Grant Thompson, a 14-year old from Tucson, Arizona, was instrumental in detecting a snooping bug in Apple’s Group FaceTime app around mid- January 2019. Grant found the privacy glitch when he was attempting to put together a FaceTime group so he could play ‘Fortnite’ with his friends.
In an interview on CNBC, Thompson said he found the snooping bug by accident and was surprised that Apple hadn’t caught it themselves. Grant had told his mom, Michelle Thompson, about the glitch who had tried several times to reach Apple to report the privacy breach but was unsuccessful. She not only called, but sent emails, tweets and Facebook posts.
When media tech site 9to5 broke the story after seeing Thompson’s tweets and Facebook posts, it went viral and only after that, a whole week later, did Thompson hear from Apple.
Arrangements were made for her and Grant to meet with an executive from Apple at their home last Friday afternoon, Feb 1st. She said the executive whose name she did not want to mention thanked them and interviewed them for feedback and also asked how Apple could improve their reporting process.
According the Apple’s iDrop News, it describes the breach as allowing FaceTime users to listen in on a call recipient’s audio as well as view live video feed from their camera without the call recipient’s knowledge.
Thompson said that Apple indicated that her son would be eligible for Apple’s ‘bug bounty’ program and a reward. If that is a possibility, she intends to put it into Grant’s college fund. She said that computer technology is a field that her son has long been interested in and even more so now.
Grant made a comment on ‘Squawk Box’ that this experience has not influenced him to stop using Apple products. He commented also that a glitch like he discovered can fall through the cracks but can be found. He believes that Apple tries to protect user privacy.
Apple did apologize last Friday for its Group FaceTime app glitch. The company also thanked the Thompson family for reporting it.
According to iDrop News, after news of the security vulnerability spread, Apple implemented a server-side fix by disabling the Group FaceTime feature. Apple says it will release a software update fix for the bug this week.
This FaceTime flaw discovery comes at a time when online privacy issues are in the news with all the privacy breaches by companies like Facebook and Google and many questions are being asked by users and world governments too.
Apple CEO Tim Cook and his company have worked hard to be in the forefront of data protection.