Tuesday

Apple Was Apparently Notified About Major FaceTime Eavesdropping Bug Over a Week Ago

While it only made the news yesterday, it appears Apple was alerted to a major FaceTime privacy bug over a week ago.


Twitter user MGT7500 tagged the official Apple Support account in a January 20 tweet claiming that her 14-year-old son discovered a “major security flaw” that allowed him to “listen in to your iPhone/iPad without your approval.” The user also tagged Tim Cook on the issue in a follow-up tweet on January 21.



Once the bug started making headlines on Monday, the Twitter user then shared additional tweets claiming that they had also emailed Apple’s product security team over a week ago. A screenshot of the email was shared, and it appears the team did respond, but what they said is not visible in the screenshot.


The user acknowledges having wanted to receive a monetary reward under Apple’s bug bounty program, but she claims she still proceeded to alert Apple to the bug by phone, fax, and with an official bug report nonetheless. She also wanted to keep the bug private, but she did tweet Fox News about it.

All in all, there is evidence that Apple Support was tagged about an eavesdropping bug eight days before it made headlines, and if the rest of the tweets are truthful, the company was also alerted about the bug via several other avenues.

Apple has temporarily disabled Group FaceTime, as adding your own phone number to a FaceTime call was the underlying cause of the bug, while it rushes to prepare a software update with a permanent fix. Apple said that update will arrive “later this week,” but it wouldn’t be surprising to see it today.

Apple did not immediately respond to our request for comment about when it discovered the bug and how long it existed.

Source link

Follow Us @soratemplates