Apple may have known about the Group FaceTime privacy bug a week before the company disabled the feature, with one Twitter user claiming to have informed Apple of the issue discovered by their child the previous Monday.
On Monday, it was revealed Apple had disabled access to Group FaceTime due to an "ongoing issue," with no timeline offered for the fix. Social media posts revealed a FaceTime bug that glitches the service and allows access to a third-party's microphone in a Group FaceTime call, even if they do not answer the call.
According to more posts on social media, it seems that Apple may have left Group FaceTime active for a week after being informed of the bug's existence. A Twitter user identified as "MGT7" has posted emails purportedly sent to Apple as proof of reporting the bug to the company.
One email, shown in an image and dated January 22, claims the user's teenage son had discovered the security flaw and that it had been disclosed to Apple, but with no response from the company on the matter. The email continued to offer details and a home video of the flaw following a discussion with an Apple employee.
Another image contained a similar message allegedly sent to Fox News on January 20 via Facebook, again referencing the submission of a bug report to Apple and asking if there is interest in the story. In a more recent message, the Twitter account also claims to have "letters, emails, tweets and messages" sent to Apple over a ten-day period over the bug.
While it is difficult to deduce if the reported communications took place from posts and screenshots, one tweet from January 21 mentions a "major security flaw," the bug report, and the discovery by the unidentified teenager. As it is currently not possible to edit a historical tweet on the service, this seemingly serves as a form of proof that the communication is genuine.
There are also other questionable elements to the account that suggest all may not be as straightforward as it seems. For example, one screenshot shows the email log as being in GMT rather than Mountain Time or another more appropriate timezone.
The age of the account is also questionable, as the first available post made from it was on January 1, discussing British knife bans. The overall usage of the account, including hashtags, image embeds, and other areas, also indicate the user has knowledge of how to use Twitter, and either all posts pre-2019 were wiped or the account is an alternative one for the user.
Apple is still working a permanent fix for the issue. The company shut down Group FaceTime as a temporary workaround on Monday night.
27 Comments
Okay, calm down AI. I would bet that Apple gets several hundred of these Tweets and emails a day from the public claiming to have found a major bug. I know that the Apple discussion forums are full of these kinds of posts and claims only to find out the person reporting it didn’t know what they were talking about or had a misunderstanding of how things actually work. So this 14 year old’s report was probably just one of thousands of reports from the public and Apple was somehow supposed to rifle through them all to see if any of them were legit? Apple didn’t immediately respond to the teenager’s report? No shit, Sherlock. Why would they? How many people would Apple have to dedicate to looking at every single report from the public about a possible bug or security flaw?
So yeah, the bug is a really big one but to say Apple knew about it for a week before doing anything is just pure fantasy and negative narrative.
Apple has become a turgid bueocracy under Tim Cook.
Fire him.
Is there really a standard turnaround time for taking major OS features offline after a bug report from a random member of the public? This article seems to imply that there is. So what is it? 4 days? 3? Less?