Scary new Apple Watch vulnerability gets popular app disabled while a fix is being worked on

Scary new Apple Watch vulnerability gets popular app disabled while a fix is being worked on
The market-leading Apple Watch lineup owes its immense popularity to not only a groundbreaking slew of life-saving technologies, but also a very convenient batch of smooth wrist communication features. In addition to (optional) cellular connectivity built directly into the last two generations of the iPhone-compatible wearable device, a nifty app called Walkie-Talkie was released in 2018 with push-to-talk capabilities.

This received a lot of attention when the watchOS 5 update was made available, supporting Series 1 through 4 Apple Watches and looking like a handy alternative for traditional voice calls and text messages, especially on GPS-only variants of the world's top-selling smartwatch family. Of course, the buzz quickly faded, but the Walkie-Talkie functionality is now back in the spotlight... for all the wrong reasons.

Major vulnerability discovered, app disabled

While Apple's operating systems are generally viewed as more secure than their (Google or Microsoft-made) counterparts, no such complicated piece of software can ever be truly infallible. The thing that often sets the Cupertino-based tech giant apart from the competition is the way it responds to internal or external discoveries of security issues. 

Case in point, it seems that Apple reacted to reports of this latest "vulnerability related to the Walkie-Talkie app" very promptly, disabling the function before the flaw could ever be exploited out in the wild and obviously working on a fix to be deployed as soon as possible. While we don't know the "specific conditions and sequences of events" a potential malicious agent could have employed to exploit the vulnerability against actual users, its nature sounds pretty scary.

Apparently, the flaw could have allowed a skilled enough hacker to "listen through another customer's iPhone without consent." No further details are provided as to how far this invasion of privacy could have gone, but you can probably understand why Apple needed to take such quick, decisive, and extreme action, basically rendering the Walkie-Talkie functionality useless while cooking up a fix. 

This delicate situation brings to mind that highly publicized Group FaceTime bug from around six months back, which Apple handled with far less care and decisiveness. It's safe to say the company has learned from that particular mistake, listening more closely to user reports of security vulnerabilities.

What exactly is Walkie-Talkie and why you should (not) be worried

We could definitely explain how the app works in 100 or so words, but we'd rather leave the talking to Apple's official 2-minute promo video, which covers all the key points in great detail. While somewhat gimmicky, we can absolutely understand why certain users would find Walkie-Talkie useful in certain scenarios when writing a text or making a call on their iPhone is simply not as convenient.

Video Thumbnail

At the same time, it's worth highlighting that you need to set up the Facetime app on your iPhone and be able to make and receive FaceTime audio calls to get Walkie-Talkie on your Apple Watch (Series 1 or later) up and running. That essentially means this security flaw is also related indirectly to FaceTime, which is definitely not a good look for the otherwise incredibly popular video and audio communication service.

At the end of the day, although iPhone and Apple Watch users have every reason to be annoyed by these discoveries and the temporary deactivation of the Walkie-Talkie app, the important thing to remember is this particular vulnerability was never exploited (at least to Apple's current knowledge) and the functionality will be restored "as soon as possible." 

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless