New York Officials Investigating Apple's FaceTime Eavesdropping Bug

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 30, 2019.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    New York Attorney General Letitia James and Governor Andrew Cuomo are investigating the FaceTime eavesdropping bug on iOS devices that allowed a person to FaceTime another person and hear conversations and see videos even when the call was not answered.

    According to Bloomberg, the New York officials will be focusing on Apple's failure to warn consumers about the bug and its slow response.

    How the FaceTime eavesdropping bug worked​

    The FaceTime eavesdropping bug was widely publicized on Monday, and several hours after information on how to execute the exploit spread, Apple disabled the Group FaceTime servers.
    Apple is planning to release a software fix that will solve the bug and will allow the company to bring Group FaceTime back online. That update is expected sometime this week.

    While the glitch was not widely known until Monday afternoon, Apple was informed about the bug more than a week prior. The person who contacted Apple said that Apple did not respond to multiple attempts to notify the company about the issue.

    It's not entirely clear if Apple knew about the bug and was working on a fix internally at the time that it became widespread, but if so, Apple certainly left it functional and did not move to disable Group FaceTime until forced to do so. For that reason, it's not known how long the bug has been present in iOS and how long people may have been quietly exploiting it.

    In addition to the inquiry from New York officials, Apple is also facing a lawsuit over the issue. Yesterday, an attorney said the FaceTime bug allowed an unknown person to listen in on sworn testimony during a client deposition.

    Article Link: New York Officials Investigating Apple's FaceTime Eavesdropping Bug
     
  2. theheadguy macrumors 65816

    Joined:
    Apr 26, 2005
    Location:
    california
    #2
    Ease up on them. I’m sure they were just busy innovating :/

    I’m not sure I’m a fan of Apple anymore.
     
  3. sdf macrumors regular

    sdf

    Joined:
    Jan 29, 2004
    #3
    Looking over the description of how the discoverer reported the bug to Apple, it's not quite perfect. But there's no chance I'd blame the reporter. Apple could have and should have responded better to them, because asking an end user to file a bug report in Radar is not reasonable.

    Yes, Radar is how Apple communicates with itself. But in this case the person on the other end of product-security@apple.com could have literally opened bug reporter himself, typed "some guy is reporting we have a security problem" as the summary and gone from there, pasting emails in as they arrived. Apple would be better off than they are now.
     
  4. cmaier macrumors G5

    Joined:
    Jul 25, 2007
    Location:
    California
    #4
    Maybe we will finally get a decent way to report and track bugs.
     
  5. keysofanxiety macrumors G3

    keysofanxiety

    Joined:
    Nov 23, 2011
    #5
    It’s a really bad bug, but boy — with all these recent articles about Google and Facebook, something just seems a little off.

    All these in-depth investigations and lawsuits related to security/privacy bugs seem to target Apple, yet flagrant and deliberate privacy violations seem to almost go unchecked or dismissed.

    Regardless, it’s not the first time this has happened where media attention seems to “resolve” an Apple bug faster than a bug report does (Calculator iOS app being a prime example). Hopefully this will finally kick Apple into gear with rethinking how they address bugs logged and keep communication between their teams.
     
  6. dannyyankou macrumors 604

    dannyyankou

    Joined:
    Mar 2, 2012
    Location:
    Scarsdale, NY
    #6
    Investigate Facebook and google too while you’re at it
     
  7. AngerDanger, Jan 30, 2019
    Last edited: Jan 30, 2019

    AngerDanger macrumors 68040

    AngerDanger

    Joined:
    Dec 9, 2008
    #7
    Too late, Apple. I've already switched to Android where I know my personal information is kept safe!

    ;):p
     
  8. pat500000 macrumors G3

    pat500000

    Joined:
    Jun 3, 2015
    #8
    Apple...the new facebook. New ceo: Tim Zuckerberg.
     
  9. Lalov001 macrumors newbie

    Joined:
    Oct 6, 2011
    Location:
    Mexico
    #9
    PR stunt. I don't think they care about New Yorkers' privacy otherwise they would have investigated Facebook, Amazon (Alexa recordings bug) and Google.
     
  10. Seoras macrumors 6502

    Seoras

    Joined:
    Oct 25, 2007
    Location:
    Scotsman in New Zealand
    #10
    $20 Billion profit and a bug. The vultures are circling.

    It always makes me feel better, as a software engineer, when someone like Apple f's up like this. Reminds me that even the guys at the top of their game are capable of howlers like this one too.
     
  11. trusso macrumors 6502

    Joined:
    Oct 4, 2003
    #11
    I have a lot of criticisms of Apple, but their response to the Group FaceTime bug is not one of them. I don't know what the Governor's office is looking to gain from this... but they're looking to gain something. o_O Government officials generally don't get off their asses unless there is something in it for them.

    iu-1.jpeg
     
  12. Jeff750 macrumors member

    Joined:
    Jan 26, 2013
    Location:
    Eastern time zone
    #12
    I think this thing is completely overblown. You have to set up a GROUP FaceTime call then PURPOSELY add your own number. And this only lasts as long as it takes for the other party to pick up the call or for the call to go to voicemail. This is TOTALLY overblown.
     
  13. 2010mini macrumors 68040

    Joined:
    Jun 19, 2013
  14. Speechless macrumors 6502a

    Joined:
    Mar 5, 2015
    Location:
    Non-gentrified Brooklyn.
    #14
    This is so..weird. I don't even see this as "Apple" anymore. No innovation with the balls to jack products to asinine prices while their competitors are innovating their a**** off, more focus on campuses and weird services like streaming/original content over hardware, and most importantly, they knew about a flaw in security (no matter what scope), and despite the various advertisments/assurances about how seriously they take security..they willingly pushed it to the side? That was like..the one thing I was confident that they would never screw around with.
     
  15. twistedpixel8 macrumors regular

    twistedpixel8

    Joined:
    Jun 9, 2017
    #15
    Did you miss the part about the receiving party silencing the call starting the video feed too?
     
  16. busuan macrumors member

    Joined:
    Feb 24, 2016
    #16
    Does NY government get a penalty if it later proves no foul play involved?
     
  17. Macalway macrumors 68030

    Joined:
    Aug 7, 2013
    #17
    A decent drama. If they were negligent it's gonna cost them plenty.
     
  18. HenryFSU macrumors newbie

    HenryFSU

    Joined:
    Jul 8, 2015
    Location:
    Orlando, FL
    #18
    They first officially heard about it Monday and killed it off Monday. People act like Apple sat on this for months or something.
    Just cause you tweet Apple that you found a bug it does not get seen by the right folks. Can you imagine how many tweets Apple gets in one hour, not to mention a whole day?
     
  19. calzon65 macrumors 6502a

    calzon65

    Joined:
    Jul 16, 2008
  20. Rogifan macrumors Core

    Rogifan

    Joined:
    Nov 14, 2011
    #20
    Of course they are. Just like when Al Franken got on his soapbox right after Touch ID was released. Politicians are morons looking for attention.
     
  21. genovelle macrumors 6502a

    Joined:
    May 8, 2008
    #21
    So, with hundreds of thousands of beta testers unable to find this bug after 5 betas Apple is to blame for not testing it enough? I guess you prefer Google who purposely hacked Safari to track people who selected do not track. Their intimate access came from being a partner and exploiting it.
     
  22. HenryFSU macrumors newbie

    HenryFSU

    Joined:
    Jul 8, 2015
    Location:
    Orlando, FL
    #22
    Al who? LOL
     
  23. apolloa macrumors G4

    Joined:
    Oct 21, 2008
    Location:
    Time, because it rules EVERYTHING!
    #23
    Well things certainly just got interesting around here.. I think that’s the quote from Wreck It Ralph? That’s in relation to this article..

    With reference to Google and especially Facebook, what’s new? The media will go back to Facebook, maybe Google soon enough. In fact more pressure and media attention here in the UK is being brought into the social media giants and their rather complete lack of any social responsibility what so ever... it will not end well for them or the people’s liberties, but that’s the road it’s going down.
    So they are in the news, but for more important things that are costing lives.
     
  24. Speechless, Jan 30, 2019
    Last edited: Jan 30, 2019

    Speechless macrumors 6502a

    Joined:
    Mar 5, 2015
    Location:
    Non-gentrified Brooklyn.
    #24
    I didn't say I prefer any company over the other here - which is why I said I held Apple to a standard of this not being anything close to something like them. It doesn't matter if 15 million testers were unable to find the bug. Apple knew of the problem a week prior to the public freakout. Not faulting it being a mistake - but their response. Like I said, no matter the scope, they assured this type of thing would not happen.
     
  25. Baymowe335, Jan 30, 2019
    Last edited: Jan 31, 2019

    Baymowe335 macrumors 68040

    Joined:
    Oct 6, 2017
    #25
    Look at your alternatives.

    At least Apple tries to keep your data safe, yours, private, and secure. Mistakes happen.

    Look at Google and Facebook. They have no shame in collecting your data, with or without your knowledge. The difference is, Apple didn't do this on purpose. I still think someone should be fired at Apple for this, but it's not company policy to record what you do as it is with Android.

    Basically, Apple is the best we have for privacy and security...and it isn't close, mistakes and all.
     

Share This Page