Apple To Pay Teenager Who Discovered FaceTime Security Bug
Earlier this week, Apple pushed iOS 12.1.4, which contained a patch for a major security flaw found within its FaceTime app. As previously reported by the Inquisitr, the security bug was originally discovered by a teenage boy, 14-year-old Grant Thompson, who reached out to the company through his mother. The company didn’t immediately respond to the Thompson family but has recently announced it would be compensating the Catalina Foothills High School teen for his discovery, according to a report from The Verge.
The bug can be triggered within the FaceTime app by using the Group FaceTime feature. The security flaw allows callers to add themselves as a participant on the outgoing call to eavesdrop on the person they’re calling, even if the person opts to ignore the call. In some cases, the caller could even access video from the other person’s device.
Thompson reportedly discovered the issue while trying to set up a group chat with his buddies playing Fortnite. However, it wasn’t until the bug went viral that Apple finally addressed the issue and disabled its Group FaceTime feature. The company later issued an apology and promised a quick fix for the bug in its iOS 12.1.4 update. The update has since been pushed and the company has even thanked Thompson in the patch notes.
“We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process,” Apple said in a statement released to MacRumors.
14-year old Grant Thompson was just trying to play video games with friends when he made an alarming discovery: A bug in Apple's FaceTime tool that could turn iPhones into eavesdropping devices https://t.co/gY4nzZ4tlC pic.twitter.com/27YLqE0x0x
— CNN (@CNN) January 29, 2019
“In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security,” the company also explained.
While Apple did not disclose the exact cash amount Thompson and his family will be receiving, the company did make it clear that the compensation included an additional gift toward the teen’s education, according to a report from Reuters.
This isn’t the first time Apple has reached into its pockets to compensate folks for the discovery of bugs in its software. The company currently offers up to $200,000 in cash awards as part of its bug bounty program. The program, which is a standard practice across the tech industry, was officially introduced in 2016. Upon launch, Apple reportedly sent an invitation to multiple top security researchers to enlist their help.
iOS 12.1.4 is currently available to all users with an iOS 12-compatible device, and it’s safe to say, this is one software update users might not want to skip.