fbpx

Apple
is yet to disclose how much it is going to reward a 14-year-old U.S. teenager
for discovering a massive security breach on its FaceTime video call
system. It is believed that part of the reward money will be set aside for his
high school education fund.

On
Thursday, Grant Thompson noticed the group FaceTime bug while on a
video call with his friends. Apparently, they were discussing different
strategies they could implement on Fortnite, a 3D video game which is
widely popular among the teenage demographic.

Upon
contacting Apple, necessary action was taken and the iOS
12.1.4 iPhone update was then released on Thursday. Prior to the
discovery, an unknown security researcher noticed the presence of
the FaceTime bug but was unwilling to come out with it, since Apple
had not put a bounty on offer.

Missed Opportunity

Towards
the end of January 2019, details of a suspicious bug
on FaceTime emerged. A couple of users noticed suspicious activity on
the widely used video call system among iPhone users.

Sometimes
when they contacted friends and family, they could distinctly hear what was
happening on the recipient’s end (regardless of whether they answered the call
or not). Apple got word of the bug and immediately disabled the
recently-launched group Facetime feature on iOS phones.

Earlier
that same month, the teenager and his mother phoned the trillion-dollar
company with a similar potential security threat. As expected, Apple
considered the 14-year-old’s discovery a hoax and thought the boy was craving
attention.

The
problem was uncovered by Grant on one of his group FaceTime video
calls. When Thompson’s plea was given a deaf ear, his mother, Michele Thompson
stepped in and repeatedly reached out to Apple via social media and emails. For
some reason, Apple was adamant to heed to the vulnerability in
their FaceTime feature.

Ever
since other users of the video call system came out with a similar bug issue,
Apple has credited Grant, who hails from Catalina, Arizona, with this major
finding. Grant’s name went viral hours after Apple released a software update
to counter the bug’s detrimental effects.

About the Update

The iOS 12.1.4
is the latest update from Apple for all iPhone 5S phones, iPad Air devices and
the 6th generation iPod Touch. A week ago, Apple disabled Group
FaceTime when news about the bug emerged.

Apple
noted in turn that it solved a similar unknown issue some time ago
in FaceTime’s Live Photos feature. On Friday, Apple reported that it
solved the major security flaw on its servers. It would also release an
advanced software update to re-activate Group FaceTime.

iOS 12.1.4
release notes state that there was an existence of a logic issue in
Group FaceTime. It was also emphasized that the bug was fixed with
“improved state management”. On Thursday, as of 10 a.m., the system status page
of the massive tech company noted that Group FaceTime’s restoration was
successful.

iPhone users
can update their gadgets by doing the following:

  
• Open settings

   • Tap on ‘General’.

   • Select Software Update

   • Download the update

Once the download is complete, your iPhone will automatically install the new software.

Swift
Security Measures

A representative for Apple had this to say in
regards to the update and the reported bug: “In regards to the
bug that has noticeably established its presence in
the FaceTime feature, a security audit has been conducted by our team.
Additional updates have been made to not only the Group FaceTime app,
but its Live Photos feature as a whole in a bid to enhance our security. This
will go a long way in securing our customers who are yet to upgrade to the
latest software”.

The representative also revealed a major server
upgrade to block older versions of macOS and iOS from
making use of FaceTime’s Live Photos feature.

For a global company that is keen on preserving
users’ personal information, the bug was a huge misstep. Tim Cook, Apple’s CEO,
has often advocated for increased regulation of privacy. In the recent past, he
has subtly called out companies that utilize their customer’s vital data for
the creation of personalized ads. In this case, it’s safe to say that Apple is
not so perfect either.

Apple’s
bug bounty program

Apple missed a massive opportunity to solve
the FaceTime bug problem soon enough. Based on reports from The
Wall Street Journal, as early as the start of January, Apple received warnings
from a concerned teen but decided to do nothing about it.

Fortunately enough, before the issue escalated to
something even more serious, more and more users noticed the flaw and issued a
public outcry to the company.

Apple has offered its sincerest apologies to the
teen and his family and is yet to fully reward them for their vocal assistance
on the bug issue. The company is not willing to share the exact amount they
will pay, but it will be substantial enough to see Grant through high
school, according to a report by Reuters.

In regards to this incident, Apple developed
the ‘bug bounty program’ in late 2016. In most cases, researchers can receive
more than a hundred thousand dollars for reporting bugs early enough. One of
the first people to receive substantial compensation from the program was
19-year old Luca Todesco.

In that same year, Facebook followed suit and
rewarded a 10-year-old Finnish youngster a whopping $10,000 in bug bounty. The
boy allegedly figured out how to delete anonymous users’ comments from all
Instagram servers.

Aside from Grant Thompson, a 27-year-old software
developer from Texas by the name of Daven Morris was also credited.
Unlike Grant, Mr. Morris reported the problem several days after it was already
made known.

Either way, Apple rewarded the young man for
noticing the problem soon enough.