FaceTime Bug Leads To Apple Flaw
Earlier this week, after a FaceTime bug within the popular iOS App devastated users of Apple products, the company said it will compensate 14-year-old Grant Thompson, and his family, for flagging the Apple flaw and reaching out to alert them more than a week before it garnered national attention.
The award amount was not disclosed, but Apple executives did say that in addition to alerting the company of the flaw and the fix, Thompson will also have college aid provided by Apple as well. Who knows, he may one day own the company but for now, he has saved a lot of users major embarrassment and the company many millions of dollars and loss of a loyal consumer base.
While investigating the bug, as reported by the Thompson family, Apple also discovered other security issues with involving Live Photos on FaceTime, but did not offer specifics or how it presented itself, but Apple assures consumers the new updates that fix the initial FaceTime flaw will fix these issues, as well.
However, Apple has disabled use of FaceTime LivePhotos on those devices of consumers who have yet update their products. If you disabled FaceTime, you’ll have to turn it back on in Settings to resume using the feature:
[To install the software updates on iOS devices, go to Settings -> General -> Software Updates and tap “Download and Install.” On a Mac, open the App Store and go to the Updates section.]
“It was crazy, I kept asking a coworker if she was having the same problem too, I felt violated.” – Gina H., 39, Poughkeepsie, NY.
If you are an avid Android user, like me, the latest Apple saga wasn’t something you cared about nor understood, except that everyone in your stratosphere who had an iPhone or an iPod was having a total meltdown about the “Apple flaw.”
The flaw was actually a bug, first reported Jan. 29 after people began sharing videos of on social media, only then was it reported to Apple’s 9to5Mac.
As more consumers reported the glitch, Apple temporarily disabled the GroupTime feature for all users on FaceTime later that day while it worked on eradicating the bug.
Upon investigation, Apple found the bug to be isolated to iPhones and iPads running on the iOS 12.1 operating systems and macOS Mojave systems running on Apple PCs and Macbooks running, both of which had recently added the Group feature.
One of the reasons Thompson, an Arizona high school freshman actually discovered the bug while starting a FaceTime group chat with friends on Jan. 19, 2019. He alerted his mother, Michele, who warned Apple using multiple methods of communication, notwithstanding phone calls, Tweets, emails, and faxes. For whatever reason, Apple did not take action, nor did they publicly issue or warn consumers of a potential problem with the feature.
That is – until it, the problem, itself, went viral and Apple customers were sharing their experiences on social media. Before long, Twitter was flooded with reports of “a massive FaceTime flaw Impacting current versions of iOS up to the latest iOS 12.1.” The flaw opened the feature up to massive privacy invasions by granting outside access to your iPhone.
This garnered the attention of other users and slight panic began to ensue – both among the public and among policymakers in D.C.
Essentially, the flaw could be exploited by allowing one to hear live audio on that of another even if the FaceTime call had been ignored. In a few some cases, the live video would still appear in instances where a volume control was used to dismiss incoming FaceTime calls.
What Happens Next?
In a statement on the matter and once a temporary fix was approved for consumer use, Apple apologized to customers saying, “Today’s software update fixes the security bug in Group FaceTime. We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security.”
“What I want to know is why it took so damn long to tell us anything?” – John, T., 27, Newark, NJ.
Apple rolled out software updates (iOS 12.1.4 and macOS Mojave 10.14.3) nine days after customers began to complain about the flaw and reserved making a public statement until time said the fix was ready for distribution. But had the damage been done to the company and its reputation as videos of the flaw in action continued to go viral on social media? That was a question for which members of Congress, too, wanted an answer.
“I feel like they tried to keep it a secret from us, to keep isnin the dark, but what if my 4-year old had gotten a hold of my phone? What if she FaceTimed my boss, by accident during a personal family conversation while talking to my parents?” – Gwen, P., 38, Sarasota, FL.
Apple CEO Tim Cook was sent a letter by sitting members of the U.S. House of Representatives, Frank Pallone (D-NJ) and Jan Schakowsky (D-IL) regarding the flaw, company’s lax response on Tuesday, Jan. 29, 2019 expressing how “deeply troubled” they were by Apple’s handling of the issue, especially with the growing use of growing us of Apple products by children and lack of transparency with parents. Citing available smartphone usage data, with on distribution, Pallone and Schakowsky expressed feeling that Apple has not been as forthcoming as they could be with the public and the extent of the feature’s vulnerability and/or exploitation, nor has Apple taken the proper measures to inform consumers.
Their letter begins, “Last week, Apple disabled Group FaceTime in a server-side shutdown mere hours after the flaw was made public. A fix was promised to arrive last week, but was later delayed for inclusion in a software update this week.”
It continues to say, “While mainstream media outlets caught wind of the vulnerability last week, Apple was reportedly notified of the issue more than two weeks ago. We also ask if there are other flaws in the video telephone product that have not been disclosed to the public?”
Democrats, Pallone (NJ) and Schakowsky (IL), also ask, in their letter, for details as to the timeline of events leading up to discovery of flaw, actions are taken to address the flaw and how safeguards as such failed, and what, if any, will now be set in place now and why such a long delay between the Thompson’s bug report to Apple and consumer reports on social media.
The Congressional letter also requests information regarding consumer privacy violations and whether Apple will make restitution.
Read the letter in full here.
Pallone and Schakowsky request Apple respond in writing by Tuesday, Feb. 19, 2019.
Apple is currently embroiled in a lawsuit with a Texas lawyer who claims a Group FaceTime bug allowed for eavesdropping on a deposition, similar suits are pending and if there is any relationship to the most recent flaws discovered by lay consumers, that will be determined at a later date.
“I don’t think anyone will get in trouble. It’s a whole lot of noise, very little action. Like with Facebook.” Porscha J., 53, Little Rock, AR
According to Reuters, the Pallone (D-) and Schakowsky (D-) letter arrived days after the State of New York Attorney General Letitia James announced a probe into the flaw and Apple’s response. In a statement, Governor Andrew Cuomo of New York called for a “full accounting of the facts” in accord with the consumer protection laws of New York.
The 14-year-old Thompson found the flaw in what could only be called “a fluke” while gaming, “Fortnite,” with friends. The discovery was organic and the family spent a week trying to get Apple to respond in the aforementioned calls, emails, faxes, and tweets. What remains a mystery is whether or not Apple kept a log of these complaints and the merit given to them.
It seems Apple has been able to fix the problem and avert any further issues, for now. Group FaceTime, however, will remain disabled. Apple attributes this to “an/ongoing issue.” They have since offered customers no timeline for rectifying issues on the GroupTime feature.
“They owe us answers, and, I want some, I pay too much money per month to not get some answers.” Jimmy W., 34, Palo Alto, CA
If ever there was a case for consumer advocacy, this is it, if nothing else because this matter circulated on social media for a significant amount of time before Apple issued a carefully worded and metered response that leaves many wondering whatthe concern was for the protection of the very loyal Apple consumer base or for stock market prices. There are early signs that perhaps Twitter felt this was a hoax of sorts.
A Twitter user identified as MGT7 posted screenshots of emails they said were sent to Apple to report the flaw in its early stages. There are emails aired Jan. 20:
and Jan. 22 offered as proof that communication with Apple had begun:
The latter states that a teenaged son of the poster found the flaw, this would indicate the message came from the Thompsons. What is not visible is a response for the son and the Twitter user indicates they have received none personally, as well. The email also attached a video recorded discussion of the of the flaw with an Apple registered employee.
Another report also mentions Apple was alerted to a “major security flaw” in the FaceTime feature that had been discovered by a teen, accidentally and reported to numerous sources. One news source has stated that because it is “currently not possible to edit a historical tweet on the service, this seemingly serves as a form of proof that the communication is genuine.”
There are also some questionable aspects to the Twitter account, however, that make it suspicious, including the date the account was open and the previous tweet history. There are indications that the user is familiar with Twitter and may have erased prior history or it is a fake account, possibly even a bot.
“I LOVE my iPhone, I just hope this isn’t permanent and I can feel better about using my iPhone again.” Julien G., 47, Springfield, MA.
The publication AppleInsider has been able to duplicate the flaw on a number of other Apple products like iPhone X, iPhone XR, and iPhone XS Max. They find that the issue is “non-bidirectional” and doesn’t seem to transfer in a mobile to laptop handoff.
Although Apple has specifically addressed the issue with an upgrade, the safest course of action and to preserve your privacy until confidence is restored, assume that all FaceTime calls can be listened to by unintended recipients.
AppleInsider has reached out to Apple about the issue and is awaiting a response. In the meantime, if you are considering an iOS upgrade, Forbes, has a wonderful piece that helps you to weigh the options with practical information for consumers about the current fixes to what could have been a much larger disaster for Apple, its consumers, and even our national security.
Disable FaceTime by navigating to Settings > FaceTime and toggling the FaceTime button to the off position.
What are your thoughts on Apple Flaw and FaceTime Bug? Don’t hesitate to discuss! Comment below, or shoot us an email. If interested, please send your thoughts to Outreach@ConsiderTheConsumer.com, find us on Twitter, Facebook, Instagram, LinkedIn, or even connect with us directly on our website! We look forward to hearing from all of you.
About the Author: Aisha K. Staggers is a writer, lecturer, and co-host and producer of “All Our Own” radio show and podcast and co-host of “Staggers State of Things” on the Dr. Vibe Show. Her work has been featured on MTV News, HuffPost, Blavity, Atlanta Blackstar, For Harriet, New York Review of Books and a host of other first-run publications and syndicated outlets. Find her on Twitter @AishaStaggers. For more of her work, check out her page here!