Group FaceTime bug omogucava da sve cujete bez javljanja sagovornika
Pre nekoliko dana se digla prasina oko propusta u okviru FaceTime servisa.
Ova greska omogucava da kad pozovete nekog u okviru Group FaceTime, i nakon toga dodate vas broj kao jos jednog sagovornika, cujete sve sto dolazi do mikrofona telefona koji ste pozvali iako se sagovornik nije javio na telefon.
Ovo je moguce izvesti nevezano da li pozivate nekog na iPhone ili Mac.
Opis:
Pozovete nekog preko FaceTime, swipe odozdo na vise, dodate vas broj telefona, preko add person, kao jos jednog ucesnika u razgovoru i od tad ste u prilici da cujete sve sto dolazi do mikrofona telefona koji ste pozvali, iako se niko jos nije javio na telefon i prihvatio poziv.
Ako osoba koju ste pozvali, pritisne Power dugme u okviru Lock Screen-a, dobijate i video.
Ovo je prijavljeno Apple-u jos 20. januara ali, ocigledno, niko to nije procitao i prosledio gde treba.
Tema na Reddit sajtu
A person reported the Group FaceTime exploit to Apple, 9 days ago
MGT7
@MGT7500
https://twitter.com/MGT7500/status/1087171594756083713My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport...waiting to hear back to provide details. Scary stuff! #apple#bugreport@foxnews
https://twitter.com/MGT7500/status/1090163397788745728I reported the bug there after registering as a developer (even though I’m not, I was told I could) and also emailed product-security@apple directly.
Cak je 23. januara, video prosledjen Apple-u
https://twitter.com/BEASTMODE/status...98850764644352VIDEO: Here is a video, recorded & sent to Apple by a 14 yr old & his mom, on JAN 23rd, alerting them to the dangerous #FaceTime bug, that has threatened the privacy of millions. I've removed sensitive / private info on behalf of the mother (an attorney), whom I just spoke to.
Ovaj bag je prvo objavljen na 9to5Mac.
Nakon toga, Apple je napokon privremeno onemogucio ovaj servis, sto mozete da vidite i na System status strani
https://www.apple.com/support/systemstatus/
"We're going to make some history today" 
Reply With Quote