Apple has acknowledged ongoing bugs with its Group FaceTime conferencing feature, in the wake of the eavesdropping security bug that was revealed late last month.
The problems underscore the pitfalls faced by Apple and other smartphone companies in fixing security issues that can affect millions of devices.
Apple was forced to disable Group FaceTime entirely after users discovered they could easily listen in on the devices of those they called via FaceTime.
A week later Apple released iOS 12.1.4 with a fix for the issue, and re-enabled Group FaceTime for those with the update installed.
But the company has now acknowledged that problems remain with the group calling feature, after users reported issues.
Specifically, users can’t add more people to a call that only includes two people, with the ‘Add Person’ button being disabled on such calls.
If users initiate a call with three or more people, the ‘Add Person’ button is activated, although some users have reported problems even in that situation.
Apple’s support documents indicate that the ‘Add Person’ button should normally work on a two-person call.
The company’s technical support staff has reportedly told users that the problem is a known issue, MacRumors reported.
The initial eavesdropping flaw was triggered through the use of the ‘Add Person’ button whilst a call was dialling.
The flaw was serious enough to attract the notice of the US House of Representatives, which called on the company to submit written answers to a series of questions on its security practices.
Those answers, due this week, relate in part to criticism over Apple’s perceived slowness in responding to users’ initial reports of the bug.
The mother of a 14-year-old boy who initially discovered the flaw reported it to Apple, but the company only responded a week later, after reports on the issue appeared in the press.
The company said it disabled Group FaceTime “as soon as our engineering team became aware of the details necessary to reproduce the bug”.
But it also promised to improve the processes it uses to escalate bug reports, let's hope is proves to be the case.