be used for surveillance and probably is (either though bugs or deliberate features). I don't think that's "tinfoil hat" opinion anymore -- it's just realistic.
(Score: 0) by Anonymous Coward on Tuesday January 29 2019, @04:01PM
maybe people should just get a tablet and dumb phone. but that would mean a lack of convenience, so it'll only be a reasonable option among the tin-foil hats you described. normal people won't bother because as you stated, they click next to continue and dont take any time to understand what is going on.
its sad, but its why windows and wizards and tablets and so on became popular, and also why they are so heavily marketed, why google is punishing companies that don't go along with 'mobile first', why windows 10 is emulating the mobile ways of always on tracking...
in Wargames, the only winning move was not to play. you might be able to disable this or that with a phone and its tracking and advertising and privacy problems, but you can never win if you think you can enjoy the conveniences and get away with not being violated.
maybe someday landlines without google home or google fiber or facebook portals or whatever will occur--but really it won't. I mean even now, applications are using dns over https to bypass local dns ip address settings to get around filtering. you can't prevent what you can't man-in-the-middle (and for home use DNS why should you ever need to hijack your own traffic???). Or anyway, only criminals will have privacy when they break the law to manipulate the traffic leaving their leased OS devices and violating the eulas for so many things. You might own the hardware, but you don't own anything it does.
(Score: 2) by vux984 on Tuesday January 29 2019, @08:11PM
" But the vast majority of people have let such devices into their houses years ago in the guise of cellphones and then smartphones -- which not only contain microphones but also (multiple) cameras. With closed-source software and operating systems on them, how do you have any clue how much spying they might be doing on you?"
The difference being that a smart speaker is useless garbage that exists solely to collect data and open a conduit to sell you shit while performing tasks so trivial as to be laughable - pause the music its playing through its shitty tinny speaker ... turn on a $50 light bulb...), while a smartphone actually provides a fantastic amount of utility and needs microphones and cameras to do deliver that utility. Being able to take a photo and sms it to someone else while talking to them on the phone is real value.
Granted the risk profile of a cell phone is similar; but the at least for the risk you are getting something of value; while you can enact managable policies around it... meeting rooms that you leave your phone in a box outside, throwing your phone onto a charge in a drawer when you aren't using it, etc. But once you start putting smart speakers in your bedroom to turn the lights on you're done.