Apple to compensate 14-year-old who discovered the Group FaceTime eavesdrop bug

“Apple has said it will compensate the teenager who first found a security bug in Group FaceTime that allowed users to eavesdrop before a call was picked up,” Zack Whittaker reports for TechCrunch. “The bug was initially reported to Apple by 14-year-old Grant Thompson and his mother.”

“The payout will fall under Apple’s bug bounty, which incentivizes security researchers to claim a reward for privately submitting security bugs and vulnerabilities to the company,” Whittaker reports. “Apple will also offer an unspecified additional gift to Thompson’s education.”

Whittaker reports, “‘In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security,’ an Apple spokesperson told TechCrunch. ‘This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime.'”

Read more in the full article here.

MacDailyNews Take: Apple did the right thing in compensating

Update iOS now on all of your devices to restore access to Group FaceTime and Live Photos.

SEE ALSO:
Apple’s iOS 12.1.4 now available with Group FaceTime eavesdropping bug fixed – February 7, 2019
House Democrats demand answers from Apple on Group FaceTime eavesdropping flaw – February 6, 2019
Apple likely to pay reward to 14-year-old boy who found Group FaceTime eavesdropping bug – February 4, 2019
Apple’s iOS 12.1.4 is coming to fix the worst iPhone and iPad bug to date – February 2, 2019
Apple apologizes for Group FaceTime eavesdropping bug; will issue fix and re-enable feature next week – February 1, 2019
Canadian law firm applies for class action lawsuit against Apple over FaceTime eavesdropping bug – January 31, 2019
New York state begins probe into Apple’s slow response to FaceTime eavesdropping flaw – January 30, 2019
Apple sued over FaceTime bug that lets people eavesdrop – January 30, 2019
Apple was alerted about FaceTime eavesdropping bug days ago, did nothing – January 29, 2019
Apple, champion of ‘privacy,’ utterly blows it with massively stupid FaceTime bug – January 29, 2019
Apple to patch audio bug in FaceTime that allows users to hear audio and see video from users who have not yet accepted a call – January 29, 2019
Open letter to Tim Cook: Apple needs to do better – January 5, 2015

4 Comments

  1. Actually, the worst part is the extraordinary lengths that the mother had to go to report to Apple what her son found. The filing of Radars, and bug bounties are known by developers, but not by the general public. It was her perseverance that got this fixed. As far as discovering the bug, when I heard the series of actions needed to make it happen I thought “no wonder it wasn’t caught.” It didn’t sound like something that would normally be done. Therein lies the problem: all the testers inside Apple KNOW how you are supposed to use it, so they never encountered the bug when used abnormally.

Leave a Reply to Spark Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.