SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1984
A lawyer is suing Apple over FaceTime bug, says it let someone listen in on sworn testimony
A Houston lawyer has filed a lawsuit against Apple over a security vulnerability that let people eavesdrop on iPhones using FaceTime.
The bug went viral on Monday evening after news outlets, including CNBC, verified that one person was able to place a FaceTime video call to another person and, using the exploit, was able to listen in or see video of the recipient of the call, even if they didn't answer. Attorney Larry Williams II says he heard about the bug on or before Sunday.
His lawsuit, filed Monday in Harris County, Texas, alleges that Apple "failed to exercise reasonable care" and that Apple "knew, or should have known, that its Product would cause unsolicited privacy breaches and eavesdropping." It alleged Apple did not adequately test its software and that Apple was "aware there was a high probability at least some consumers would suffer harm."
The suit says that Williams was "undergoing a private deposition with a client when this defective product breached allowed for the recording" of the conversation.
Williams claimed this caused "sustained permanent and continuous injuries, pain and suffering and emotional trauma that will continue into the future" and that Williams "lost ability to earn a living and will continued to be so in the future."
(Score: 2) by Runaway1956 on Saturday February 02 2019, @04:21PM (6 children)
Let's get serious here. Virtually every piece of software in existence has some kind of disclaimer. "Not to be used in mission critical applications" or words to that effect. Maybe a lawyer doesn't understand what "mission critical" means? It must be noted that if a lawyer was discussing sensitive data, he was probably billing for in-person, face-to-face time.
The lawyer gets no empathy from me.
(Score: 4, Insightful) by RS3 on Saturday February 02 2019, @05:11PM (4 children)
I agree, and would argue (against my true feelings about data/computer security) for Apple that especially in light of all of the security/data breaches lately, it is negligent to rely on something like FaceTime as truly secure and private. Even TV and movies refer to encrypted channels.
The client should sue the lawyer.
Either way, this case will likely set precedent.
(Score: 2) by HiThere on Saturday February 02 2019, @05:16PM (3 children)
I would argue against Apple, as I do not feel that EULAs should have any (positive) legal standing. They should be able to function as promises that the company makes to the customer, but not in the reverse direction.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by RS3 on Saturday February 02 2019, @06:59PM
I agree, and that's why I wrote the parenthetical: "(against my true feelings about data/computer security)". That parenthetical expression tells you that something else is going on. I was otherwise (key word: "otherwise") writing in the context of a limited scenario where I would somehow be working for and in favor of Apple and other providers.
Our (USA's) legislative and legal system is a huge mess! My true feelings about it are quite cynical: I fear that most in government: legislative, administrative, and courts, are some of the laziest and least rational of society, and the system does not incentivize them to try harder. I could write volumes, and started to, but I don't have the time to.
For me, the bottom line right now, with all current factors: EULAs being in favor of the corporation, lack of data privacy laws, etc. - I haven't read the FaceTime EULA, but I bet it's all in favor of Apple / FaceTime and insulates them from blame, and the lawyer (of all people) should have known that (you know, here in the real world).
(Score: 3, Insightful) by RS3 on Saturday February 02 2019, @07:05PM (1 child)
All that said, I'm quite disappointed in people. Here's an example of what I wish would happen: FaceBook data breaches / selling of your personal data -> everyone quits FaceBook and moves to some alternative whose EULA guarantees privacy, and not the "we will share your data with 3rd parties as we see fit (and you have no control over what they do with your data)" like most EULAs have. I read them.
But the masses have stayed with FaceBook and move on with life, sending the message to government "we were annoyed with the privacy breaches / data selling but we've gotten over it and don't care so don't bother doing anything".
So now what.
(Score: 2) by HiThere on Saturday February 02 2019, @11:14PM
Well, personally, avoid abusive EULAs. That was a large portion of the reason I moved to Linux. Technically, I was happier with either MS or Apple. (That was a couple of decades ago. These days I have no idea whether they are better than Linux in any particular. But I no longer even read their EULAs. They aren't willing to pay me to do it.)
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by darkfeline on Sunday February 03 2019, @11:16PM
There seems to be a severe case of didn't RTFA or RTFS here. This isn't about holding a confidential discussion through an app and being leaked. This is about holding a private face-to-face conversation, and someone initiating a video call, and the mere initiation of the call sends video and audio to the caller, without the callee even accepting the call.
This is about merely having an iPhone in the vicinity allowing anyone to eavesdrop on a conversation. I'm pretty sure Apple doesn't have a disclaimer saying "Anyone may be able to access the camera or microphone remotely at any time", and I doubt that would hold up in court anyway.
Join the SDF Public Access UNIX System today!