Recently, a 14-year-old made an interesting discovery on Apple‘s proprietary videotelephony product, FaceTime. He discovered that you could add yourself to a Group FaceTime call and force recipients to answer immediately. To induce this, the user starts a FaceTime video call with a contact, then while the call is “ringing,” they add themselves to the call as a third party by tapping “Add Person” and entering their own phone number. If properly executed, a Group FaceTime call is started and the original recipient’s audio begins to stream before the call is accepted.
This discovery has now earned the teenager identified as Grant Thompson a recognition and reward from Apple. The tech giant has confirmed that it will be providing the family with compensation for finding the bug as part of its bug bounty reward program. The teenager will also get a scholarship for his education which is actually a gift from Apple. No amount was mentioned but if the compensation is part of the company’s Bug Bounty program, the amount could be anywhere between $25,000 and $200,000.
Apple was at first slow to acknowledge the bug after Thompson’s mother Michelle attempted to warn Apple about the exploit a week before it became major news. The company was prompted to acknowledge the issue and the discovery after several tweets about the issue. The feature was temporarily disabled but the bug has now been fixed in the latest iOS 12.1.4 and macOS Mojave updates. The release note for the new iOS 12.1.4 version includes an acknowledgement of the discovery, crediting Grant alongside another individual identified as Draven Morris.