iOS 12.1.4 Now Available With Group FaceTime Bug Fix

[arlen holder]

o iOS 12.1.4 Now Available With Group FaceTime Bug Fix
<https://www.macrumors.com/2019/02/07/ios-12-1-4-group-facetime-fix-now-available/>
"Apple today released a new iOS 12.1.4 update for the iPhone, iPad,
and iPod touch, with the new software designed to fix an insidious
privacy-invading Group FaceTime bug that could be exploited to
eavesdrop on conversations. "

Proving what we've been saying for years...
"The FaceTime bug allowed someone to spy on you without
your permission or knowledge"

There's zero reliable evidence Apple gave a shit until _after_ the shit hit the fan:
"It was a serious bug, so serious that Apple took its entire
Group FaceTime server offline as the company took the time to
prepare the iOS 12.1.4 update. The Group FaceTime bug was
publicized last Monday and Group FaceTime has been offline
since then."

If it was just the first, second, third, forth, fifth, etc., similar Apple
issue in the recent past, it wouldn't be all that big of a deal, but it's a
chronic proof that Apple never sufficiently tests its software.

The user just wants frequent releases.
o And that's what they get

I call it a veritable "diarrhea" of releases.
o For some strange reason, that release diarrhea makes users _feel_ safe.

And that! Is all that matters to Marketing (who clearly schedules this
diarrhea of releases for marketing purposes, as shown in the leaked
Federighi email of about a year ago).

"The Group FaceTime bug may have required some major
under-the-hood changes to FaceTime given that it took Apple
nearly two weeks to fix the issue. Following today's update,
the Group FaceTime bug will no longer be able to be exploited
and Apple will be able to bring its Group FaceTime server back
online.
It continues to be unclear just how long the Group FaceTime bug
was available for. Group FaceTime was introduced last October,
and Apple has not let us know if the bug has been around since
that launch date or if it was introduced in a later iOS 12 update."

[arlen holder]

Since iOS 12.1.4 fixes *four serious exploits* that have been around for
quite some time, this Forbes article goes so far as to state iOS 12.1.4 is
o "The most important upgrade in iOS history",
o even though they say it's "far from buggy" itself,.
<https://www.forbes.com/sites/gordonkelly/2019/01/29/apple-ios-12-1-3-release-iphone-xs-max-xr-problem-facetime-problem-video-calls-audio-calls/>

Forbes notes that iOS 12.1.4 is large:
"Weighing in at approximately 500MB, this is a surprisingly
large upgrade for a dedicated bug fix. That said, itÿs the
most essential fix in iPhone history."

The four serious exploits are:
1. Extremely serious FacePalm vulnerability found by a mere child
2. Extremely serious LIvePhotos vulnerability found by Apple
3 & 4. Serious memory exploits found by Google

Interestingly, since I'm on the same iOS version my iPad was born with, I'm
likely "safe" from the FacePalm exploit since...
o "the vulnerability only affected devices running iOS 12.1 or later."

Given this description of the FacePalm bug, it's kind of classic that the
Apologists like Jolly Roger drastically minimized the severity of this
egregious bug (which is likely the worst privacy bug in iOS history for a
variety of reasons):

"Apple has acknowledged that it is possible to access the audio
and video of any iPhone running iOS 12.1 or later. Whatÿs more,
not only is this easy to do, you wonÿt be able to tell when someone
has done this to you."

"The vulnerability is so dangerous that any iPhone owner can
exploit another iPhone owner. All it requires is do the following
three steps:
a. Go to a contact and start a FaceTime call
b. Swipe up and select ´Add Person¡
c. Enter your own cell number and add yourself to the call"

"The consequences of this have left the privacy of millions of
iPhone users exposed and was made worse by revelations
that Apple was warned about this bug almost a week earlier
but did little to act. "

[arlen holder]

Google warns about two iOS zero-days 'exploited in the wild'
<https://www.zdnet.com/article/google-warns-about-two-ios-zero-days-exploited-in-the-wild/>

"A Google top security engineer has revealed today that hackers have been
launching attacks against iPhone users using two iOS vulnerabilities. The
attacks have happened before Apple had a chance to release iOS 12.1.4 today
--meaning the two vulnerabilities are what security experts call
"zero-days."

[Alan Baker]

On 2019-02-10 12:31 a.m., arlen holder wrote:
> Since iOS 12.1.4 fixes *four serious exploits* that have been around for

So you're just talking to yourself now?

:-)

[Alan Baker]

On 2019-02-10 12:35 a.m., arlen holder wrote:
> Google warns about two...

...posts in a row where you're just talking to yourself?

[arlen holder]

On Sun, 10 Feb 2019 11:22:31 -0800, Alan Baker wrote:

> So you're just talking to yourself now?

Hi Alan Baker,

You don't seem to comprehend there are (at least) two Usenet use models
o The idle chitchat mode (which you clearly use, Alan Baker)
o The active information mode (sometimes a Q&A) which I clearly use

Your model, Alan Baker, _requires_ chitchat ping-pong activity; mine
doesn't. That is, I do not fear a thread that is only facts, and more
facts. You apparently deplore fact-filled threads.

I understand you Alan Baker; I really do.

In deference to badgolferman, my statement below will assume you are an
open-minded adult, who can comprehend that not everyone uses the use model
that you use, Alan Baker.

To you, Alan Baker, it seems that if someone doesn't _refute_ a fact out
of hand, that there is no need to then continue the subject of the thread.

To an adult, Alan Baker, the subject of the thread is the topic.
o It matter not whether someone like you comes in to _refute_ the topic.

At the risk of stating the obvious, yet again, to you, Alan Baker:
o The subject of this thread is:

o iOS 12.1.4 Now Available With Group FaceTime Bug Fix

Any post containing facts related to _that_ subject, are valid posts.
o The point is that a Usenet thread does not require YOU, Alan Baker
o In particular, it does not require you to _refute_ every fact out of hand.

If what I posted _is_ a fact, and if that fact _is_ related ot the topic,
o then it's a valid post, Alan Baker.

HINT: You apparently think Usenet is only for your worthless rebuttals.

[Andreas Rutishauser]

In article <q3onhe$mrk$1...@news.mixmin.net>,
arlen holder <ar...@arlen.com> wrote:

why are you posting your drivel in non-relevant groups?

--
MacAndreas Rutishauser, <http://www.MacAndreas.ch>
EDV-Dienstleistungen, Hard- und Software, Internet und Netzwerk
Beratung, Unterstuetzung und Schulung
<mailto:and...@MacAndreas.ch>, Fon: 044 / 721 36 47

[Andreas Rutishauser]

In article <q3ono6$nau$1...@news.mixmin.net>,

[Chris]

Andreas Rutishauser <and...@macandreas.ch> wrote:
> In article <q3onhe$mrk$1...@news.mixmin.net>,
> arlen holder <ar...@arlen.com> wrote:
>
> why are you posting your drivel in non-relevant groups?

Isn't it obvious? He's a troll. Pls don't feed him and we'll never need to
hear from him. Apart from his regular nymshifting.

[arlen holder]

On Mon, 11 Feb 2019 08:15:55 -0000 (UTC), Chris wrote:

> Isn't it obvious? He's a troll. Pls don't feed him and we'll never need to
> hear from him. Apart from his regular nymshifting.

Actually, for the first time ever, I think...
o Andreas Rutishauser has a valid "adult" point of view.

For two reasons this was also posted to the Mac groups:
o The FacePalm bug (and relevant bugs & fixes) _applies_ to the Mac also
o My strategy .... & tactics fitting that strategy ... include Mac users

Notice my strategy is _why_ I post to "Apple" newsgroups
o Most Apple users own an "imaginary" belief system

Since most Apple users are, essentially, "ignorant" of facts...
o My strategy has _always_ been to provide those valid facts

That is why the Mac users are included on many of my posts.
o The Mac users are just as ignorant of facts as are the iOS users.

However, while the FacePalm bug _is_ relevant to the Mac users,
o Those Mac users are likely not smart enough to realize that fact

Hence, I will henceforth _exclude_ the Mac users from this thread.

Special thanks to Andreas Rutishauser for his first adult post ever!

[arlen holder]

On Mon, 11 Feb 2019 06:30:40 +0200, Andreas Rutishauser wrote:

> why are you posting your drivel in non-relevant groups?

[arlen holder]

On Mon, 11 Feb 2019 06:29:40 +0200, Andreas Rutishauser wrote:

> why are you posting your drivel in non-relevant groups?

o Apple iOS 12.1.4 has a nasty surprise
<https://www.forbes.com/sites/gordonkelly/2019/02/10/apple-ios-12-1-4-problem-iphone-cellular-data-wifi-upgrade-ipad/>

"Apple iOS 12.1.4 not only introduces some new bugs, it also
carries over _serious WiFi and cellular data problems_ from
previous releases (1,2,3,4,5) and they are affecting iPhone
and iPad owners who had previously managed to avoid them."

"... there are all the hallmarks ...of a _rushed iOS release_."
"installing iOS 12.1.4 is like playing _Russian roulette_..."

"New bugs are inevitable in any release, but it's the ongoing
device-stopping big ones which are inexcusable to see
reappearing again and againĄK"

[Lloyd]

Well he would be if you and others would quit responding to his trolling

--
Lloyd

[arlen holder]

On Mon, 11 Feb 2019 12:06:58 -0600, Lloyd wrote:

> Well he would be if you and others would quit responding to his trolling

Hi Lloyd,

Let me let you in on a little secret, Lloyd...
o Since this isn't my first rodeo on Usenet

There are only about a score of Apple Apologists on this ng.
o The list is below (where, you, Lloyd, are clearly afflicted)

For decades, I've wondered why Apple Apologist spew such bullshit
o Then, I finally figured it out

Apple Apologists own a completely imaginary belief system
o Their belief system is entirely devoid of actual facts + logic

Hence, it's easy to teach them what their weakness is:
o All I need to do is state an actual fact plus adult logic

Every time - the Apologists will _deny_ (out of hand)
o They will deny any & ever fact they don't like (sans evidence)
o They will deny all logic they don't like (sans any semblance of reason)

Hmmmm... Did you ever wonder why I only speak:
a. Fact, and,
b. Logic?

My goal (clearly) is to inform Apple users of the truth.
o My strategy (obviously) is to tell the truth about current events
o My tactics (always) are to state timely Facts & Logic

What's perfect is when the score of Apple Apologists respond.
o Apple Apologists' all own an _imaginary_ belief system
o That imaginary belief system is supplied to them by Apple
o Hence, it's almost completely devoid of FACT + LOGIC

In fact, the apologists are clearly _immune_ to FACT + LOGIC
o Witness Alan Baker constantly flatly refuting facts

I don't even have to prove that they lack FACT + LOGIC.
o All I do is point to their posts, which proves that to be a fact for me!

The score of Apologists can only see in a straight line
o Apple is _happy_ to provide the straight line for them.

Hence, all the Apologists _can_ do, is parrot Apple Propaganda
o Witness _anything_ nospam says - it's always Parrot Propaganda

These are the score of Apologists who should learn _not_ to
respond to current facts + logic simply because they can't:
o Alan Baker (he hasn't figure it out yet, and maybe never will)
o Alan Browne
o Andreas Rutishauser
o BK
o Chris
o Hemidactylus
o joe
o Joerg Lorenz
o Jolly Roger (surprisingly, he has learned his lesson)
o Lewis (he's only just _beginning_ to learn his lesson)
o Lloyd (he long ago learned he's not in the same league)
o nospam (he's the only enigma, since he can actually handle detail)
o Savageduck (he has learned his lesson)
o Tim Streater
o Wade Garrett
o et al.

None of the score of Apple Apologists can see around corners
o All they _can_ see is the straight line of Apple Propaganda

Again, I don't even need to prove this:
o Their posts prove it for me every time they respond to fact + logic

For example, the best way to comprehend nospam (who was the only enigma in
that group because he does have a capacity for detail), is simply to assume
he works for Apple Marketing where all he _can_ do is spout exactly Apple
Marketing Propaganda (he can _never_ go off script).

In summary, all I need to do is speak fact & logic:
o Where the score of Apple Apologists prove my point for me.

HINT: This ng would be completely normal, helpful, and civil, just like the
Android ng is, if only the score of Apple Apologists did _not_ exist.

[arlen holder]

> "The Group FaceTime bug may have required some major
> under-the-hood changes to FaceTime given that it took Apple
> nearly two weeks to fix the issue.

There is a lot of proof that Apple finds only 1 out of 10 security bugs in
their software in this thread today:
o iOS v12.2 is out now! (by Ant)
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/v3y5ih7ReCE>

Where just one guy (Samuel Gross) at Google Project Zero found almost as
many bugs (only 1 less) than did _all_ of Apple, which is a pretty damning
statement on Apple's supreme lack of any reasonable level of QA when one
guy outdoes the _entire_ company on finding bugs.

*The number of huge such holes in iOS is literally shocking!*

And that's not me using that word ... it's in this report published today!
"*Those are just a few of the most shocking [iOS] security flaws*"
<https://www.cnn.com/2019/03/26/tech/ios-12-2-security/index.html>

Specifically, what seems to have happened is that Apple, finally, for the
first time seemingly, has looked at Facetime, and found security hole after
security hole after security hole after security hole.

And it's not just Facetime, but even shocking flaws in the microphone!
"Perhaps the most notable fix: Apple patched a flaw that could allow
malicious applications to access the microphone on your iPhone
and record you and those around you. "

That article goes on to remind us that:
"But that's just one of the vulnerabilities..."

Where, there's more privacy & security holes Apple only found by putting
eyes on Facetime, seemingly for the first time, where Apple fixed
o a problem with the FaceTime app that prevented video chats from pausing
o a loophole that allowed users to access sensitive information in the
Messages app and websites visited
o see information from their phone's light and motion sensors
etc.

All perhaps simply because a mother went viral on the Internet
o Apple may not care about testing, but they care very much about IMAGE!