It is understandable that when big leaks are out, people need more proof before they can draw a final conclusion. Coming back to the topic, there were two leaks; ability to force updates to iPhone (running iOS 4) even when not connected to iTunes, and stealing user information via FaceTime (without giving an option to opt-out). According to this employee, Apple has ordered everyone not to support users who have jailbroken iPhones, and they have the system in place which can identify the baseband, carrier, and jailbreak status of each and every iPhone (running iOS4).
Since both are huge leaks, we will only discuss about FaceTime in this article. The force OTA update will be discussed in later article, after I have gathered more proof and verified that it is indeed carrier update (because it could be forced apple firmware update too). This OTA leak should not be considered final and should be added under the category “Rumor” until further proof is confirmed. Please read Update 4 in the original article.
Without further ado, below is the image shared by an Apple employee today, whom we nicknamed “Alpha”.
The email asks,
Apple employees to always check SMS provisioning and capability when troubleshooting activation issues. iPhone 4 FaceTime activation requires that the phones send an SMS to Apple to “?”. [If] SMS isn’t working properly, you may get errors like;
“video_pulls_sw” or “FaceTime activation pending”
Confirming good SMS capability should be resolving most of these issues.
This confirms that Apple has no opt-out in place. To activate FaceTime, your iPhone must be able to send an SMS to Apple which will contain your iPhone’s information and location. On further questioning, he also unveils that when FaceTime call is connected, both the callers and receiver’s location is send to Apple and saved in their internal database. We believe this to be true because Apple desperately needs user data for iAds.
The above image was taken using an iPhone (if you are from Press, email me so I can send you original image without watermark). This was the only viable option due to high security.
He also provided a description of the above screenshot, saying;
This is a screenshot taken from my iPhone of an E-mail we all received today about people’s connectivity with FaceTime and some customers asking why it was not working. Reason why is because we are undergoing server updates to see peoples Facetime, So this does show that we do receive a message when 2 people connect over FaceTime and get there locations and even deeper into it we have a internal on how to view those people but getting that screenshot is super hard with tighten security.
Keep in mind that this image was taken on iPhone 4 launch day. When questioned about Apple logging people’s FaceTime videos, he clarified by saying, “I doubt they (Apple) would use it but are capable of monitoring”.
Now I guess Apple has a lot of explanation to give. The fact that they have the ability to watch users via FaceTime is alarming. This also gives us a clue as to why Apple did not bother adding encryption to FaceTime.
We welcome all questions and opinions. Lets hear your sentiments in the comments.
Update: On Brian’s request I have marked this post as “likely” rumor. Will update this post with more photos and irrefutable proofs before marking it as confirmed.
For those who think this guy is “fake” and is probably fooling around should know that I know his full name, he works at Apple iPhone department, I have seen his photo, and know his location. Stay Tuned!
Update 2: We are sticking to our source, this is what he has to say,
Who pays for the sms? The customer or apple? To which phone number is the sms sent with all carriers worldwide? Does apple have a contract with all of them or does it not work with jb phones on unofficial carriers? OT: Is apple using MS Exchange Server?
The SMS is free because of a contract with Apple and AT&T, so the SMS is from you to Apple is a free message. Now there is a number you can call to try facetime. 1888facetime
You get in contact with an agent and it will send an SMS message to Apple without you knowing, And the agent will then see everything about your iphone, This is a proven fact. I tried it for myself today on my Apple Corporate iPhone 4 and it cause lots of issues for them. Reason why is because the information they pulled up said Apple INC and that was it. So it confused the agents who where lurking into my iPhone information, Only after I verified who I was and what I was doing then we laughed.
Now after this call ended I then Called on my Personal iPhone 4 that has no connection to Apple corporate. I called the 1888facetime again, This time the agent pulled up all my information and we continued with a test call of facetime, He asked me if my WiFi was on, yes. Then was my caller ID on, Yes. Then he stressed how important it was that I was receiving SMS messages in my area, When I asked him what does SMS have to do with a WiFi Connection he could not give me a honest word. “the way facetime works is it has to be on a WiFi signal and a SMS signal as well so the other person can receive your facetime invite. (Untrue) The person will receive your facetime via phone call your currently in asking if you would like to connect via facetime, The SMS is so apple can tag team into your information.
If you dont believe me call 1888-Facetime, you must have an iPhone 4 and wifi connection and SMS connection to do so.
So thats Facetime in a nutshell.
As far as Apple’s person internals go on how we recive E-mails I can’t disclose that information, you all see how it was sent on MS exchange server that was my e-mail server I use for half my messages then I use other e-mails and exchanges as well for me by importaince of the e-mail and who is messaging me at the time. So we will not go any further as to how our internal e-mail systems work.
Facetime I will not be able to show you solid proof of Facetime collecting information cause that is not in our building at Apple Inc. Its located in a different region in the US. The only way we could get a screen shot of this information is if an Agent over there would leak a picture of someone.
Update 3: Confirmed that he works at Apple iPhone Support department, below is the card all employees get when they join the team. The card is from Apple to Apple employees.
Update 4: Technically you have to be both in the WiFi and SMS range when using AT&T network, if you are outside the SMS range but using the WiFi, then you will get the following error.
Thanks a lot to this Apple employee for being straightforward and honest with me. He will be keeping tab on all questions in the comments. More information will be provided in the next few days. Stay Tuned!
Update 5: One commenter points out that this error message cannot be proof since it is also displayed when you call a phone which is not iPhone 4. This comment is incorrect.
Alpha says, “ok so lets say I’m on my iPhone 4 and I got the facetime setting enabled and SMS enabled and Wifi connection and I am talking to (John Doe) and he does not meet all the requirements: iPhone4, Wifi, SMS, Facetime enabled in setting, The call we are currently talking on is disconnected and we will have to call each other back. No error code”
He tells me that this is also written in the KB article. The best way to double confirm this is to test it out yourself.
Update 6: One thing that is left to be proven is that Apple is using unencrypted protocol. So far what we know is that Apple is using plain SIP (they use message for proprietary data exchange during the call) and STUN for firewall recovery. The proof regarding this will be up soon.
Update 7: Find out the reason behind using Microsoft Exchange and another leak here.
Update 8: Just for the sake of clarification, it has been confirmed that SMS is send only the 1st time, not every time the video call is made. For confirmation that the data is send over plain text without proper encryption, check this post. One reader has tested the FaceTime whose experiment can be read here.