Apple’s shut down its Watch Walkie-Talkie app after somebody reported a bug that could have allowed an eavesdropper to surreptitiously listen in on somebody else’s iPhone, the company told Tech Crunch on Wednesday evening.
The app works like, well, a walkie-talkie. You can list yourself as available to chat, and then you can hold down the Talk button on your Apple Watch while you issue important voice messages to friends of your choosing, like, “Whoa, check out the snow storm! Got lift tickets, you up for it?”
Release the button, and if your friend was available and up for it, you’ll hear their voice immediately as they respond with a hearty “Hey-ho, a-skiing we will go!”
What’s the bug?
Apple didn’t give details on the nature of the eavesdropping bug. Nor did it give a timeline for when a fix would be available. Until then, it’s radio silence for people who like to talk into their wrists via their Apple Watch’s Walkie-Talkie app.
The bug was reported directly via Apple’s report a vulnerability portal. Apple said that as far as it knows, the vulnerability hasn’t been exploited in the wild.
Apple apologized for the inconvenience. Here’s the statement it sent to Tech Crunch:
We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible.
Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.
January’s FaceTime bug
This is the second embarrassing snooping bug Apple’s had to deal with this year. In January 2019, it had to scramble to fix a dangerous bug in its popular FaceTime app. Then, as is the case now, it chose to inflict a service outage of the Group FaceTime feature rather than leave an exploitable privacy hole flapping wide open.
LEARN MORE ABOUT THE FACETIME BUG IN OUR VIDEO
(Watch directly on YouTube if the video won’t play here.)
Source : Naked Security