New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Wins Lawsuit Over Group FaceTime Eavesdropping Bug

Back in January, there was a major FaceTime bug that allowed a person to force a FaceTime connection with another person, providing access to the user's audio and sometimes video even when the FaceTime call was not accepted.

The bug led to a lawsuit from Houston lawyer Larry Williams II, who claimed that the vulnerability allowed an unknown person to listen in on sworn testimony during a client deposition.


Williams filed his lawsuit in January, just a day after the bug was publicized, and yesterday, a court ruled in Apple's favor and dismissed the case. The court did not find Williams' argument that the FaceTime vulnerability was "unreasonably dangerous" to be valid, nor did the court believe that he provided sufficient evidence to prove that Apple knew of the defect.
Williams's petition does not allege facts about any available alternative design. He fails to allege facts about the iOS 12.1 software as to whether the defect that allegedly allowed a third party to "eavesdrop" on his group FaceTime call was "unreasonable" for the product's ordinary use. Williams's generalized allegation that the iOS 12.1 software was "unreasonably dangerous" and caused him injury falls short of the Rule 8 threshold.

Williams's petition recites the pleading elements, but it does not allege facts that could show Apple's knowledge of the defect or that Apple could reasonably have foreseen that an unknown third party would listen to Williams's group FaceTime call without his permission.

Williams's claim also fails because he did not state facts that could show that Apple's alleged negligent design or manufacture of the iOS 12.1 software proximately caused his injury.
In the lawsuit, Williams had requested unspecified punitive damages for negligence, product liability, misrepresentation, and warranty breach.

The FaceTime eavesdropping bug was perhaps one of the most serious issues that have affected Apple products in recent history.

Subscribe to the MacRumors YouTube channel for more videos.

There was no way to avoid the malicious FaceTime calls, which exploited a Group FaceTime vulnerability. Apple disabled Group FaceTime server side and kept it unavailable until an update could be released to fix the issue.

The vulnerability was officially addressed in iOS 12.1.4, released in February, and Group FaceTime remains unavailable on all versions of iOS 12 released prior to 12.1.4. Full document on Scribd.



Top Rated Comments

(View all)

19 weeks ago
While the bug was nasty, it did not warrant a lawsuit. He was just looking to get rich quick.
Rating: 45 Votes
19 weeks ago
Apple did not "win" the lawsuit. The court dismissed the complaint on a "without prejudice" basis. For non-lawyers, that means that plaintiff's complaint had defects, but he's allowed to correct those defects and re-file.

A "win" would be a dismissal with prejudice. That's not what happened here.
Rating: 25 Votes
19 weeks ago
The entire legal system is a joke.
Rating: 20 Votes
19 weeks ago

The entire legal system is a joke.

Please explain why you think that. Do you disagree with the judgment?
[doublepost=1557513703][/doublepost]

But Apple DID say "what happens on your iPhone stays on your iPhone" and that's a lie

A phone call obviously doesn't stay on your phone.
Rating: 17 Votes
19 weeks ago
I have many things I dislike about Apple, but I'm also a software developer and I know from hard experience that even the best testing strategies and the most stringent code reviews cannot catch EVERY bug. I'm in total agreement with this decision.

This is one of the problems with our world today. As soon as something goes wrong, there's a line of people waiting to accuse you of negligence and malice. It's a wonder anyone actually gets ahead in the world today.

Even if someone - a single person or a very small group - within Apple deliberately introduced a bug that could be misused, it's hardly fair to blame the entire corporation. To make a claim like this you'd have to be able to claim that Apple, as a company, deliberately and with full knowledge introduced and pushed a bug that allowed eavesdropping. And you'd also have to be able to say it was Apple's own decision (i.e. not because of government coercion). Even though I disagree with many of Apple's business practices, I can't believe the company would approve that willingly and knowingly.

We need to stop assuming everyone is out to get us, that everyone is deliberately acting against us. Sometimes mistakes are made. Sometimes you have to fix your mistake. But it's not fair to accuse anyone of malice when the fact is that it was just a mistake.

Of course, the problem with our legal system - and with any system for that matter - is that unless someone stupidly admitted in a recording or letter that they were acting maliciously, you cannot prove what was going through anyone's head.
Rating: 17 Votes
19 weeks ago

Of course.
Jussie Smollett and Laurie Loughlin are also innocent.
And Harvey Weinstein is still a free man.


What are you even talking about? The guy lied and made up some story by trying to stage an eavesdropped deposition AFTER the bug was reported.

Sadly true. Clearly this judge was purchased by Tim Cook. A real judge would have forced Apple to pay up.


I suppose you have evidence to back up your defamatory bribery accusations against the judge and Mr. Cook? Or are you just lying?
Rating: 16 Votes
19 weeks ago
Finally! The amount of painful **** I've heard my "friends" say about me when I gave this bug a whirl was so sad…



Rating: 9 Votes
19 weeks ago

Apple did not "win" the lawsuit. The court dismissed the complaint on a "without prejudice" basis. For non-lawyers, that means that plaintiff's complaint had defects, but he's allowed to correct those defects and re-file.

A "win" would be a dismissal with prejudice. That's not what happened here.


And good luck with that refiling given the defects mentioned. So in short “they won” on more unofficial terms. But thanks for the additional clarification.
Rating: 6 Votes
19 weeks ago
It was a bug, not an intentional way to spy. In developing software, sometimes **** just happens. You can't catch every bug when you're dealing with infinitely complex software.
Rating: 6 Votes
19 weeks ago
Of course.
Jussie Smollett and Laurie Loughlin are also innocent.
And Harvey Weinstein is still a free man.
Rating: 6 Votes

[ Read All Comments ]