- An Arizona teenager and his mother tried for more than a week to persuade Apple to fix its FaceTime bug – which allows users in a group chat to secretly hear what someone is saying before the person answers the call – to no avail, according to a Wall Street Journal report published Tuesday.
- The 14-year-old apparently discovered the vulnerability on January 20 while setting up a “Fortnite” gaming session with his friends.
- After posting on social media and calling and faxing the company, the woman finally spoke to an Apple support representative last Tuesday, The Journal reported.
- She emailed a description of the issue and a YouTube video replicating the bug to Apple’s security team last Friday, but the FaceTime group-chat feature was not disabled until Monday after word spread widely on social media.
An Arizona teenager and his mother tried for more than a week to persuade Apple to fix its FaceTime bug to no avail, according to a Wall Street Journal report published Tuesday.
Michele Thompson told The Journal that her 14-year-old son, Grant, discovered the vulnerability – which allows FaceTime users in a group chat to secretly hear what someone is saying before the person answers the call – on January 20 while setting up a “Fortnite” gaming session with his friends.
That day, Thompson started posting on Twitter and Facebook to try to alert the company and warn others about the bug.
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport…waiting to hear back to provide details. Scary stuff! #apple #bugreport @foxnews
— MGT7 (@MGT7500) January 21, 2019
Thompson then sent faxes and called Apple directly, yielding a call last Tuesday from an Apple support representative, who told her the best avenue to voice her concerns would be filing a formal bug report with the company, The Journal reported. So Thompson registered as a developer and submitted the problem to Apple’s Bug Reporter program.
Apple’s security team responded to Thompson on Wednesday, and on Friday she provided evidence of the issue, including a description and a YouTube video of her son replicating the bug, according to The Journal.
But the FaceTime group-chat feature remained live over the weekend and was not disabled until Monday, after word of the privacy vulnerability spread widely on social media.
When Business Insider asked Apple why the concerns were not addressed earlier, it declined to provide information beyond a statement saying it “identified a fix that will be released in a software update later this week.”
Apple has often touted itself as the leader in privacy among Silicon Valley giants, making thinly veiled digs at rivals like Facebook and, most recently, paying for a billboard at the CES conference in Las Vegas this month to spread its privacy-first message.
Ironically, the FaceTime bug went viral on Data Privacy Day, on which Apple CEO Tim Cook called for “action and reform” in privacy issues.
Thompson told The Journal she hoped her son might receive some form of reward in line with Apple’s bug-bounty program. She said in a Facebook post on Sunday seeking to alert Apple to the bug that he would like “an iPhone X, a MacBook and a new pair of AirPods for his trouble.”
Whether Apple grants his wish remains to be seen.
- Read more about the FaceTime privacy bug:
- Apple has disabled group FaceTime calls after it was humiliated on Data Privacy Day by a bug that lets people listen in on you
- How to turn off the FaceTime video-calling feature
- Apple’s FaceTime has a major bug that lets others listen in on you before you answer the call
Got a tip? Contact this reporter via Signal at +1 (209) 730-3387, email firstname.lastname@example.org, or direct message on Twitter @nickbastone.