Democratic Reps. Frank Pallone, Jr., and Jan Schakowsky wrote a letter to Tim Cook today asking for details about the FaceTime bug (via Gizmodo).
[Apple Sued Over Group FaceTime Eavesdropping Bug]
The Letter
Dear Mr, Cook:
We are deeply troubled by the recent press reports about how long it took for Apple to address a significant privacy violation identified by Grant Thompson, a 14-year-old in its Group FaceTime feature. As such, we are writing to better understand when Apple first learned of this security flaw, the extent to which the flaw has compromised consumers’ privacy, and whether there are other undisclosed bugs that currently exist and have not been addressed,
In today’s world, nearly every adult and many children walk around with a device in a purse, a backpack, or pocket that has a microphone and camera According to one study, the average age children first get a smartphone is 10 years old.2 Moreover, the marketing of smart home devices encourages consumers to place cameras and microphones in the most personal and intimate rooms in their homes. While these are wonderful tools when used right, the serious privacy issue with Group FaceTime demonstrates how these devices also can become the ultimate spying machines. That is why it is critical that companies like Apple are held to the highest standards Your company and others must proactively ensure devices and applications protect consumer privacy, immediately act when a vulnerability is identified, and address any harm caused when you fail to meet your obligations to consumers.
We found out about the FaceTime bug after a teen discovered it and his mom reported it to Apple. It tricked FaceTime into believing a call was underway before it was accepted. This let the caller get transmitted audio from the other device and use it to spy on the person. A fix for the bug was delayed.