Apple apologizes for Group FaceTime eavesdropping bug; will issue fix and re-enable feature next week

“Apple has apologised over a major FaceTime bug that let people listen in on others’ iPhones,” Andrew Griffin reports for The Independent. “A fix has now been developed and will be with users next week, it said.”

An Apple spokesperson told The Independent:

We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.

We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.

Read more in the full article here.

MacDailyNews Take: Good for Apple for recognizing that their process for receiving bug reports from the general public and acting on those that are of critical importance is broken and needs to be fixed.

As per the issue of properly testing software prior to release, Apple’s Group FaceTime was delayed back in August 2018 and did not debut in iOS 12 on September 17, 2018 but in iOS 12.1 on October 30, 2018, the day of Apple’s iPad Pro event. Was it rushed in order to meet Apple’s event deadline? In hindsight, it seems so.

SEE ALSO:
Canadian law firm applies for class action lawsuit against Apple over FaceTime eavesdropping bug – January 31, 2019
New York state begins probe into Apple’s slow response to FaceTime eavesdropping flaw – January 30, 2019
Apple sued over FaceTime bug that lets people eavesdrop – January 30, 2019
Apple was alerted about FaceTime eavesdropping bug days ago, did nothing – January 29, 2019
Apple, champion of ‘privacy,’ utterly blows it with massively stupid FaceTime bug – January 29, 2019
Apple to patch audio bug in FaceTime that allows users to hear audio and see video from users who have not yet accepted a call – January 29, 2019
Apple CEO Cook calls for U.S. Congress to pass comprehensive federal privacy legislation in TIME op-ed – January 17, 2019
Apple releases iOS 12.1 with Group FaceTime, Depth Control in Camera, and more – October 30, 2018
Group FaceTime is only the latest of many Apple technologies to be delayed – August 17, 2018
Apple removes Group FaceTime from iOS 12 and macOS Mojave, delays launch to later this year – August 13, 2018
Apple CEO Cook promotes privacy as ‘fundamental human right’ via tweetstorm; asks ‘What kind of world do we want to live in?’ – October 24, 2018
Open letter to Tim Cook: Apple needs to do better – January 5, 2015

6 Comments

  1. “acting on those…is broken and needs to be fixed.”
    No, their process for responding to whiney snowflake liberals is broken. You GOT to let them know from day one that they are the most special and wonderful bug reporter in the WORLD! A holiday in their honor is probably not out of the question.

    1. ::buzz::

      When a critical (privacy-violating) exploit is publicly disclosed and easily/immediately reproducible (my non-techie friends were reproducing it quickly), you do not wait 48 hours to block it.

      1. When a whiny security researcher publicly discloses an easily/immediately reproducible exploit, the security researcher is at fault. Even the most NEEDY professionals understand you provide 30 days, so 48 hours of analysis to determine how to disable this while maintaining the MILLIONS of other active connections is herculean.

        When you’re a liberal whiny teen and a mother that thinks her son deserves a nice trophy…. well, you’re definitely not professionals 🙂 I’m sure you think that this is the ONLY exploit Apple had communicated to them in January.

  2. The only person ever affected was the kid who tripped over it by accident. If he would have not publicized it because mom thought Apple wasn’t moving fast enough, no one else would have ever known. Probably with bug reward $$$ in their eyes,

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.