Texas Software Engineer Daven Morris Also Reported FaceTime Bug to Apple One Day Before it Made Headlines

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 8, 2019.

  1. MacRumors macrumors bot


    Apr 12, 2001

    In a support document outlining the security content of iOS 12.1.4, Apple credited both 14-year-old Grant Thompson of Catalina Foothills High School in Tucson, Arizona and Daven Morris of Arlington, Texas with reporting a major Group FaceTime bug to the company that allowed users to eavesdrop on others.


    Thompson and his mother are widely known for being the first people to discover and report the bug to Apple, over a week before it made headlines on January 28, but nothing was known about Morris until now.

    The Wall Street Journal today shared a few details about Morris, noting he is a 27-year-old software engineer who reported the bug to Apple on January 27, several days after the Thompsons but one day before it made headlines. He apparently discovered the bug a week earlier while planning a group trip with friends.


    Apple on Thursday said it will compensate the Thompson family for finding and reporting the bug and make an additional gift toward Grant Thompson's education. Apple hasn't disclosed the exact sums of the donations. It's unclear if Morris will also be compensated by the company for reporting the bug.

    In a statement issued to MacRumors, Apple apologized for the bug a second time and assured customers that it has been fixed in iOS 12.1.4, as has a previously unreported vulnerability in the Live Photos feature of FaceTime:
    Apple has reenabled its Group FaceTime servers, but the feature will remain permanently disabled on iOS 12.1 through iOS 12.1.3.

    Widely publicized last month, the FaceTime bug allowed one person to call another person via FaceTime, slide up on the interface and enter their own phone number, and automatically gain access to audio from the other person's device without that person accepting the call. In some cases, even video was accessible.

    We demonstrated the bug in a video at the time:

    Apple already faces a lawsuit in Texas, a proposed class action lawsuit in Canada, questions from a U.S. Congress committee, and an investigation by New York officials over the bug and its serious privacy implications.

    Article Link: Texas Software Engineer Daven Morris Also Reported FaceTime Bug to Apple One Day Before it Made Headlines
  2. Goompa, Feb 8, 2019
    Last edited: Feb 8, 2019

    Goompa macrumors member


    Oct 29, 2018
    And this is only engineers that made it to the media, could you imagine other ones doing the same who didn’t have the opportunity/ didn’t want to hesitate letting apple know about the issue?

    I’ve got this feeling: macOS is long gone! :( I was one of those weirdos that liked Windows 8’s fresh air.
  3. x-evil-x macrumors 68040


    Jul 13, 2008
    Who cares who supposidly “discovered” the flaw first. Really do we need an article for this?
    Nobody cares
  4. Baymowe335 macrumors 68040

    Oct 6, 2017
    Who cares?

    Apple clearly states they don’t confirm bugs publicly before fixes are availabale and that makes sense.
  5. neuropsychguy, Feb 8, 2019
    Last edited: Feb 8, 2019

    neuropsychguy macrumors 65816


    Sep 29, 2008
    I'm sorry but I don't understand your comment. I read it 5 times and am not sure what you're saying.
  6. Goompa macrumors member


    Oct 29, 2018
    Sorry but I was loading my OS: I think that there are other engineers researching for other bugs in macOS, but since there’s no reward program they might not hesitate letting society or Apple know about the issue.
  7. az431 macrumors 6502a


    Sep 13, 2008
    Portland, OR
    Is there going to be an article about each and every person that discovers a bug?

    Someone found a bug, reported it, and Apple fixed it. Let's move on.
  8. x-evil-x macrumors 68040


    Jul 13, 2008
    My nephews sister who is 3 years old discovered it first. You heard it here first.
  9. Rogifan macrumors Core


    Nov 14, 2011
    No it doesn’t matter but this kid and his mother got plenty of national attention over it. I see no problem with reporting on the fact someone else made Apple aware of this too.
  10. x-evil-x macrumors 68040


    Jul 13, 2008
    It does not matter. Doesn’t change your life why should you care?
  11. vicviper789 macrumors regular

    Jun 5, 2013
    My cousins nieces dogs younger brother also discovered this bug, can I have an article?
  12. scrapesleon macrumors 6502a


    Mar 30, 2017
    Cough*** one day before it made headlines
  13. recoil80 macrumors 68020

    Jul 16, 2014
    I just filed a radar about a bug in their webview, can I get my article?
  14. Daveoc64 macrumors 601

    Jan 16, 2008
    Bristol, UK
    There might be a possibility that Apple took the bug report from the developer more seriously than the report from a child.
  15. DNichter macrumors G3


    Apr 27, 2015
    Philadelphia, PA
    I am not sure why this matters. It's a bug, it's fixed. Issues will always occur, but Apple at least has a good reputation for quickly addressing it. That's all I ask.
  16. repoman016 macrumors member


    Mar 28, 2017
    I think it matters because its not a "my text box wont go to portrait mode" bug, its a privacy "this person can see what im doing without me answering the facetime" bug.
    BIG difference.

    Edit: I do agree tho we dont need to know the life story of who found it if thats more to what you were referring to
  17. yaxomoxay macrumors 68030


    Mar 3, 2010
    as painful as it is to admit it, at this point in time I slightly prefer Windows 10 over macOS - in terms of usability.
  18. TonyC28 macrumors 65816


    Aug 15, 2009
    Unless this bug was installed intentionally by some rogue engineer this story needs to go away.
  19. anek007 macrumors regular

    Jul 30, 2014
    So this guy wants some attention and gifts from Apple? Hahaha
  20. Jimmy James macrumors 601

    Jimmy James

    Oct 26, 2008
    So, your niece? Smart kid.
  21. russofris macrumors regular

    Mar 20, 2012
    I'm relatively certain that LEA's have been using this (or related) Facetime vulnerability since at least Nov of 2018.

    IE: Prior to serving an arrest warrant, the NYSPD will ping an iPhone user with a Facetime request that drops as soon as the user examines their phone.
  22. farewelwilliams macrumors 68000

    Jun 18, 2014
    Texas software engineer also wants in on the bounty
  23. ocnitsa macrumors 6502

    Jan 24, 2011
  24. DNichter macrumors G3


    Apr 27, 2015
    Philadelphia, PA
    Yea, I get the bug is important, but more so how it was found seems unimportant to me. Either way though, Apple responded and squashed it. It will push them to tighten up quality control even more so - win / win to me.
  25. sdf macrumors regular


    Jan 29, 2004
    I think that's very likely, as he probably reported it through Radar. It's no ribbon on Apple (quite the opposite), but they really do work through Radar.
    --- Post Merged, Feb 8, 2019 ---
    Yes, you do. Some people report to make a product better, some report for the bounty… and some report for credit.

    Give credit properly or that last group won't bother and the products will suffer for it.

Share This Page