APPLE has disabled a major feature on the Apple Watch after learning it could be used to spy on iPhone owners.
The Walkie-Talkie app – which has now been switched off – could remotely listen in to an iPhone through its microphone, Apple has warned.
Apple has apologised for the privacy blunder, and says it is now working on a fix.
However, the company hasn’t released full details of the bug, which means it’s impossible to know exactly how it worked.
“We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue,” said Apple in a statement.
“We apologise to our customers for the inconvenience and will restore the functionality as soon as possible.”
The bug makes use of the Walkie-Talkie feature, a relatively new Apple Watch app that lets you voice-chat with other smartwatch owners.
It was added last year with the release of watchOS 5, and is only supposed to allow willing participants to chat with each other.
But an unknown flaw means that the feature obviously didn’t work as intended, and could be exploited by snoopers.
“Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously,” explained.
“We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent.
“We apologise again for this issue and the inconvenience.”
The Walkie-Talkie app is still installed on Apple Watch smartwatches, but calls will no longer go through.
Apple Watch privacy bug – what do the experts say?
Here’s insight from Brian Higgins, security specialist, Comparitech.com:
- “This is another alarming example of the ‘sell it first and fix it later’ attitude that the major tech firms take towards their consumers.
- “It’s become common business practice to launch unsafe and poorly tested software into the world and companies like Apple are happy to take the reputational hit when users report back to them that they’ve failed to secure their product yet again.
- “It’s all very well ‘quietly pushing out’ updates but it’s manifestly unfair on the end user to expect them to do the job their [developer cybersecurity] teams should be doing for them.
- “If Apple invested in some [developer cybersecurity] for a change, people might feel slightly better about them the next time this happens.”
Google has admitted it gives workers access to some audio recordings from its Google Home smart speakers.
The technology giant said it uses language experts around the world to study a small number of audio “snippets” from users.
Google said this work helps with developing voice recognition and other technology in its Google Assistant artificial intelligence system, which is used in its Google Home smart speakers and Android smartphones.
The assistant understands and responds to voice commands given to it, answering queries about the news and weather as well as being able to control other internet-connected devices around the home.
In a statement, the company said a small number of anonymous recordings were transcribed by its experts, and revealed that an investigation had been launched after some Dutch audio data had been leaked.
“We partner with language experts around the world to improve speech technology by transcribing a small set of queries – this work is critical to developing technology that powers products like the Google Assistant,” Google said.
“Language experts only review around 0.2% of all audio snippets, and these snippets are not associated with user accounts as part of the review process.
AN AMERICAN ORGANIZATION founded by tech giants Google and IBM is working with a company that is helping China’s authoritarian government conduct mass surveillance against its citizens, The Intercept can reveal.
The OpenPower Foundation — a nonprofit led by Google and IBM executives with the aim of trying to “drive innovation” — has set up a collaboration between IBM, Chinese company Semptian, and U.S. chip manufacturer Xilinx. Together, they have worked to advance a breed of microprocessors that enable computers to analyze vast amounts of data more efficiently.
Shenzhen-based Semptian is using the devices to enhance the capabilities of internet surveillance and censorship technology it provides to human rights-abusing security agencies in China, according to sources and documents. A company employee said that its technology is being used to covertly monitor the internet activity of 200 million people.