**Date:** December 29, 2025 **Researcher:** Research Team **Subject:** Facebook iOS v345.0 Privacy Indicator Bypass & Surveillance Infrastructure
Executive Summary
This package contains comprehensive documentation of a critical privacy vulnerability discovered in the Facebook iOS application that enables:
- undefined
Package Contents
Regulatory Submissions
| Directory | Contents | Status |
|---|---|---|
| `/apple/` | Apple Security Research submission | Ready for submission |
| `/fbi/` | FBI IC3 wiretapping complaint | Ready for submission |
| `/ftc/` | FTC consumer protection complaint | Ready for submission |
Public Materials
| Directory | Contents | Status |
|---|---|---|
| `/public/` | Public technical disclosure (post-embargo) | Embargoed |
| `/media/` | Press release & journalist briefing | Embargoed |
Evidence
| Directory | Contents |
|---|---|
| `/evidence/` | Technical writeups, runtime captures, appendices |
| `/scripts/` | Frida proof-of-concept scripts |
Key Findings Summary
The Bypass Mechanism
Plain Text
App Launch
↓
setAllowCallKitActiveAdjust: FALSE ← Kills orange indicator
↓
isCallKitActive: FALSE ← No actual call
↓
hasRTCClient: FALSE ← No VoIP client
↓
BYPASS ACTIVE WITHOUT LEGITIMATE PURPOSERuntime Evidence
Plain Text
[FB] allowCallKitActiveAdjust: false
[FB] !!! BYPASS IS ACTIVE - allowCallKitActiveAdjust is FALSE !!!
[FB] isCallKitActive: false
[FB] hasRTCClient: false
[FB] AVAudioSession category: AVAudioSessionCategoryAmbientScale of Impact
- undefined
Submission Instructions
Apple Security Research
- undefined
FBI Internet Crime Complaint Center
- undefined
Federal Trade Commission
- undefined
Disclosure Timeline
| Date | Action |
|---|---|
| December 29, 2025 | Vulnerability discovered and documented |
| December 29, 2025 | Disclosure package prepared |
| [TBD] | Submitted to Apple Security Research |
| [TBD] | Submitted to FBI IC3 |
| [TBD] | Submitted to FTC |
| [TBD + 90 days] | Public disclosure (coordinated) |
Legal Notice
This research was conducted on personally-owned devices for security research purposes. No unauthorized access to systems or data occurred. This disclosure is made in good faith to improve user privacy and security.
File Manifest
Plain Text
README.md (this file)
├── APPLE_SECURITY_DISCLOSURE.md (initial draft)
├── FBI_WIRETAPPING_DISCLOSURE.md (initial draft)
├── apple/
│ └── APPLE_SECURITY_DISCLOSURE_FINAL.md
├── fbi/
│ └── FBI_WIRETAPPING_DISCLOSURE_FINAL.md
├── ftc/
│ └── FTC_CONSUMER_PROTECTION_COMPLAINT.md
├── public/
│ └── PUBLIC_DISCLOSURE_FACEBOOK_iOS_SURVEILLANCE.md
├── media/
│ ├── MEDIA_PRESS_RELEASE.md
│ └── JOURNALIST_BRIEFING_PACKET.md
├── evidence/
│ ├── Apple-Security-Submission-Facebook-iOS-Privacy-Bypass.docx
│ ├── Apple-Submission-Email-Template.md
│ ├── Facebook-iOS-Privacy-Bypass-Blog-Post.md
│ ├── Facebook-iOS-Privacy-Bypass-Technical-Writeup.docx
│ └── Facebook-iOS-Runtime-Evidence-Appendix.md
└── scripts/
├── fb_check_state.js (bypass state detection)
├── fb_monitor_file.js (file-based logging)
└── [other analysis scripts]**Classification:** Confidential - Security Research **Distribution:** Limited to authorized recipients until public disclosure