美国贼喊捉贼:指责华为不安全,原来苹果才不安全!

在美国起诉华为的档口,自家的苹果却爆出了重大问题!

苹果手机的用户注意啦,你的FaceTime可能正在被窃听……

今天包括The New York Times, CNBC,Bloomberg, BuzzFeed在内的多家外媒报道,苹果FaceTime存在重大缺陷。

这个缺陷会让用户在被呼叫方接听或拒绝接听前,就能听到对方的声音或者打开对方的摄像头。

Via The New York Times

Via CNBC

Via Bloomberg

Via Buzzfeed

还有网友上传了视频:

Via Youtube

这个漏洞最早是由9to5mac.com爆出的

The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call.

这个BUG可以让你在用FaceTime给对方打电话的时候,马上听到对方的声音, 即使对方界面还停留在来电显示,并没有接起或者拒接电话。

Naturally, this poses a pretty privacy problem as you can essentially listen in on any iOS user, although it still rings like normal, so you can’t be 100% covert about it. Nevertheless, there is no indication on the recipient’s side that you could hear any of their audio.

这就造成了 一个巨大的隐私问题 ,因为它意味着你基本上能窃听任何iOS用户谈话。更重要的是,接收方的手机还在正常地来电提醒, 不会察觉到有人在偷听其谈话。

Via 9to5mac

根据9to5mac的说法,要实现这个BUG只需要完成下面几步

Start a FaceTime Video call with an iPhone contact.

给一个人拨打FaceTime。

Whilst the call is dialling, swipe up from the bottom of the screen and tap Add Person.

在显示正在拨号的同时,下划屏幕,再添加另一个人加入通话。

Add your own phone number in the Add Person screen.

把自己的号码加入群聊。

You will then start a group FaceTime call including yourself and the audio of the person you originally called, even if they haven’t accepted the call yet.

然后你就和你最初拨打的对象开始多方对话了,即使对方并没有接通。

Via 9to5mac

很快,多家外媒就按照这个步骤进行了试探~

结果真的可以!

一位CNBC的记者测试后证实了这个BUG

I tried placing a video call to my editor from my iPhone using Apple's FaceTime app. Then, before he picked up, I used the menu option to add somebody else to the call and, as 9to5Mac's directions state, I added myself to the call. Suddenly, I could hear my editor, even though he never picked up. We continued having a conversation while his phone only gave him the option to answer. There was no indication that the call had already gone through.

我尝试使用Apple的FaceTime应用程序向我的编辑发出视频通话。在他拿起之前,我从菜单选项将其他人添加到呼叫中,并且根据9to5Mac的步骤,我将自己添加到呼叫中。突然间,我可以听到我的编辑的声音,即使他从未接过。我们继续进行对话,而他的电话只有来电显示。没有迹象表明电话已经接通。

Via CNBC

之后,BuzzFeed也测试了一下,结果有了更不得了的发现。

发现原来这个 BUG不仅可以接通麦克风,还可以接通对方的前置摄像头!?

Via Twitter

BuzzFeed 拿iphone 8 和 iPhone X做了一个测试 。

In BuzzFeed News' test, an iPhone X was used to initiate a FaceTime video call to a recipient using an iPhone 8. After following the instructions outlined by 9to5Mac, the iPhone X caller could hear audio from the iPhone 8's microphone.

iPhone X给iPhone 8发起FaceTime视频通话。就像9to5Mac写的那样,iPhone X可以听到来自iPhone 8麦克风的声音。

After the call recipient pressed the volume-down button, footage from the iPhone 8's front-facing camera could be seen on the iPhone X — even though the call recipient had not answered the call.

在iphone8按下音量减小按钮后,可以在iPhone X收到iPhone 8前置摄像头的图像,即使iphone8并没有接听……

Via BuzzFeed

iPhoneX把自己加入群聊,这时iPhone 8 还是准备接听状态

iPhone 8 按了一下音量键后, 前置摄像头的图像就传到了iphoneX上,而且iPhone8 的用户依然不知道呼叫已经接通。

测试还显示,如果接收者挂机,呼叫者就没有办法听到对方的麦克风了。

And when the call recipient, the iPhone 8, had "Do Not Disturb" turned on, the caller could not access the recipient’s microphone.

当接收者iPhone 8打开“请勿打扰”时,呼叫者无法访听到对方的麦克风。

Via BuzzFeed

Buzzfeed测试的这两款设备都运行最新版本的iOS系统。

有意思的是,FaceTime 的这个多人呼叫的功能是去年才推出的,也顺带修复了之前的BUG, 只是没想到带出了更大的问题。

真的是大写的尴尬

Apple added multi-person FaceTime calling at the end of last year via a software update that was, in part, designed to address previous software bugs.

苹果去年年底通过软件更新增加了多人FaceTime呼叫功能, 该软件更新部分旨在解决以前的软件漏洞。

via Bloomberg

怎么有种越修越烂,越描越黑的感觉~

对于这个BUG苹果表示已经注意到这个问题, 会在这周进行修复。

Apple said a fix is coming this week. "We're aware of this issue and we have identified a fix that will be released in a software update later this week," a spokesperson told CNBC.

苹果公司表示 本周会有一个修复方案 。 “我们已经意识到这个问题,我们将在 本周晚些时候在软件更新中发布的修复程序 ,”一位发言人告诉CNBC。

Via CNBC

很快外国的网友炸开了,纷纷在自己的手机上测试了一下,结果……

中国的网友表示还好买不起苹果

对于苹果这个最新的BUG,你怎么看呢?

素材:外媒

图:外媒、网络

文:小亮亮

相关新闻

    接下来

      推荐阅读