UPDATE: Apple Fixes Eavesdropping Bug.
Apple has released an iPhone update to fix a software flaw that allowed people to eavesdrop on others.
Callers were able to activate another person's microphone remotely when using Group FaceTime, even before the person had accepted or rejected the call.
Apple turned off the group-chat feature last week after 14-year-old Grant Thompson of Tucson, Arizona, discovered the flaw. The Thompsons had tried for over a week to alert Apple to the bug. The company was widely criticized for its slow response.
Apple plans to contribute to Thompson's college fund in addition to paying a bounty to him and his family for reporting the privacy flaw. The amounts were not disclosed. Such bounties are commonly awarded to users who discover and report software flaws. Grant’s mother, Michele, told The Associated Press that the family intends to use all of the Apple money to help cover his college expenses.
The FaceTime repair is included in the latest version of Apple's iOS 12 system, which became available to install Thursday, February 7.
Apple has a bug. An eavesdropping glitch turns an iPhone into a live microphone during FaceTime. And a 14-year-old boy may have been the first to find the flaw—more than a week before the tech company took action.
“I found it by accident,” says high school freshman Grant Thompson, “instead of the people at Apple that get paid to find glitches.”
What’s worse, Grant and his mom, Michele, spent a week trying to get Apple to do something about the problem. The bug allowed callers to activate another person’s microphone remotely before the person has accepted or rejected the call.
The family tried reaching Apple through multiple channels. They left comments on Twitter—one to CEO Tim Cook—and uploaded a video to walk Apple engineers through the problem. But it wasn’t until a tech blog reported the flaw that Apple shut down the group-chat feature.
“It took nine days for us to get a response,” Grant says. “My mom contacted them almost every single day through email, calling, faxing.”
Grant is a straight-A student who plays basketball, does community volunteering, and enjoys video games. He was using FaceTime to call friends to play a game on January 19 when he discovered the flaw.
Apple plans to turn FaceTime group video chat on next week via a software update. But the slow response will likely land them in court.
“They could have tested it within two minutes, realized it was true, and brought it up the chain at Apple,” says Michele Thompson. “There needs to be a better process for the average citizen to report things like this. And a timelier response.”
Grant would love a “bug bounty” (Apple’s reward for finding a glitch) but says, “It would be cool to just have Apple say thanks to me.”
Whoever conceals his transgressions will not prosper. — Proverbs 28:13
(Grant Thompson and his mother, Michele, look at an iPhone in the family’s kitchen. AP Photo/Brian Skoloff)