This type of bug terrifies me, but not because it's particularly exploitable (though I bet a lot of people momentarily invaded the privacy of their friends/family today for the sake of "just...
This type of bug terrifies me, but not because it's particularly exploitable (though I bet a lot of people momentarily invaded the privacy of their friends/family today for the sake of "just testing it out", secretly hoping to hear something).
The reason it scares me is because it really emphasizes how much we're really just trusting that our devices are only recording us when they're "supposed to". I have an old land-line phone on my desk. I'm absolutely certain that it's not recording me right now. But my cell phone is sitting next to it, and while I'm pretty confident that it's not recording me, it easily could be! I don't know if there's even a way accessible to an average person to prove that it's not. Maybe there's a bug in the video-calling app I used earlier today where it says it hung up, but it's actually continued recording the whole time. How would I even know? It's all just software, and all of the behavior has the potential to break.
That's frightening to me, especially considering almost everyone keeps their cell phone near them at all times.
I can definitely imagine devices with hardware privacy switches being sold as a feature in the near future: flip the switch and the connection from the mic and/or camera is physically broken....
I can definitely imagine devices with hardware privacy switches being sold as a feature in the near future: flip the switch and the connection from the mic and/or camera is physically broken. Completely user-intuitive, secure against both accidental and malicious software issues, and only a minor inconvenience to flip back when needed; it doesn't even detract from the UX for those who don't use it, as they can just leave it in the on position.
It's easy, relatively cheap, and independently verifiable by iFixit and similar. Maybe some OS modifications needed to allow hotplugging the mic and camera, but unlikely to be more onerous than any of the other changes that come with a new hardware release.
They're being sold now (or at least, they're pre-orderable)
I can definitely imagine devices with hardware privacy switches being sold as a feature in the near future: flip the switch and the connection from the mic and/or camera is physically broken. Completely user-intuitive, secure against both accidental and malicious software issues, and only a minor inconvenience to flip back when needed; it doesn't even detract from the UX for those who don't use it, as they can just leave it in the on position.
Pretty esoteric bug since you have to take some seriously unusual steps to recreate it (add your own number as a new Facetime user on that call, before they answer—something people would rarely if...
Pretty esoteric bug since you have to take some seriously unusual steps to recreate it (add your own number as a new Facetime user on that call, before they answer—something people would rarely if ever do), but now that it's out there people should be careful until it's patched. Thankfully Apple is quick to patch and update when things like this are discovered.
I don't understand comments like this—what are you trying to say? That Tim Cook was lying about being privacy-conscious because they discovered a security flaw in their product? That Tim Cook...
Exemplary
I don't understand comments like this—what are you trying to say? That Tim Cook was lying about being privacy-conscious because they discovered a security flaw in their product? That Tim Cook personally placed this bug in the FaceTime source code?
You're basically conflating several different topics into a single off-hand sentence with zero nuance. When has that ever worked on the internet?
This type of bug terrifies me, but not because it's particularly exploitable (though I bet a lot of people momentarily invaded the privacy of their friends/family today for the sake of "just testing it out", secretly hoping to hear something).
The reason it scares me is because it really emphasizes how much we're really just trusting that our devices are only recording us when they're "supposed to". I have an old land-line phone on my desk. I'm absolutely certain that it's not recording me right now. But my cell phone is sitting next to it, and while I'm pretty confident that it's not recording me, it easily could be! I don't know if there's even a way accessible to an average person to prove that it's not. Maybe there's a bug in the video-calling app I used earlier today where it says it hung up, but it's actually continued recording the whole time. How would I even know? It's all just software, and all of the behavior has the potential to break.
That's frightening to me, especially considering almost everyone keeps their cell phone near them at all times.
I can definitely imagine devices with hardware privacy switches being sold as a feature in the near future: flip the switch and the connection from the mic and/or camera is physically broken. Completely user-intuitive, secure against both accidental and malicious software issues, and only a minor inconvenience to flip back when needed; it doesn't even detract from the UX for those who don't use it, as they can just leave it in the on position.
It's easy, relatively cheap, and independently verifiable by iFixit and similar. Maybe some OS modifications needed to allow hotplugging the mic and camera, but unlikely to be more onerous than any of the other changes that come with a new hardware release.
They're being sold now (or at least, they're pre-orderable)
Why are you so certain of that? The conventions of phones aren't exactly natural laws.
Pretty esoteric bug since you have to take some seriously unusual steps to recreate it (add your own number as a new Facetime user on that call, before they answer—something people would rarely if ever do), but now that it's out there people should be careful until it's patched. Thankfully Apple is quick to patch and update when things like this are discovered.
I just reproduced this with my family. In iOS 12.1.2 the bug is present.
I don't understand comments like this—what are you trying to say? That Tim Cook was lying about being privacy-conscious because they discovered a security flaw in their product? That Tim Cook personally placed this bug in the FaceTime source code?
You're basically conflating several different topics into a single off-hand sentence with zero nuance. When has that ever worked on the internet?