iPhone FaceTime bug is likely to get the bug bounty from Apple. A high-level Apple executive visited Grant Thompson and his mother at their Tucson, Arizona home.
Apple has already publicly thanked the family for discovering and reporting the bug. The Apple executive personally visited Grant Thompson and his mother to apparently discuss the bug bounty. The senior executive discussed how the company can improve its bug bounty and reporting process. Thompson declined to share the name of the executive.
The Apple executive has assured the 14-year old that he will not only get the credit for reporting the bug during the software fix, but he would also be eligible for the bug bounty program. The details of the bug bounty program and reward was not discussed in the meeting. Apple’s security team will get in touch with Thompson to discuss the same.
On January 19, Grant Thompson discovered the flaw in FaceTime group calling. The flaw would let callers eavesdrop on audio and video conversation from other users even if they haven’t answered their FaceTime call.
Despite Thompson and his mother’s attempts to report the bug to Apple, their request was initially ignored. Thompson’s mother Michelle tried tagging Apple in her Facebook posts, feedback form method, calling the company, and even emailing them describing about the bug.
In an interview with 9to5Mac, Michelle Thompson said, “I first went to their website and went to Apple Feedback, which is an e-mail form. I tweeted them. I tagged them in my Facebook posts. I called them, I e-mailed them, and I faxed them, and then registered as a developer — even though I’m not a developer — and submitted a bug report that way, after all my other methods had failed.”
Apple doesn’t have a public bug bounty program. The company opens its invitation to trusted security researchers and accepts the bug reports only from them. The program is limited to only a few categories. Apple has agreed to compensate Thompson. The company normally pays between $25,000 to $200,000 depending upon the nature of the flaw.