Apple Hit With Lawsuit Over FaceTime Eavesdropping Bug

http://bit.ly/nvEILJ

Apple is already facing its first lawsuit over the FaceTime eavesdropping bug that was discovered just last night, reports Bloomberg.

Houston lawyer Larry Williams II today filed a lawsuit against Apple claiming that his iPhone allowed an unknown person to listen in on sworn testimony during a client deposition.

Subscribe to the MacRumors YouTube channel for more videos.
He is suing Apple for unspecified punitive damages for negligence, product liability, misrepresentation, and warranty breach. The bug, says Williams, violates the privacy of a person's "most intimate conversations without consent."

The FaceTime bug in question was widely publicized yesterday after making the rounds on social media. By exploiting a bug in Group FaceTime, a person could force a FaceTime connection with another person, providing access to a user's audio and sometimes video even when the FaceTime call was not accepted.

There was no way to avoid malicious FaceTime calls forced to connect in this manner short of turning off FaceTime, but after the issue received attention, Apple disabled Group FaceTime server side, and the feature remains unavailable. With Group FaceTime turned off, the exploit is not available and no one is in danger of being spied on via their Apple devices through the FaceTime bug.

Apple is planning to implement a fix via a software update later this week, but the company has not commented on how long this bug was available before it was widely shared. Group FaceTime has been available since iOS 12.1 was released in October.

A woman whose teenage son initially discovered the bug says that she contacted Apple multiple times starting on January 20, and even sent a video demonstrating the issue, but she received no response from the company.

Tags: FaceTime, FaceTime Listening Bug

This article, "Apple Hit With Lawsuit Over FaceTime Eavesdropping Bug" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories http://bit.ly/2Th9is0

Samsung Galaxy M20 vs Xiaomi Redmi Note 7 vs ASUS Zenfone Max Pro M1: Price in India, Features, Specs

via News – MySmartPrice http://bit.ly/2sVCUzw

Sony Xperia XZ4 Full Specs Sheet Leaked: Huge Battery, Tall Display, Multiple Color Options, More

via News – MySmartPrice http://bit.ly/2sWSsTH

Realme 2 Now Available on Open Sale via Flipkart, Offers 90% Exchange Value at Just Re.1

via News – MySmartPrice http://bit.ly/2MLCuoF

Facebook Paying People $20/Month to Install Data Harvesting VPN App on iPhones

http://bit.ly/2CRtyt1

Apple in August 2018 forced Facebook to remove its Onavo VPN app from the App Store, because Facebook was using it to track user activity and data across multiple apps, something that violate's Apple's App Store policies.

As it turns out, Facebook has found an underhanded way to skirt Apple's rules and get people to continue installing its VPN - paying them.


TechCrunch this afternoon exposed Facebook's "Project Atlas" program, in which Facebook paid people - adults and teenagers - to install a "Facebook Research" VPN that is similar to the Onavo VPN app.

As of 2016, Facebook has been secretly offering people aged 13 to 35 up to $20 per month along with referral fees to sideload the Facebook Research app using an enterprise certificate on iPhone. Enterprise certificates like this are designed to allow companies to distribute internal corporate apps and give full root access to a device.

To hide its involvement, Facebook has been using beta testing services like Applause, BetaBound and uTest to recruit participants to install Facebook Research.

By getting people to sideload an app this way through an enterprise certificate, Facebook has access to data that includes private messages in social media apps, chats from instant messaging apps (including photos and videos), emails, web searches, web browsing activity, and ongoing location information. It's not clear if Facebook is accessing this data, but it could, according to security researcher Will Strafach, who TechCrunch consulted for this piece.

"The fairly technical sounding 'install our Root Certificate' step is appalling," Strafach tells us. "This hands Facebook continuous access to the most sensitive data about you, and most users are going to be unable to reasonably consent to this regardless of any agreement they sign, because there is no good way to articulate just how much power is handed to Facebook when you do this."

The terms of service for the Facebook Research app suggest Facebook was collecting information about the smartphone apps on a participant's phone and how and when those apps are used. Facebook also said it would collect data about activities and content within the apps, and information about internet browsing history. There's even a line suggesting Facebook collects data even when an app uses encryption or from within a secure browser session.

Facebook confirmed the program in a statement provided to TechCrunch and reportedly said that the Facebook Research app was "in line with Apple's Enterprise Certificate program," though that does not seem to be the case based on Apple's Enterprise Certificate policy.

"Like many companies, we invite people to participate in research that helps us identify things we can be doing better. Since this research is aimed at helping Facebook understand how people use their mobile devices, we've provided extensive information about the type of data we collect and how they can participate. We don't share this information with others and people can stop participating at any time."

Apple has been made aware of the issue, but declined to provide a comment to TechCrunch. It's not clear how the Cupertino company will handle the situation, but as TechCrunch points out, Apple CEO Tim Cook has been highly critical of Facebook and its privacy violations. Apple could potentially block the Facebook Research app or revoke Facebook's permission to distribute internal apps entirely.

Full details on Facebook's spying app can be found in TechCrunch's full exposé.

Tag: Facebook

This article, "Facebook Paying People $20/Month to Install Data Harvesting VPN App on iPhones" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories http://bit.ly/2DGXiKO

Strategy Analytics: Apple Shipped an Estimated 65.9 Million iPhones in Holiday Quarter

http://bit.ly/2U3UKMn

Apple shipped an estimated 65.9 million iPhones during the first fiscal quarter of 2019 (aka the fourth calendar quarter of 2018) according to new data shared today by Strategy Analytics.

As of this quarter, Apple is no longer providing a breakdown of unit sales of the iPhone, iPad, and Mac, so we will not have concrete data on how well the iPhone is selling going forward.


Apple in Q1 2018 sold 77.3 million iPhones, which would mean Apple sold 11.4 million fewer iPhones in Q1 2019 if Strategy Analytics' estimates are correct, marking a 15 percent decline in sales year-over-year.

Global iPhone shipments fell sharply, due to high retail pricing, unfavorable foreign exchange rates, intense competition from rivals like Huawei, battery replacement programs driving longer ownership cycles, diminished carrier subsidies in some developed markets, and flagging demand in some emerging markets.

Apple's Q1 2019 iPhone revenue was $52 billion, down from $61 billion in the year-ago quarter, also a 15 percent decline. The drop in iPhone revenue led to total revenue of $84.31 billion, down from $88.3 billion in Q1 2018.

Despite the decline in iPhone sales, which Apple CEO Tim Cook has attributed to weakness in China and fewer upgrades, Q1 2019 was Apple's second-best in terms of both revenue and profit, coming in behind only the first fiscal quarter of 2018.

Tags: earnings, Strategy Analytics

This article, "Strategy Analytics: Apple Shipped an Estimated 65.9 Million iPhones in Holiday Quarter" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories http://bit.ly/2WtidZm

Lenovo Yoga Chromebook C630 Review: The Portable Workstation

via Chrome Unboxed – The Latest Chrome OS News http://bit.ly/2DJSLr5