Apple has chosen to temporarily disable a key feature of the Apple Watch after a critical vulnerability was discovered that could allow someone to eavesdrop on another person without their knowledge. The Apple Watch feature at the heart of the problem is Apple's Walkie-Talkie app which allows users to "push to talk" with other Apple Watch owners via a real-time voice message, rather than having to make a call or laboriously type a text message. The feature was added to Apple Watch in 2018 as part of watchOS 5, fulfilling many purchasers' dreams that they were a modern-day Dick Tracy. The comic-book detective might have used his 1950s equivalent to the Apple Watch to fight crime, but Apple's Walkie-Talkie app could potentially have enabled criminals to eavesdrop on conversations. Apple is being characteristically tightlipped about the details of the problem which was reported to it via the vulnerability portal on its website, but in a statement underlined that it was not aware of anybody exploiting the vulnerability:
"Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer's iPhone without consent. We apologize again for this issue and the inconvenience."
According to TechCrunch, although Apple has temporarily disabled the app while it works on developing a fix, owners won't see Walkie-Talkie disappear from their Apple Watch's screen. Instead, its normal functionality simply will not work until a patch is pushed out at a later - as yet unconfirmed - date. One imagines that it is fairly straightforward for Apple to disable Walkie-Talkie from working properly by making a change on its own servers, rather than updating millions of buggy app installations. The company used a similar technique earlier this year after a 14-year-old uncovered a FaceTime bug that could allow someone to spy on your conversation – and even see through your iPhone’s front-facing camera – before you answered an incoming call. It took Apple little more than a week to fix that Facetime privacy vulnerability, and I would imagine that the company will be keen to show similar responsiveness in handling this latest issue with Walkie-Talkie. As our electronic devices become more essential than ever for modern communications increasing pressure will be placed on manufacturers to ensure that they are properly secured from snoops, whether they be jealous partners, regular criminals, or state-sponsored hackers.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.
