It looks like Apple was likely aware of FaceTime’s widely reported eavesdropping security flaw before it became a major story.
Although the majority of news stories have credited Twitter user Benji Mobb (@BmManski) with discovering the bug, new information has emerged indicating Apple was likely aware of the security flaw over a week ago, according to MacRumors’ Joe Rossignol.
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport…waiting to hear back to provide details. Scary stuff! #apple #bugreport @foxnews
— MGT7 (@MGT7500) January 21, 2019
@tim_cook This is real…trying to get Apple’s attention to get this addressed. I’m just a mom of a teenager who found a huge problem in your new update. I’ve verified it myself…someone from Apple should respond to us. https://t.co/S6qyXts6GF
— MGT7 (@MGT7500) January 21, 2019
Tweets dated to January 20th from Twitter user ‘@MGT7500′ that are also directed at Apple’s ‘@AppleSupport‘ Twitter account, detail the FaceTime Group Chat security flaw. Further, a follow-up tweet on the 21st from the same account reiterates the glitch.
Although it is possible Apple could have missed @MGT7500’s multiple attempts to contact the company, the number of avenues the person took make that scenario seem unlikely.
One of many emails sent to Apple 1 week ago attempting to report the Group FaceTime bug. @cnbc @cnn @foxnews @9to5mac pic.twitter.com/l9IFMZmKh6
— MGT7 (@MGT7500) January 29, 2019
FYI- I called, FB messaged, faxed, emailed and tweeted Apple exhaustively last week to no avail. Submitted official bug report also. Tried to keep it private b/c of the security concerns. Never heard from them.
— MGT7 (@MGT7500) January 29, 2019
As it stands right now, Apple has disabled FaceTime’s Group Calling feature. The company says it’s currently working on a fix for the bug that will be release later this week. The public version of iOS 12.2 is expected to solve the Group FaceTime eavesdropping issue.
The fact that the bug doesn’t exist in the iOS 12.2 public likely indicates Apple was aware of the glitch before January 28th.
VIDEO: Here is a video, recorded & sent to Apple by a 14 yr old & his mom, on JAN 23rd, alerting them to the dangerous #FaceTime bug, that has threatened the privacy of millions. I’ve removed sensitive / private info on behalf of the mother (an attorney), whom I just spoke to. pic.twitter.com/YIBKXEP3mI
— John H. Meyer (@BEASTMODE) January 29, 2019
For the bug to work prior to Apple disabling Group FaceTime chat, users needed to call a phone number and then add the number of an additional contact.
While waiting for the first person to pick up, if the second participant answers, the audio feed from the first contact is automatically turned on, allowing you to hear what their mic is picking up even if they don’t answer.
Update 02/01/2019: Apple has released the following statement about the Group FaceTime glitch, stating that the company is “improve the process” regarding issues like this being reported.
“We have fixed the Group FaceTime security bug on Apple’s server’s and we will issue a security update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug.
We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.
We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the but, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible.
We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.”
Source: MacRumors, Twitter @MGT7500
