New York state begins probe into Apple's FaceTime vulnerability

Posted:
in iPhone
New York state is launching an investigation into whether Apple failed to properly warn customers about a Group FaceTime vulnerability that allowed people to spy on others.

Group FaceTime in iOS 12


The probe was announced on Wednesday by Governor Andrew Cuomo and Attorney General Letitia James, Reuters said. In a statement, Cuomo demanded a "full accounting of the facts" to ensure businesses like Apple are following the state's consumer protection laws.

Apple is already facing a private lawsuit in Texas from a lawyer claiming the glitch let someone eavesdrop on a client call. Specifically, he said an intrusion happened while he was taking testimony.

The vulnerability, which extends through iOS 12.1, first gained real publicity on Monday. It was later discovered, however, that Apple had been warned about the problem over a week ago, raising the question of why it didn't respond sooner.

For the time being Apple has disabled Group FaceTime. It's also working on a patch for iOS devices that should go live later this week.
«1

Comments

  • Reply 1 of 26
    coolfactorcoolfactor Posts: 2,323member
    I support this. If Apple was aware of the situation, but failed to take precautions until *after* they received media attention, then they should be held accountable.
    agilealtitudewilliamlondon
  • Reply 2 of 26
    sflocalsflocal Posts: 6,123member
    It's a probe, nothing more.  Either they will find enough evidence during discovery to show that Apple knowingly hid the vulnerability, or they will decide that Apple acted as quickly as it could.  

    I don't see anything to read here really.  About the only thing that reacts faster than fixing the problem are the ambulance-chasing attorneys that see an opportunity.
    lkruppStrangeDaysbackstabforegoneconclusionstompy
  • Reply 3 of 26
    Classic money grab attempt from New York and to capture headlines for political reasons. 

    I wish it really was purely about consumer protection. 
    macseekerwilliamlondonstompy
  • Reply 4 of 26
    lkrupplkrupp Posts: 10,557member
    I support this. If Apple was aware of the situation, but failed to take precautions until *after* they received media attention, then they should be held accountable.
    So prove you were damaged by this. Prove you were eavesdropped upon. Go ahead, prove it. We’ll wait.
    mwhitejason leavittwilliamlondonp-dog
  • Reply 4 of 26
    I support this. If Apple was aware of the situation, but failed to take precautions until *after* they received media attention, then they should be held accountable.

    You realize that bugs are commonly known about (or reported) long before a company fixes them, right? It’s common practice to keep things secret while you’re working on a fix. You don’t want the public (or bad actors) to know about the issue. Then you can release a fix before people even know there was a problem.

    No doubt Apple was working on a fix when this news broke, and disabled FaceTime only after it became public. If this news story wasn’t reported it’s likely the next iOS release would have fixed the issue and nobody would have been the wiser.

    I don’t see how Apple did anything wrong.
    mwhitejason leavittbackstabp-dogmike1
  • Reply 6 of 26
    lkrupplkrupp Posts: 10,557member
    So within 24 hours of this breaking we have a lawsuit by some lawyer in Texas and a New York State investigation started. When Samsung phones started to randomly send your pictures to people in your contacts list did things happen this quickly or even at all? Just asking. When Alexa was discovered to be listening in did Governor Cuomo start an investigation? Just asking.
    mwhitemacseekeruraharajason leavittp-dogmike1
  • Reply 7 of 26
    Facetime is about interstate communications, New York has no jurisdiction.
  • Reply 8 of 26
    lkrupplkrupp Posts: 10,557member
    I support this. If Apple was aware of the situation, but failed to take precautions until *after* they received media attention, then they should be held accountable.

    You realize that bugs are commonly known about (or reported) long before a company fixes them, right? It’s common practice to keep things secret while you’re working on a fix. You don’t want the public (or bad actors) to know about the issue. Then you can release a fix before people even know there was a problem.

    No doubt Apple was working on a fix when this news broke, and disabled FaceTime only after it became public. If this news story wasn’t reported it’s likely the next iOS release would have fixed the issue and nobody would have been the wiser.

    I don’t see how Apple did anything wrong.
    It’s Apple. It’s assumed they did something wrong.
    edited January 2019 mwhitejason leavittbackstabwilliamlondonp-dog
  • Reply 9 of 26
    tbornot said:
    Facetime is about interstate communications, New York has no jurisdiction.
    The devices are sold and owned at the state level. The service is one that crosses state lines, however the Internet is a global thing, but states tax commerce over the Internet at local sales tax rates. Explain that madness.
  • Reply 10 of 26
    MplsPMplsP Posts: 4,003member
    I support this. If Apple was aware of the situation, but failed to take precautions until *after* they received media attention, then they should be held accountable.
    I support this. If Apple was aware of the situation, but failed to take precautions until *after* they received media attention, then they should be held accountable.

    You realize that bugs are commonly known about (or reported) long before a company fixes them, right? It’s common practice to keep things secret while you’re working on a fix. You don’t want the public (or bad actors) to know about the issue. Then you can release a fix before people even know there was a problem.

    No doubt Apple was working on a fix when this news broke, and disabled FaceTime only after it became public. If this news story wasn’t reported it’s likely the next iOS release would have fixed the issue and nobody would have been the wiser.

    I don’t see how Apple did anything wrong.
    lkrupp said:
    So within 24 hours of this breaking we have a lawsuit by some lawyer in Texas and a New York State investigation started. When Samsung phones started to randomly send your pictures to people in your contacts list did things happen this quickly or even at all? Just asking. When Alexa was discovered to be listening in did Governor Cuomo start an investigation? Just asking.
    Apple reportedly 'knew' about the bug for a week before the story broke, but it's not clear if anyone in a position to do anything knew about it, of if that's just when the form was submitted. In an organization like Apple that is large and likely receives thousands of such reports a day, it would not be surprising if it took several days for someone to review the bug, do some testing to verify it, elevate it to the appropriate level and for someone who actually had the power to respond to take appropriate action.

    After reports became public they rapidly shut down the service, effectively closing the bug until a patch can be issued. Whether that was because of the initial bug report or because of the media reports and publicity is unknown, but all things considered, I think Apple responded in a reasonable manner. 

    Clearly, this was a bug, but I don't see how it's that much different from the thousands of other bugs that we read about.  
    dcgoop-dogwilliamlondon
  • Reply 11 of 26
    Ohhh for sh**ts sake........
  • Reply 12 of 26
    FatmanFatman Posts: 513member
    Cuomo is a piece of garbage. Go back to creating laws that kill babies and leave Apple alone.
  • Reply 13 of 26
    Barking up the wrong tree NY State. More spying going on by your lords than you can imagine. Technologically inept characters should not be producing proclaimations about technically complex subjects. Money grab.
    agilealtitude
  • Reply 14 of 26
    wood1208wood1208 Posts: 2,924member
    We all know software products comes with software bugs, whether it works as designed in 99% scenarios or need improvement. If tax paid attorney's go after companies with software bug than there is no limit. Every software company is guilty as charge. Software is tested as best and than release for beta/pilot and than general release. As unfounded bugs get reported, you fix and release it delta software releases.That is how it works. Nothing magic about. You, State Attorney General idiot, Back-of and put time and energy in catching real criminals.
  • Reply 15 of 26
    dewmedewme Posts: 5,679member
    This is a total waste of time and a meaningless distraction for an agency that has many more important matters to deal with. Considering the mountain of under-served responsibilities that the state of New York is currently failing miserably on - does Gov Cuomo really believe that this is the best possible use of state resources to go after a 6-layer deep issue with a software vendor's handling of a specific software bug? If governments are going to start overreacting to every "hair on fire" piece of news that gets emitted from the social chaos-sphere, spastic media outlets, and overstimulated hype machinery of modern life we are so screwed. What's next, little Johnny fails to get the trash bucket out to the curb for Monday morning pickup and the DOJ launches a probe into the reasons why? This is insanity growing exponentially on top of insanity - all orchestrated in theatrical fashion for public consumption and political posturing. Are officials engaging in this kind of BS because they are trying to meaningfully serve their constituents in state matters or because they are trying to distract their stakeholders from seeing that they aren't really doing there real jobs anymore? There are a finite number of things in your job and your life that you really need to G-a-F about. There is no need to start randomly adopting other people's problems and start rooting around in matters that are 6 layers removed from your own job and life concerns and responsibilities. Is Gov Cuomo bored out of his skull and looking for something to do and thought that being part of a software vendor's defect resolution process is in the state's best interests? What's next, the senate armed services committee serving as the triage team for newly reported Angry Birds app defects?
    edited January 2019 nick710acheron2018mike1
  • Reply 16 of 26
    rob53rob53 Posts: 3,290member
    I'm waiting for New York to file a complaint against both Facebook and Google for targeting minors with software they weren't allowed to use for commercial customers. Oh wait, those two companies have already paid off New York politicians.
    nick710agilealtitudemike1stompybadmonk
  • Reply 17 of 26
    If only Cuomo (NYS Govener) cared about protecting babies from being murdering like he does of a FaceTime bug....
    macseeker
  • Reply 18 of 26
    jdwjdw Posts: 1,418member
    Another fascinating decision here by AppleInsider.  This article is highly political, yet freedom reigns and comments are allowed.  I of course think liberty for all is always good, but it is curious how decisions are made to ban comments on similar articles which are equally or even lesser so political.  Fascinating.
  • Reply 19 of 26
    We need a federal law that forbids New York from having a State Attorney.   It doesn’t seem to matter who sits in the chair.  They instantly become a political grandstanding piece of human garbage.  
    mike1
  • Reply 20 of 26
    mike1mike1 Posts: 3,409member
    sflocal said:
    It's a probe, nothing more.  Either they will find enough evidence during discovery to show that Apple knowingly hid the vulnerability, or they will decide that Apple acted as quickly as it could.  

    I don't see anything to read here really.  About the only thing that reacts faster than fixing the problem are the ambulance-chasing attorneys that see an opportunity.
    And politicians. 
Sign In or Register to comment.