Mon-Fri 9 AM to 5 PM Mountain
888-686-3025
Apple is yet to disclose how much it is going to reward a 14-year-old U.S. teenager for discovering a massive security breach on itsĀ FaceTimeĀ video call system. It is believed that part of the reward money will be set aside for his high school education fund.
On Thursday, Grant Thompson noticed theĀ group FaceTime bugĀ while on a video call with his friends. Apparently, they were discussing different strategies they could implement onĀ Fortnite, a 3D video game which is widely popular among the teenage demographic.
Upon contacting Apple, necessary action was taken and theĀ iOS 12.1.4Ā iPhone update was then released on Thursday. Prior to the discovery, an unknown security researcher noticed the presence of theĀ FaceTimeĀ bug but was unwilling to come out with it, since Apple had not put a bounty on offer.
Missed Opportunity
Towards the end of January 2019, details of a suspicious bug onĀ FaceTimeĀ emerged. A couple of users noticed suspicious activity on the widely used video call system among iPhone users.
Sometimes when they contacted friends and family, they could distinctly hear what was happening on the recipientās end (regardless of whether they answered the call or not). Apple got word of the bug and immediately disabled the recently-launched groupĀ FacetimeĀ feature onĀ iOSĀ phones.
Earlier that same month, the teenager and his mother phonedĀ the trillion-dollar companyĀ with a similar potential security threat. As expected, Apple considered the 14-year-oldās discovery a hoax and thought the boy was craving attention.
The problem was uncovered by Grant on one of his groupĀ FaceTimeĀ video calls. When Thompsonās plea was given a deaf ear, his mother, Michele Thompson stepped in and repeatedly reached out to Apple via social media and emails. For some reason, Apple was adamant to heed to the vulnerability in theirĀ FaceTimeĀ feature.
Ever since other users of the video call system came out with a similar bug issue, Apple has credited Grant, who hails from Catalina, Arizona, with this major finding. Grantās name went viral hours after Apple released a software update to counter the bugās detrimental effects.
About the Update
TheĀ iOSĀ 12.1.4 is the latest update from Apple for all iPhone 5S phones, iPad Air devices and the 6thĀ generationĀ iPod Touch. A week ago,Ā Apple disabled Group FaceTimeĀ when news about the bug emerged.
Apple noted in turn that it solved a similar unknown issue some time ago inĀ FaceTimeās Live Photos feature. On Friday, Apple reported that it solved the major security flaw on its servers. It would also release an advanced software update to re-activate GroupĀ FaceTime.
iOSĀ 12.1.4 release notes state that there was an existence of a logic issue in GroupĀ FaceTime. It was also emphasized that the bug was fixed with āimproved state managementā. On Thursday, as of 10 a.m., the system status page of the massive tech company noted that GroupĀ FaceTimeās restoration was successful.
iPhoneĀ users can update their gadgets by doing the following:
- Open settings
- Tap on āGeneralā.
- Select Software Update
- Download the update
Once the download is complete, your iPhone will automatically install the new software.
Swift Security Measures
A representative for Apple had this to sayĀ in regards toĀ the update and the reported bug:Ā āIn regards toĀ the bug that has noticeably established its presence in theĀ FaceTimeĀ feature, a security audit has been conducted by our team. Additional updates have been made to not only the GroupĀ FaceTimeĀ app, but its Live Photos feature as a whole in a bid to enhance our security. This will go a long way in securing our customers who are yet to upgrade to the latest softwareā.
The representative also revealed a major server upgrade to block older versions ofĀ macOSĀ andĀ iOSĀ from making use ofĀ FaceTimeās Live Photos feature.
For a global company that is keen on preserving usersā personal information, the bug was a huge misstep. Tim Cook, Appleās CEO, has often advocated for increased regulation of privacy. In the recent past, he has subtly called out companies that utilize their customerās vital data for the creation of personalized ads. In this case, itās safe to say that Apple is not so perfect either.
Appleās bug bounty program
Apple missed a massive opportunity to solve theĀ FaceTimeĀ bug problem soon enough. Based onĀ reports from The Wall Street Journal, as early as the start of January, Apple received warnings from a concerned teen but decided to do nothing about it.
Fortunately enough, before the issue escalated to something even more serious, more and more users noticed the flaw and issued a public outcry to the company.
Apple has offered its sincerest apologies to the teen and his family and is yet to fully reward them for their vocal assistance on the bug issue. The company is not willing to share the exact amount they will pay, but it will be substantial enough to see Grant through high school,Ā according to a report by Reuters.
In regards toĀ this incident, Apple developed the ābug bounty programā in late 2016. In most cases, researchers can receive more than a hundred thousand dollars for reporting bugs early enough. One of the first people to receive substantial compensation from the program was 19-year old LucaĀ Todesco.
In that same year, Facebook followed suit and rewarded a 10-year-old Finnish youngster a whopping $10,000 in bug bounty. The boy allegedly figured out how to delete anonymous usersā comments from all Instagram servers.
Aside from Grant Thompson, a 27-year-old software developer from Texas by the name ofĀ DavenĀ Morris was also credited. Unlike Grant, Mr. Morris reported the problem several days after it was already made known.
Either way, Apple rewarded the young man for noticing the problem soon enough.
