Apple has today released an update on the FaceTime eavesdropping bug and offered an apology. The company says it has patched the flaw on its servers and will roll out an update to iOS users next week to bring back Group FaceTime with the bug fixed. It also makes a promise to improve how it handles bug reports and its escalation process.
Here’s the full statement 9to5Mac received from Apple:
“We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.
We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.”
After 9to5Mac exclusively reported on the FaceTime eavesdropping bug this past Monday, a mother and her son claimed that they had warned Apple about the issue a week earlier, and offered video evidence. That’s the Thompson family that Apple is thanking in its statement today, but notably Apple responded quite slowly to the family’s emails and requests. The company allegedly even made the mother create a developer account to file a Radar.
Apple’s statement says that as “soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix.” But many feel the response was anything but quick.
Apple took Group FaceTime offline several hours after we detailed the bug as it was spreading across social media on January 28th. However, the Thompson’s have shown evidence that they shared the flaw and how it worked with Apple from January 22nd onwards in multiple emails and a YouTube video.
Notably, it’s good to see Apple’s apology highlight its serious need to evolve how it handles escalating bug reports like these to tackle them in a much more efficient manner.