New York state begins probe into Apple's FaceTime vulnerability
New York state is launching an investigation into whether Apple failed to properly warn customers about a Group FaceTime vulnerability that allowed people to spy on others.
The probe was announced on Wednesday by Governor Andrew Cuomo and Attorney General Letitia James, Reuters said. In a statement, Cuomo demanded a "full accounting of the facts" to ensure businesses like Apple are following the state's consumer protection laws.
Apple is already facing a private lawsuit in Texas from a lawyer claiming the glitch let someone eavesdrop on a client call. Specifically, he said an intrusion happened while he was taking testimony.
The vulnerability, which extends through iOS 12.1, first gained real publicity on Monday. It was later discovered, however, that Apple had been warned about the problem over a week ago, raising the question of why it didn't respond sooner.
For the time being Apple has disabled Group FaceTime. It's also working on a patch for iOS devices that should go live later this week.
The probe was announced on Wednesday by Governor Andrew Cuomo and Attorney General Letitia James, Reuters said. In a statement, Cuomo demanded a "full accounting of the facts" to ensure businesses like Apple are following the state's consumer protection laws.
Apple is already facing a private lawsuit in Texas from a lawyer claiming the glitch let someone eavesdrop on a client call. Specifically, he said an intrusion happened while he was taking testimony.
The vulnerability, which extends through iOS 12.1, first gained real publicity on Monday. It was later discovered, however, that Apple had been warned about the problem over a week ago, raising the question of why it didn't respond sooner.
For the time being Apple has disabled Group FaceTime. It's also working on a patch for iOS devices that should go live later this week.
Comments
I wish it really was purely about consumer protection.
You realize that bugs are commonly known about (or reported) long before a company fixes them, right? It’s common practice to keep things secret while you’re working on a fix. You don’t want the public (or bad actors) to know about the issue. Then you can release a fix before people even know there was a problem.
No doubt Apple was working on a fix when this news broke, and disabled FaceTime only after it became public. If this news story wasn’t reported it’s likely the next iOS release would have fixed the issue and nobody would have been the wiser.
I don’t see how Apple did anything wrong.
After reports became public they rapidly shut down the service, effectively closing the bug until a patch can be issued. Whether that was because of the initial bug report or because of the media reports and publicity is unknown, but all things considered, I think Apple responded in a reasonable manner.
Clearly, this was a bug, but I don't see how it's that much different from the thousands of other bugs that we read about.