Go Back   IceInSpace > Equipment > Software and Computers

Reply
 
Thread Tools Rate Thread
  #1  
Old 02-02-2019, 10:36 AM
gary
Registered User

gary is offline
 
Join Date: Apr 2005
Location: Mt. Kuring-Gai
Posts: 5,914
Post 14-year-old discovered FaceTime eavesdropping bug. Apple ignored mother's calls

In an article today by Matt O'Brien at Associated Press, it is being
reported how the Apple FaceTime eavesdropping bug was discovered by
a 14-year-old and that despite his mother contacting Apple nearly every
day by email, telephone and fax, it took the company nine days to respond.

The New York Attorney General and Governor of New York are now investigating to
determine whether Apple may be culpable.

Quote:
Originally Posted by Matt O'Brien, AP
Last October, Apple introduced the 32-person video conferencing feature for iPhones, iPads and Macs. With the bug, a FaceTime group-chat user calling another Apple device could hear audio — even if the receiver didn’t accept the call. The bug was triggered when callers turned a regular FaceTime call into a group chat, making FaceTime think the receiver had accepted the chat.

In Grant’s case, he had just gotten his Xbox ready and called to invite a friend, Nathan, to play “Fortnite” with him online.

“You can swipe up and add another person, so I added another friend of mine, Diego, to see if he also wanted to play,” he said. “But as soon as I added Diego, it forced Nathan to respond.”

They were shocked at first, then tried to repeat the bug and it happened every time, he said. His mother, Michele Thompson, said she started trying to reach Apple the next day.

“They could have tested it within two minutes, realized it was true and brought it up the chain at Apple,” said Thompson, who works as an attorney. “There needs to be a better process for the average citizen to report things like this. And a timelier response.”

She eventually reached someone who advised that she could register as a software developer to submit the bug.

Quote:
Originally Posted by Matt O'Brien, AP
The company — at first widely praised for its swift response — could come under increased scrutiny as regulators seek to learn more about the vulnerability.

New York Attorney General Letitia James and Gov. Andrew Cuomo said Wednesday that they’re investigating “Apple’s failure to warn consumers about the FaceTime bug and slow response to addressing the issue.”

They said the bug jeopardized the privacy of New York consumers. James said her office’s review will include a “thorough investigation into Apple’s response."
Article here :-
https://www.apnews.com/6de22b18cf38450db65ef582b15f0564
Reply With Quote
  #2  
Old 02-02-2019, 01:21 PM
multiweb's Avatar
multiweb (Marc)
ze frogginator

multiweb is offline
 
Join Date: Oct 2007
Location: Sydney
Posts: 22,060
They keep mentioning the kid should "get a reward". That's what it's all about.
Reply With Quote
  #3  
Old 02-02-2019, 01:43 PM
gary
Registered User

gary is offline
 
Join Date: Apr 2005
Location: Mt. Kuring-Gai
Posts: 5,914
Quote:
Originally Posted by multiweb View Post
They keep mentioning the kid should "get a reward". That's what it's all about.
What I think Tim Cook should be doing is sacking the vice president
of customer service and appointing the mother as the replacement.

Her dogmatism at trying to do the right thing demonstrates she cares
more than they do.

I would then allow her to sack anyone down the chain beneath her and
have them replaced as she sees fit.
Reply With Quote
  #4  
Old 02-02-2019, 09:55 PM
multiweb's Avatar
multiweb (Marc)
ze frogginator

multiweb is offline
 
Join Date: Oct 2007
Location: Sydney
Posts: 22,060
Quote:
Originally Posted by gary View Post
What I think Tim Cook should be doing is sacking the vice president
of customer service and appointing the mother as the replacement.

Her dogmatism at trying to do the right thing demonstrates she cares
more than they do.

I would then allow her to sack anyone down the chain beneath her and
have them replaced as she sees fit.
I don't know, this lack of response from Apple doesn't really surprise me. Maybe because I'm used to deal with this kind of attitude day in day out at work, after a while it becomes normal and you have to work with it or around it. The whole industry nowadays is pointing fingers and no accountability. I don't think anyone at Apple is really worried. Won't even register as a blip in their bottom line.
Reply With Quote
  #5  
Old 03-02-2019, 10:48 AM
gary
Registered User

gary is offline
 
Join Date: Apr 2005
Location: Mt. Kuring-Gai
Posts: 5,914
Quote:
Originally Posted by multiweb View Post
I don't know, this lack of response from Apple doesn't really surprise me. Maybe because I'm used to deal with this kind of attitude day in day out at work, after a while it becomes normal and you have to work with it or around it. The whole industry nowadays is pointing fingers and no accountability. I don't think anyone at Apple is really worried. Won't even register as a blip in their bottom line.
Hi Marc,

I think you could be right there!

What's ironic is do you remember the Apple-FBI dispute?
https://en.wikipedia.org/wiki/FBI%E2...yption_dispute

Tim Cook at the time issued a statement saying, "The United States
government has demanded that Apple take an unprecedented step
which threatens the security of our customers."

Even the United Nations High Commissioner for Human Rights at the time
warned the FBI of the potential for "extremely damaging implications on
human rights" if the FBI were allowed to compel a manufacturer, under
the direction of a court order, to decrypt the contents of a smart phone.

But perhaps Tim Cook's real concern was not with human rights but
that buyers of smatphones might switch to brands manufactured
by companies outside of the United States where the FBI's jurisdiction
may not exist? In other words, was the real concern the bottom line
rather than customer security?

Or are they genuinely concerned about customer security but as an
organisation that has become impossibly large, lack an effective and
timely security reporting mechanism for the average joe?

At a technical level it also says something about the thin veneer of
the software user interface on a smartphone that can create the illusion
to the user that such-and-such a piece of functionality is switched "off"
when in fact if one purposely crafted the software to improperly do so,
that feature remains "on".

Probably standard trade-craft at the NSA, Mossad, SVR, GCHQ, ASD and
the like.
Reply With Quote
  #6  
Old 03-02-2019, 12:54 PM
multiweb's Avatar
multiweb (Marc)
ze frogginator

multiweb is offline
 
Join Date: Oct 2007
Location: Sydney
Posts: 22,060
The sad reality is that any electronic storage that is accessible online is up for grabs. The flaw doesn't lie in technology but in people and practices. As long as one understands this simple fact then there won't be any surprises. Every extra layer, may it be legal, privacy or ease of access is imho just wind because in the end there is always someone who knows how to bypass all that and just does it. The temptation and the financial rewards outweigh any shred of decency or business ethic. I might sound cynical but I keep seeing the same things times and times again, different people, same sh!t with a new coat of paint. It's like groundhog day.
Reply With Quote
Reply

Bookmarks

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time is now 07:19 AM.

Powered by vBulletin Version 3.8.7 | Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Advertisement
Testar
Advertisement
Bintel
Advertisement