Eavesdropping on your friends conversations, or even worse, tapping into the video feed of their device, is without doubt, a serious privacy concern. Many people are questioning why Apple did not pick up on it, at face value it seems that the bug should have been picked up on with ease.
For those who are not aware of the FaceTime bug that was highlighted at the beginning of the week, you could force a FaceTime call with someone and hear what they’re saying, perhaps even without their knowledge.
To start eavesdropping it was a matter of simply initiating a FaceTime call with someone and while the call was ringing, simply add yourself to the call by swiping up from the bottom of the display…that’s it!
Apple quickly shut down group FaceTime server-side as soon as the bug went public, so don’t bother trying it now as it won’t work.
Worms Coming Out Of The Woodwork
Pretty much as soon as the public were made aware of the bug the cash grabbing pirates started to circle their prey. Houston lawyer, Larry Williams II, filed a lawsuit against Apple claiming that his iPhone allowed an unknown person to listen into a sworn testimony during a client deposition.
I don’t believe that for a moment, how convenient that the very next day, after the bug was made public, he decided to file a lawsuit.
Firstly, how would he have known that someone was listening into his deposition and secondly, it’s also very convenient that he refers to the person as an unknown caller. Why is that? So there’s no way to question the individual as he/she is unknown.
I obviously can’t be 100% sure that he’s not telling the truth but quite frankly it doesn’t take a rocket scientist to figure out that this looks as dodgy as hell. It’s a real shame when the law system, and certainly someone who practices the profession, stoop to these sorts of levels for unethical reasons.
There have been more lawsuits filed against Apple too. No doubt they’ll be plenty more in the coming weeks.
How Was The Bug Missed?
As much as some would have you believe that this bug should have been picked up by Apple during testing, I have to disagree.
Let’s consider the testing process for software. Apple will have QA testers and they will be focusing on the functionality of the app. They will test all features of the app based on what it is intended to achieve.
When a new feature is added to an existing app, they will test the feature based on the spec. They will check that any new feature added to the app hasn’t broken any other part of the app and that the new feature performs as expected.
Previous to testers getting their hands on the build, a BVT would have been done (Build Verification Test) to ensure the app functions as intended before passing the latest build to the QA team. Normally this is an automated process and is a subset of tests that verify main functionality.
The QA team testing Group FaceTime would be testing the new FaceTime feature based on spec. They wouldn’t have thought to add themselves to a call as they would have been the ones initiating the call in the first place. Adding themselves to a call they are initiating would not have been part of the feature set.
Public Beta & Launch
During months of testing when it was open to the public and even after launch, there were millions of people using group FaceTime and it was a good amount of time before someone realised this bug existed.
This only strengthens the fact that this was no ‘obvious’ bug as some would suggest. Isn’t hindsight a wonderful thing!
The Nature Of Technology
Living in a technology age, we have to accept that bugs will creep in. There is no software I am aware of that is 100% bug free. Was this bug most than worse? Yes it was but it wasn’t on purpose, Apple weren’t doing it to snoop, they have a very strong privacy stance unlike many other tech companies and should be praised for that.
The likelihood is, that very few people would have been aware of this bug and by the time they did, Apple would have shut down Group FaceTime anyway. So the chances of millions of people tapping into their friends devices and eavesdropping is very unlikely. And quite frankly if they were, you’d probably want to drop them from your friends list anyway!
In my humble opinion, and having worked closely with QA teams, this bug was an edge case, it wasn’t obvious and although the testers will probably feel bad, they shouldn't.
It’s likely that Apple will get a hard time over this in the coming months until it blows over and others have something else to focus on, but this was a genuine mistake and not one that was as glaringly obvious as people say.