An 18-year-old has been charged with three counts of computer tampering after “accidentally” swamping Arizona’s emergency services with thousands of bogus 911 telephone calls.
He had hoped Apple would pay him a bug bounty for information about the flaws, but had mistakenly linked to an earlier version of his app that had made users’ phones keep on dialling 911.
In a statement, Maricopa County sheriff’s office said the link had been clicked almost 2,000 times, threatening emergency services across Arizona.
Because the 911 service is classed as critical infrastructure, interfering with its operation is treated, in Arizona, with the same severity as human trafficking or second-degree murder.
Talking to police after his arrest, Mr Desai said the bug he had been planning to exploit had been sent to him by an online friend. Using it, he intended exploiting it to make a benign but annoying app that people would find “funny”.
Writing on the Ars Technica news site, Dan Goodin said the incident contained a valuable lesson for anyone getting started in security research.
“Hacking devices or networks without the explicit permission and cooperation of their owners is dangerous and can result in significant legal penalties,” he said.