Teenager Who Found FaceTime Bug Will Be Eligible For Bug Bounty Program
Tuesday February 5, 2019. 11:00 AM , from Slashdot/Apple
Grant Thompson, the teenager that reported the FaceTime bug last week, will be eligible for the Apple bug bounty program. 'Apple's bug bounty system is typically invite-only and limited to specific categories of security flaws, like accessing iCloud account data or demonstrating ways for iPhone apps to escape the security sandbox of iOS,' reports 9to5Mac. 'It appears the company is making an exception here given the embarrassingly public nature of the case, although further details about the reward have yet to be discussed.' From the report: The FaceTime bug that made waves as result of 9to5Mac's coverage last week was actually first reported to Apple by Grant Thompson and his mother in Arizona a week earlier. However, deficiencies in the Apple bug reporting process meant that the report was not acted upon by the company. Instead, the teenager made headlines when his mother shared their Apple communications on Twitter. Their claims were later proved to be legitimate.
Around January 22, Apple Support directed them to file a Radar bug report, which meant the mother had to first register a developer account as an ordinary customer. Even after following the indicated steps, it does not appear that Apple's product or engineering teams were aware of the problem until its viral explosion a week later. CNBC reports that an unnamed 'high-level Apple executive' met with the Thompsons at their home in Tucson, Arizona on Friday. They apparently discussed how Apple could improve its bug reporting process and indicated that Grant would be eligible for the Apple bug bounty program.
Read more of this story at Slashdot.
Apr, Thu 25 - 06:25 CEST