Apple Was Apparently Notified About Major FaceTime Eavesdropping Bug Over a Week Ago [Updated]

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 29, 2019.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    While it only made the news yesterday, it appears Apple was alerted to a major FaceTime privacy bug over a week ago.

    [​IMG]

    Twitter user MGT7500 tagged the official Apple Support account in a January 20 tweet claiming that her 14-year-old son discovered a "major security flaw" that allowed him to "listen in to your iPhone/iPad without your approval." The user also tagged Tim Cook on the issue in a follow-up tweet on January 21.


    Once the bug started making headlines on Monday, the Twitter user then shared additional tweets claiming that they had also emailed Apple's product security team over a week ago. A screenshot of the email was shared, and it appears the team did respond, but what they said is not visible in the screenshot.


    The user acknowledges having wanted to receive a monetary reward under Apple's bug bounty program, but she claims she still proceeded to alert Apple to the bug by phone, fax, and with an official bug report nonetheless. She also wanted to keep the bug private, but she did tweet Fox News about it.

    All in all, there is evidence that Apple Support was tagged about an eavesdropping bug eight days before it made headlines, and if the rest of the tweets are truthful, the company was also alerted about the bug via several other avenues.

    Apple has temporarily disabled Group FaceTime, as adding your own phone number to a FaceTime call was the underlying cause of the bug, while it rushes to prepare a software update with a permanent fix. Apple said that update will arrive "later this week," but it wouldn't be surprising to see it today.

    Apple did not immediately respond to our request for comment about when it discovered the bug and how long it existed.

    Update: John Meyer reached out to the Twitter user and has shared a video about the FaceTime bug that he says was recorded and sent to Apple on January 23. Meyer has apparently confirmed the veracity of this info by phone.


    Article Link: Apple Was Apparently Notified About Major FaceTime Eavesdropping Bug Over a Week Ago [Updated]
     
  2. drinkingtea, Jan 29, 2019
    Last edited: Jan 29, 2019

    drinkingtea macrumors regular

    drinkingtea

    Joined:
    Jan 31, 2016
    #2
    Wow. Apple should have been more transparent about this issue and it should have immediately disabled Group FaceTime. Immediately. For a company that touts privacy and security as its main focus, this is inexcusable.
     
  3. motm95 macrumors regular

    Joined:
    Aug 19, 2010
    #3
    If true, this is not good given the the true severity of this bug.
     
  4. Rob_2811 macrumors 68000

    Joined:
    Mar 18, 2016
    Location:
    United Kingdom
    #4
    "We must keep fighting for the kind of world we want to live in. On this #DataPrivacyDay let us all insist on action and reform for vital privacy protections. The dangers are real and the consequences are too important."

    Tim Cook - January 28th 2019.
     
  5. Bornee35 macrumors 6502

    Bornee35

    Joined:
    May 6, 2013
    Location:
    Canada
    #5
    "She also wanted to keep the bug private, but she did tweet Fox News about it." riiiigghhhtt
     
  6. newyorksole macrumors 68040

    Joined:
    Apr 2, 2008
    Location:
    New York.
    #6
    Wow. I’m actually surprised Apple didn’t take action sooner. Seems like they care more when these things make headlines.

    But also, I’m sure not a ton of people discovered this.
     
  7. Rob_2811, Jan 29, 2019
    Last edited: Jan 29, 2019

    Rob_2811 macrumors 68000

    Joined:
    Mar 18, 2016
    Location:
    United Kingdom
    #7
    Once the issue was already making headlines. The tweet that tags Fox is from yesterday
     
  8. pat500000 macrumors G3

    pat500000

    Joined:
    Jun 3, 2015
    #8
    A week ago? It was intentional then. If alerted and didn’t resolve it asap...it was intentional,

    Tim (FaceTime bug iPhone recording: it’s okay phill....enhancing our phone price will be amazing...
     
  9. otternonsense, Jan 29, 2019
    Last edited: Jan 29, 2019

    otternonsense macrumors 65816

    otternonsense

    Joined:
    Jul 25, 2016
    Location:
    Berlin
  10. Plutonius macrumors 604

    Plutonius

    Joined:
    Feb 22, 2003
    Location:
    New Hampshire, USA
  11. flakk-jakket macrumors newbie

    flakk-jakket

    Joined:
    Jan 2, 2019
    Location:
    AZ
    #11
    Asking for money + going to FOX "news" = zero credibility
     
  12. Rob_2811, Jan 29, 2019
    Last edited: Jan 29, 2019

    Rob_2811 macrumors 68000

    Joined:
    Mar 18, 2016
    Location:
    United Kingdom
    #12
    Again, it was already public by time she tweeted Fox/CNN/CNBC. Nothing wrong with claiming a bug bounty either.

    EDIT: Just seen the message she sent to Fox 8 days ago, no idea what she did that for, still Apple should've responded to her emails.
     
  13. 12vElectronics macrumors 68040

    12vElectronics

    Joined:
    Jul 19, 2013
    Location:
    California
    #13
    This is the turning point for me regarding privacy. Apple has lost my trust.
     
  14. Plutonius macrumors 604

    Plutonius

    Joined:
    Feb 22, 2003
    Location:
    New Hampshire, USA
    #14
    I think the trust patch was lost after all the issues in the MacBook Pro.

    It's obvious to most that Apple is a large corporation that is concerned primarily with stock prices.
     
  15. ugahairydawgs macrumors 68030

    ugahairydawgs

    Joined:
    Jun 10, 2010
    #15
    :confused:

    Truthfully though....this is a major blunder on Apple's part. I'm sure they get an inordinate amount of bug reports, both major and minor, every day. But when someone puts this on your radar on multiple fronts and it goes completely unanswered it's a sign that the review process if fundamentally flawed.

    If this lady reported it on the 21st the Group FaceTime service should have been offline no later than the 22nd and there should have been a press release detailing the issue and the corrective action. Instead it sat there for a week until it blew up in their face.

    No way to spin this other than a massive failure by Apple. Hopefully they learn from it and are better for it going forward.
     
  16. iapplelove macrumors 601

    iapplelove

    Joined:
    Nov 22, 2011
    Location:
    East Coast USA
  17. ugahairydawgs macrumors 68030

    ugahairydawgs

    Joined:
    Jun 10, 2010
    #17
    Group FaceTime isn't a thing pre-iOS 12.1
     
  18. givemeanapple macrumors Demi-God

    givemeanapple

    Joined:
    Oct 2, 2016
    Location:
    Earth
    #18
    Yet they claim they care about privacy, marketing 101.
    I wonder how can people still defend Apple in this case.
     
  19. Solver macrumors 6502a

    Joined:
    Jan 6, 2004
    Location:
    Cupertino, CA
    #19
    It’s hard for some unknown individual to talk about some very important issue with most big corporations.
     
  20. I7guy macrumors P6

    I7guy

    Joined:
    Nov 30, 2013
    Location:
    Gotta be in it to win it
    #20
    What does that mean? You’re going android?
     
  21. MarkB786 macrumors 6502a

    Joined:
    Sep 20, 2016
    Location:
    Rocky Mountains, USA
    #21
    Well, I guess Apple is just like everyone else, despite all their marketing communique about being all ethical and stuff. "What happens on your iPhone stays on your iPhone" was the recent ad. This scandal is the exact opposite of that.
     
  22. omihek macrumors 6502

    omihek

    Joined:
    May 3, 2014
    Location:
    Salt Lake City, UT
    #22
    Ok then why did they only disable Group FaceTime yesterday? Seriously, Apple, how many people had their privacy infringed in the last 8 days? Not cool.
     
  23. RickInHouston macrumors 65816

    Joined:
    May 14, 2014
    #23
    Wait. Did people really think this was discovered just hours ago? Do you think apple only knew about it within the past few hours of issuing a statement?

    Gullible.
     
  24. Plutonius macrumors 604

    Plutonius

    Joined:
    Feb 22, 2003
    Location:
    New Hampshire, USA
    #24
    So in this case, iOS 10 has better security than iOS 12 :).
     
  25. 12vElectronics macrumors 68040

    12vElectronics

    Joined:
    Jul 19, 2013
    Location:
    California
    #25
    Oh gosh no. Just going to start taking privacy concerns more seriously. I used to brush it all off.
     

Share This Page