Apple has chosen to temporarily disable a key feature of the Apple Watch after a critical vulnerability was discovered that could allow someone to eavesdrop on another person without their knowledge.
The Apple Watch feature at the heart of the problem is Apple’s Walkie-Talkie app which allows users to “push to talk” with other Apple Watch owners via a real-time voice message, rather than having to make a call or laboriously type a text message.
The feature was added to Apple Watch in 2018 as part of watchOS 5, fulfilling many purchasers’ dreams that they were a modern-day Dick Tracy.
The comic-book detective might have used his 1950s equivalent to the Apple Watch to fight crime, but Apple’s Walkie-Talkie app could potentially have enabled criminals to eavesdrop on conversations.
Apple is being characteristically tightlipped about the details of the problem which was reported to it via the vulnerability portal on its website, but in a statement underlined that it was not aware of anybody exploiting the vulnerability:
“Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.”
According to TechCrunch, although Apple has temporarily disabled the app while it works on developing a fix, owners won’t see Walkie-Talkie disappear from their Apple Watch’s screen. Instead, its normal functionality simply will not work until a patch is pushed out at a later – as yet unconfirmed – date.
One imagines that it is fairly straightforward for Apple (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/featured/apple-walkie-talkie-app-exploited-iphones/