New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

New York Officials Investigating Apple's FaceTime Eavesdropping Bug

New York Attorney General Letitia James and Governor Andrew Cuomo are investigating the FaceTime eavesdropping bug on iOS devices that allowed a person to FaceTime another person and hear conversations and see videos even when the call was not answered.

According to Bloomberg, the New York officials will be focusing on Apple's failure to warn consumers about the bug and its slow response.

How the FaceTime eavesdropping bug worked

The FaceTime eavesdropping bug was widely publicized on Monday, and several hours after information on how to execute the exploit spread, Apple disabled the Group FaceTime servers.
"This FaceTime breach is a serious threat to the security and privacy of the millions of New Yorkers who have put their trust in Apple and its products over the years," James said in the statement on Wednesday.

"We need a full accounting of the facts to confirm businesses are abiding by New York consumer protection laws and to help make sure this type of privacy breach does not happen again," Cuomo said in the statement.
Apple is planning to release a software fix that will solve the bug and will allow the company to bring Group FaceTime back online. That update is expected sometime this week.

While the glitch was not widely known until Monday afternoon, Apple was informed about the bug more than a week prior. The person who contacted Apple said that Apple did not respond to multiple attempts to notify the company about the issue.

It's not entirely clear if Apple knew about the bug and was working on a fix internally at the time that it became widespread, but if so, Apple certainly left it functional and did not move to disable Group FaceTime until forced to do so. For that reason, it's not known how long the bug has been present in iOS and how long people may have been quietly exploiting it.

In addition to the inquiry from New York officials, Apple is also facing a lawsuit over the issue. Yesterday, an attorney said the FaceTime bug allowed an unknown person to listen in on sworn testimony during a client deposition.



Top Rated Comments

(View all)

12 weeks ago
Investigate Facebook and google too while you’re at it
Rating: 33 Votes
12 weeks ago
Ease up on them. I’m sure they were just busy innovating :/

I’m not sure I’m a fan of Apple anymore.
Rating: 19 Votes
12 weeks ago
PR stunt. I don't think they care about New Yorkers' privacy otherwise they would have investigated Facebook, Amazon (Alexa recordings bug) and Google.
Rating: 18 Votes
12 weeks ago
Too late, Apple. I've already switched to Android where I know my personal information is kept safe!

;):p
Rating: 18 Votes
12 weeks ago
It’s a really bad bug, but boy — with all these recent articles about Google and Facebook, something just seems a little off.

All these in-depth investigations and lawsuits related to security/privacy bugs seem to target Apple, yet flagrant and deliberate privacy violations seem to almost go unchecked or dismissed.

Regardless, it’s not the first time this has happened where media attention seems to “resolve” an Apple bug faster than a bug report does (Calculator iOS app being a prime example). Hopefully this will finally kick Apple into gear with rethinking how they address bugs logged and keep communication between their teams.
Rating: 15 Votes
12 weeks ago
I think this thing is completely overblown. You have to set up a GROUP FaceTime call then PURPOSELY add your own number. And this only lasts as long as it takes for the other party to pick up the call or for the call to go to voicemail. This is TOTALLY overblown.
Rating: 11 Votes
12 weeks ago
Has nobody on this board ever worked in tech support? Somebody calling an entry-level help desk worker with a "bug" is 99% of the time somebody who doesn't know how to work their device. For this to go from that initial call all the way to the top of a company with over 100,000 employees in only a week has to be a new record in speed. Typical that people want everything immediately:

[MEDIA=youtube]c9EBhaULToU[/MEDIA]
Rating: 11 Votes
12 weeks ago

I think this thing is completely overblown. You have to set up a GROUP FaceTime call then PURPOSELY add your own number. And this only lasts as long as it takes for the other party to pick up the call or for the call to go to voicemail. This is TOTALLY overblown.


Did you miss the part about the receiving party silencing the call starting the video feed too?
Rating: 11 Votes
12 weeks ago
I have a lot of criticisms of Apple, but their response to the Group FaceTime bug is not one of them. I don't know what the Governor's office is looking to gain from this... but they're looking to gain something. o_O Government officials generally don't get off their asses unless there is something in it for them.



Rating: 9 Votes
12 weeks ago
$20 Billion profit and a bug. The vultures are circling.

It always makes me feel better, as a software engineer, when someone like Apple f's up like this. Reminds me that even the guys at the top of their game are capable of howlers like this one too.
Rating: 9 Votes

[ Read All Comments ]