FaceTime users encountered a bug where they could hear audio from other people’s phones even if they hadn’t accepted an incoming call, but the bug was apparently discovered over a week ago when a 14-year-old Fortnite player and his mother tried to warn Apple.
The Wall Street Journal reported that a high schooler named Grant Thompson was preparing to play Fortnite with some friends and tried to set up a conversation with them through FaceTime so the group could communicate. When dialing them up on FaceTime, the player discovered what others would later find when he could hear his friends’ audio through their devices. Thompson and his mom reportedly reached out to Apple and tried to make the company aware of the issue affecting its FaceTime feature.
Those attempts at communication with Apple didn’t get far though with Apple informing the player’s mother, Michele, that they should submit evidence of the bug through Apple’s bug reporting after registering as a developer. Since the bug had to then be taken to Apple’s security team instead, the two who reported the bug weren’t eligible for the bug bounty payout that’s given to those who discover these types of bugs.
The mother of the teenager who first found the bug attempted to reach out to Apple through multiple mediums including Twitter where she said she’d submitted a bug report and was waiting to hear from the company. She also tried to reach out to different media organizations to raise awareness of the issue and shared an image of an email she sent where she described the issue as “a major privacy and security flaw.”
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport...waiting to hear back to provide details. Scary stuff! #apple #bugreport @foxnews— MGT7 (@MGT7500) January 21, 2019
Apple hasn’t released an update for the bug to fix the issue yet, though there is a workaround to avoid it for those who still want to continue using FaceTime until it’s resolved. It’s unclear at this time whether the two individuals who told Apple about the bug will be compensated for their find through Apple’s bug bounty system.