Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Apple's iOS 12.1.4 Update to Fix FaceTime Eavesdropping Bug Showing Up in Analytics
Apple's upcoming fix for the FaceTime eavesdropping bug that was discovered on Monday will come in the form of an iOS 12.1.4 update, according to MacRumors analytics data.
We began seeing a handful of visits from devices running an iOS 12.1.4 update on January 29, the day after the bug was widely publicized and spread across the internet.
Apple on Monday said that a software fix for the issue would come "later this week," but now that it's Thursday, there's not a lot of time left. Apple could still release the update later today, but if not, Friday morning is the likely target launch date.
The FaceTime eavesdropping bug allowed iPhone users to exploit a privacy-invading Group FaceTime flaw that let one person connect to another person and hear conversations (and see video, in some cases) without the other person ever having accepted the call.
The FaceTime bug in action
Apple has put a stop to the FaceTime bug by disabling Group FaceTime server side, leaving the feature unavailable, but questions remain about how long the bug was accessible and how long Apple knew about it before attempting a fix.
The mother of the teenager who originally discovered the bug shared convincing evidence that she contacted the Cupertino company as early as January 20. She did not receive a response from Apple despite sending emails and a video.
It's not clear, therefore, when the right team at Apple learned of the bug and when work on a fix was started. We did not see signs of iOS 12.1.4 in our analytics data prior to January 29, but it's possible Apple was working on a fix earlier than that.
The multi-day wait for an official solution to perhaps one of the worst Apple-related privacy bugs we've seen, however, does suggest that development on iOS 12.1.4 did not start too far ahead of when the bug went public.
We began seeing a handful of visits from devices running an iOS 12.1.4 update on January 29, the day after the bug was widely publicized and spread across the internet.
Apple on Monday said that a software fix for the issue would come "later this week," but now that it's Thursday, there's not a lot of time left. Apple could still release the update later today, but if not, Friday morning is the likely target launch date.
The FaceTime eavesdropping bug allowed iPhone users to exploit a privacy-invading Group FaceTime flaw that let one person connect to another person and hear conversations (and see video, in some cases) without the other person ever having accepted the call.
Apple has put a stop to the FaceTime bug by disabling Group FaceTime server side, leaving the feature unavailable, but questions remain about how long the bug was accessible and how long Apple knew about it before attempting a fix.
The mother of the teenager who originally discovered the bug shared convincing evidence that she contacted the Cupertino company as early as January 20. She did not receive a response from Apple despite sending emails and a video.
It's not clear, therefore, when the right team at Apple learned of the bug and when work on a fix was started. We did not see signs of iOS 12.1.4 in our analytics data prior to January 29, but it's possible Apple was working on a fix earlier than that.
The multi-day wait for an official solution to perhaps one of the worst Apple-related privacy bugs we've seen, however, does suggest that development on iOS 12.1.4 did not start too far ahead of when the bug went public.
Related Roundup: iOS 12
Tags: FaceTime, FaceTime Listening Bug
[ 88 comments ]
Top Rated Comments
(View all)
12 weeks ago
I'm sorry Apple, but QA didn't try hard enough to break it. With a feature this sensitive, it is necessary to have a couple of employees trying to break things all day every day. I know not every bug can be discovered in time, but obvious ones like this should be caught before release.
I disagree. This was an edge case bug. In fact it took a long while before millions of users had been using group FaceTime before it came to light.
It certainly wasn't an 'obvious' bug.
12 weeks ago
It's about time. I tried the bug out on a friend and the results were… eye-opening. :(
12 weeks ago
Adding another person to the call is a documented function. So adding yourself to the call is a boundary condition. If it only takes two steps to reproduce the bug, then it should have been discovered. If it took 10 steps, then I would say it wouldn't be an obvious one. Either way, this family deserves to get a reward.
This is an embarrassing bug, but clearly you’ve never developed a piece of software, have you?
12 weeks ago
Does anyone else know of a more friendly Apple site with other friendly actual Apple enthusiasts? Seriously, for as long as I've lurked on here it's all negative people who are Apple haters commenting. Pointless to be on here anymore. All this negative news is hardly "rumors".
12 weeks ago
I'm sorry Apple, but QA didn't try hard enough to break it. With a feature this sensitive, it is necessary to have a couple of employees trying to break things all day every day. I know not every bug can be discovered in time, but obvious ones like this should be caught before release.
12 weeks ago
I'm sorry Apple, but QA didn't try hard enough to break it. With a feature this sensitive, it is necessary to have a couple of employees trying to break things all day every day. I know not every bug can be discovered in time, but obvious ones like this should be caught before release.
Don't forget that this bug likely existed in the months of developer and public beta testing as well and wasn't discovered by users. If so, it wouldn't be fair to classify it as an "obvious" bug.
12 weeks ago
Yep. Very simple bug that should have been caught. This will result in many lost upgrades and sales for the next year and beyond. Another massive Tim Cook failure. Really sucks for those of us who see the writing on the wall.
In fact it was so simple, that you picked up on it on the day of release :rolleyes:
12 weeks ago
Honestly, from what I understand, it's not as though this bug is in any way insidious—at the very least, you will be aware that someone is trying to join the call, no? So I don't see why this is considered such a horrific breach of trust, when selling personal data, including real-time location tracking—which is far more useful to someone with malicious intent—is considered a "business model".
12 weeks ago
Yep. Very simple bug that should have been caught. This will result in many lost upgrades and sales for the next year and beyond. Another massive Tim Cook failure. Really sucks for those of us who see the writing on the wall.
You could also argue that the entire point of the dev beta/public beta program is too assist Apple with finding and reporting issues (such as this), in addition to devs being able to test their apps against the latest version. That’s why they include a mandatory feedback app on every beta version. And I am sure there are many, many more dev/public beta testers than there are QA testers internally. So by your logic, anyone on the beta for 12.1 should have also caught this “very simple bug”.
12 weeks ago
This is an embarrassing bug, but clearly you’ve never developed a piece of software, have you?
My macrumors handle starts with C++. All I do is develop software.
[ Read All Comments ]
Apple today seeded the third beta of an upcoming tvOS 12.3 update to its public beta testing group, one day after providing the beta to developers and two weeks after seeding the second public beta....
Apple today seeded the third beta of an upcoming macOS Mojave 10.14.5 update to its public beta testing group, a day after seeding the beta to developers and two weeks after releasing the second...
In April 2016, Beyoncé launched her sixth studio album "Lemonade" worldwide. While the album was available for Apple users to buy for $17.99 on iTunes at launch, it was never put on Apple...
Ousmane Bah, an 18-year-old from New York, is suing Apple for $1 billion for false arrest, reports Bloomberg.
According to Bah, Apple's in-store facial recognition software mistakenly...
The latest version of Apple's "Hey Siri" feature works hands-free without being plugged into power, and it can be found in several recently announced Apple mobile products, including the...
Apple today seeded the third beta of an upcoming macOS Mojave 10.14.5 update to developers for testing purposes, two weeks after launching the second beta and a month after the launch of macOS Mojave...
Apple today seeded the third beta of an upcoming watchOS 5.2.1 update to developers, two weeks after seeding the second beta and almost a month after the release of the watchOS 5.2 update, which...
Apple today seeded the third beta of an upcoming tvOS 12.3 update to developers, two weeks seeding the second beta and three weeks after releasing tvOS 12.2).
Designed for the fourth and...
