Apple watch glitch enabled iPhone to hear confidential messages

Evite

A flawed app on the smart watch manufactured by Apple has been shut down because of a bug that allowed iPhone users to hear the conversations of watch users.

The Walkie-Talkie app was designed to allow two people to communicate vocally through short audio snippets. A software problem meant that an iPhone user would be able to listen to the Walkie-Talkie dialogues without the watch holder’s consent, Apple said.

The tech giant has now disabled the malfunctioning app and has issued an apology to users for inconvenience suffered, while claiming that Apple had not been aware of any cases of the app’s bug being exploited by cyber-criminals.

A “specific” coming together of conditions and “sequences of events” would be needed for iPhone users to take advantage of the problem, Apple said.

At the start of the year, Apple discovered another “surveillance” glitch in its FaceTime app which enabled some callers to turn on the microphone of another iPhone, even if a call to the target iPhone was not answered. A software patch to remedy the issue was subsequently issued by Apple.

Video-calling facility Zoom also recently revealed that a problem in its software enabled hackers to tap into users’ webcams without authorisation. As reported by the BBC, IT researcher, Jonathan Leitschuh discovered a glitch that allowed third parties to start video conferencing and gain access to the camera of a target device.

Leitshchuh said:

“Without the user giving any explicit consent nor taking any explicit action, they would be instantly dropped into a Zoom meeting.

“By default, Zoom shows video but doesn’t send audio, though both settings are changeable. So, depending on their video and audio settings, victims would potentially be immediately broadcasting themselves, perhaps even without their knowledge if they’re not looking at their screen.”

After dismissing the issue as insignificant, Zoom released an update to resolve the issue, stating:

“We appreciate the hard work of the security researcher in identifying security concerns on our platform.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.