Texas Software Engineer Daven Morris Also Reported FaceTime Bug to Apple One Day Before it Made Headlines

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 8, 2019.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    In a support document outlining the security content of iOS 12.1.4, Apple credited both 14-year-old Grant Thompson of Catalina Foothills High School in Tucson, Arizona and Daven Morris of Arlington, Texas with reporting a major Group FaceTime bug to the company that allowed users to eavesdrop on others.

    [​IMG]

    Thompson and his mother are widely known for being the first people to discover and report the bug to Apple, over a week before it made headlines on January 28, but nothing was known about Morris until now.

    The Wall Street Journal today shared a few details about Morris, noting he is a 27-year-old software engineer who reported the bug to Apple on January 27, several days after the Thompsons but one day before it made headlines. He apparently discovered the bug a week earlier while planning a group trip with friends.

    [​IMG]

    Apple on Thursday said it will compensate the Thompson family for finding and reporting the bug and make an additional gift toward Grant Thompson's education. Apple hasn't disclosed the exact sums of the donations. It's unclear if Morris will also be compensated by the company for reporting the bug.

    In a statement issued to MacRumors, Apple apologized for the bug a second time and assured customers that it has been fixed in iOS 12.1.4, as has a previously unreported vulnerability in the Live Photos feature of FaceTime:
    Apple has reenabled its Group FaceTime servers, but the feature will remain permanently disabled on iOS 12.1 through iOS 12.1.3.

    Widely publicized last month, the FaceTime bug allowed one person to call another person via FaceTime, slide up on the interface and enter their own phone number, and automatically gain access to audio from the other person's device without that person accepting the call. In some cases, even video was accessible.

    We demonstrated the bug in a video at the time:


    Apple already faces a lawsuit in Texas, a proposed class action lawsuit in Canada, questions from a U.S. Congress committee, and an investigation by New York officials over the bug and its serious privacy implications.

    Article Link: Texas Software Engineer Daven Morris Also Reported FaceTime Bug to Apple One Day Before it Made Headlines
     
  2. Goompa, Feb 8, 2019
    Last edited: Feb 8, 2019

    Goompa macrumors member

    Goompa

    Joined:
    Oct 29, 2018
    #2
    And this is only engineers that made it to the media, could you imagine other ones doing the same who didn’t have the opportunity/ didn’t want to hesitate letting apple know about the issue?

    I’ve got this feeling: macOS is long gone! :( I was one of those weirdos that liked Windows 8’s fresh air.
     
  3. x-evil-x macrumors 68040

    x-evil-x

    Joined:
    Jul 13, 2008
    #3
    Who cares who supposidly “discovered” the flaw first. Really do we need an article for this?
    Nobody cares
     
  4. Baymowe335 macrumors 68040

    Joined:
    Oct 6, 2017
    #4
    Who cares?

    Apple clearly states they don’t confirm bugs publicly before fixes are availabale and that makes sense.
     
  5. neuropsychguy, Feb 8, 2019
    Last edited: Feb 8, 2019

    neuropsychguy macrumors 65816

    neuropsychguy

    Joined:
    Sep 29, 2008
    #5
    I'm sorry but I don't understand your comment. I read it 5 times and am not sure what you're saying.
     
  6. Goompa macrumors member

    Goompa

    Joined:
    Oct 29, 2018
    #6
    Sorry but I was loading my OS: I think that there are other engineers researching for other bugs in macOS, but since there’s no reward program they might not hesitate letting society or Apple know about the issue.
     
  7. az431 macrumors 6502a

    az431

    Joined:
    Sep 13, 2008
    Location:
    Portland, OR
    #7
    Is there going to be an article about each and every person that discovers a bug?

    Someone found a bug, reported it, and Apple fixed it. Let's move on.
     
  8. x-evil-x macrumors 68040

    x-evil-x

    Joined:
    Jul 13, 2008
    #8
    My nephews sister who is 3 years old discovered it first. You heard it here first.
     
  9. Rogifan macrumors Core

    Rogifan

    Joined:
    Nov 14, 2011
    #9
    No it doesn’t matter but this kid and his mother got plenty of national attention over it. I see no problem with reporting on the fact someone else made Apple aware of this too.
     
  10. x-evil-x macrumors 68040

    x-evil-x

    Joined:
    Jul 13, 2008
    #10
    It does not matter. Doesn’t change your life why should you care?
     
  11. vicviper789 macrumors regular

    Joined:
    Jun 5, 2013
    #11
    My cousins nieces dogs younger brother also discovered this bug, can I have an article?
     
  12. scrapesleon macrumors 6502a

    scrapesleon

    Joined:
    Mar 30, 2017
    Location:
    Jamaica
    #12
    Cough*** one day before it made headlines
     
  13. recoil80 macrumors 68020

    Joined:
    Jul 16, 2014
    #13
    I just filed a radar about a bug in their webview, can I get my article?
     
  14. Daveoc64 macrumors 601

    Joined:
    Jan 16, 2008
    Location:
    Bristol, UK
    #14
    There might be a possibility that Apple took the bug report from the developer more seriously than the report from a child.
     
  15. DNichter macrumors 604

    DNichter

    Joined:
    Apr 27, 2015
    Location:
    Philadelphia, PA
    #15
    I am not sure why this matters. It's a bug, it's fixed. Issues will always occur, but Apple at least has a good reputation for quickly addressing it. That's all I ask.
     
  16. repoman016 macrumors member

    repoman016

    Joined:
    Mar 28, 2017
    Location:
    Ohio
    #16
    I think it matters because its not a "my text box wont go to portrait mode" bug, its a privacy "this person can see what im doing without me answering the facetime" bug.
    BIG difference.

    Edit: I do agree tho we dont need to know the life story of who found it if thats more to what you were referring to
     
  17. yaxomoxay macrumors 68030

    yaxomoxay

    Joined:
    Mar 3, 2010
    Location:
    Texas
    #17
    as painful as it is to admit it, at this point in time I slightly prefer Windows 10 over macOS - in terms of usability.
     
  18. TonyC28 macrumors 65816

    TonyC28

    Joined:
    Aug 15, 2009
    Location:
    USA
    #18
    Unless this bug was installed intentionally by some rogue engineer this story needs to go away.
     
  19. anek007 macrumors regular

    Joined:
    Jul 30, 2014
    #19
    So this guy wants some attention and gifts from Apple? Hahaha
     
  20. Jimmy James macrumors 601

    Jimmy James

    Joined:
    Oct 26, 2008
    #20
    So, your niece? Smart kid.
     
  21. russofris macrumors regular

    Joined:
    Mar 20, 2012
    #21
    I'm relatively certain that LEA's have been using this (or related) Facetime vulnerability since at least Nov of 2018.

    IE: Prior to serving an arrest warrant, the NYSPD will ping an iPhone user with a Facetime request that drops as soon as the user examines their phone.
     
  22. farewelwilliams macrumors 68000

    Joined:
    Jun 18, 2014
    #22
    Texas software engineer also wants in on the bounty
     
  23. ocnitsa macrumors 6502

    Joined:
    Jan 24, 2011
  24. DNichter macrumors 604

    DNichter

    Joined:
    Apr 27, 2015
    Location:
    Philadelphia, PA
    #24
    Yea, I get the bug is important, but more so how it was found seems unimportant to me. Either way though, Apple responded and squashed it. It will push them to tighten up quality control even more so - win / win to me.
     
  25. sdf macrumors regular

    sdf

    Joined:
    Jan 29, 2004
    #25
    I think that's very likely, as he probably reported it through Radar. It's no ribbon on Apple (quite the opposite), but they really do work through Radar.
    --- Post Merged, Feb 8, 2019 ---
    Yes, you do. Some people report to make a product better, some report for the bounty… and some report for credit.

    Give credit properly or that last group won't bother and the products will suffer for it.
     

Share This Page