zabrljanje
31-01-2019, 14:05
Pre nekoliko dana se digla prasina oko propusta u okviru FaceTime servisa.
Ova greska omogucava da kad pozovete nekog u okviru Group FaceTime, i nakon toga dodate vas broj kao jos jednog sagovornika, cujete sve sto dolazi do mikrofona telefona koji ste pozvali iako se sagovornik nije javio na telefon.
Ovo je moguce izvesti nevezano da li pozivate nekog na iPhone ili Mac.
Opis:
Pozovete nekog preko FaceTime, swipe odozdo na vise, dodate vas broj telefona, preko add person, kao jos jednog ucesnika u razgovoru i od tad ste u prilici da cujete sve sto dolazi do mikrofona telefona koji ste pozvali, iako se niko jos nije javio na telefon i prihvatio poziv.
Ako osoba koju ste pozvali, pritisne Power dugme u okviru Lock Screen-a, dobijate i video.
Ovo je prijavljeno Apple-u jos 20. januara ali, ocigledno, niko to nije procitao i prosledio gde treba.
Tema na Reddit sajtu
A person reported the Group FaceTime exploit to Apple, 9 days ago
(https://www.reddit.com/r/apple/comments/akyg5b/a_person_reported_the_group_facetime_exploit_to/)
MGT7
@MGT7500
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport (https://twitter.com/AppleSupport)...waiting to hear back to provide details. Scary stuff! #apple (https://twitter.com/hashtag/apple?src=hash)#bugreport (https://twitter.com/hashtag/bugreport?src=hash)@foxnews (https://twitter.com/FoxNews)
https://twitter.com/MGT7500/status/1087171594756083713
I reported the bug there after registering as a developer (even though I’m not, I was told I could) and also emailed product-security@apple directly.
https://twitter.com/MGT7500/status/1090163397788745728
Cak je 23. januara, video prosledjen Apple-u
VIDEO: Here is a video, recorded & sent to Apple by a 14 yr old & his mom, on JAN 23rd, alerting them to the dangerous #FaceTime (https://twitter.com/hashtag/FaceTime?src=hash) bug, that has threatened the privacy of millions. I've removed sensitive / private info on behalf of the mother (an attorney), whom I just spoke to.
https://twitter.com/BEASTMODE/status/1090298850764644352
Ovaj bag je prvo objavljen na 9to5Mac (https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/).
Nakon toga, Apple je napokon privremeno onemogucio ovaj servis, sto mozete da vidite i na System status strani
https://media.idownloadblog.com/wp-content/uploads/2019/01/Apple-System-Status-group-FaceTime-disabled.png
https://www.apple.com/support/systemstatus/
Ova greska omogucava da kad pozovete nekog u okviru Group FaceTime, i nakon toga dodate vas broj kao jos jednog sagovornika, cujete sve sto dolazi do mikrofona telefona koji ste pozvali iako se sagovornik nije javio na telefon.
Ovo je moguce izvesti nevezano da li pozivate nekog na iPhone ili Mac.
Opis:
Pozovete nekog preko FaceTime, swipe odozdo na vise, dodate vas broj telefona, preko add person, kao jos jednog ucesnika u razgovoru i od tad ste u prilici da cujete sve sto dolazi do mikrofona telefona koji ste pozvali, iako se niko jos nije javio na telefon i prihvatio poziv.
Ako osoba koju ste pozvali, pritisne Power dugme u okviru Lock Screen-a, dobijate i video.
Ovo je prijavljeno Apple-u jos 20. januara ali, ocigledno, niko to nije procitao i prosledio gde treba.
Tema na Reddit sajtu
A person reported the Group FaceTime exploit to Apple, 9 days ago
(https://www.reddit.com/r/apple/comments/akyg5b/a_person_reported_the_group_facetime_exploit_to/)
MGT7
@MGT7500
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport (https://twitter.com/AppleSupport)...waiting to hear back to provide details. Scary stuff! #apple (https://twitter.com/hashtag/apple?src=hash)#bugreport (https://twitter.com/hashtag/bugreport?src=hash)@foxnews (https://twitter.com/FoxNews)
https://twitter.com/MGT7500/status/1087171594756083713
I reported the bug there after registering as a developer (even though I’m not, I was told I could) and also emailed product-security@apple directly.
https://twitter.com/MGT7500/status/1090163397788745728
Cak je 23. januara, video prosledjen Apple-u
VIDEO: Here is a video, recorded & sent to Apple by a 14 yr old & his mom, on JAN 23rd, alerting them to the dangerous #FaceTime (https://twitter.com/hashtag/FaceTime?src=hash) bug, that has threatened the privacy of millions. I've removed sensitive / private info on behalf of the mother (an attorney), whom I just spoke to.
https://twitter.com/BEASTMODE/status/1090298850764644352
Ovaj bag je prvo objavljen na 9to5Mac (https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/).
Nakon toga, Apple je napokon privremeno onemogucio ovaj servis, sto mozete da vidite i na System status strani
https://media.idownloadblog.com/wp-content/uploads/2019/01/Apple-System-Status-group-FaceTime-disabled.png
https://www.apple.com/support/systemstatus/