Apple responds to Google’s statement on iOS security vulnerabilities

Share

Google said the attacks operated "over a period of at least two years" and covered nearly every version of iOS active during that time.

"The sophisticated attack was narrowly focused, not a broad-based exploit of iPhones "en masse" as described [by Google]", an Apple statement explains.

In a statement published Friday, Apple went on the defensive, saying that Google researchers were "stoking fear" and had exaggerated the seriousness of the attack.

Apple has taken security and privacy very seriously in recent years, even leaning on those features to help it sell more devices like iPhones and Mac computers.

In a brief news post, Apple says that it has heard concerns from its customers and wants to make sure they know they are not at risk.

According to Google, the websites delivered their malware indiscriminately and were operational for years.

Apple says the post "creates the false impression of "mass exploitation" to 'monitor private activities of entire populations in real-time, ' quoting Google's own words in the Project Zero report". There's no mention of the country in Project Zero's research, and a spokesman on Friday wouldn't tell me if Google had known the Uighurs were being targeted. At last, Apple notorious that once Google reported its findings, they had already been engaged on a fix, which then came out within days.

More news: Download iOS 13 on September 19
More news: MPs stage protest during stormy ceremony to suspend Parliament for five weeks
More news: Apple, Foxconn say they overly relied on temporary workers in China

"We fixed the vulnerabilities in question in February - working extremely quickly to resolve the issue just 10 days after we learned about it", Apple says. The report also claimed that security vulnerabilities ran throughout iOS version 10 and iOS version 12.

The specific targetting of one specific ethnic group who are already said to be victims of Chinese civil rights abuses has led some to suspect it was a nation-state attack in the first place.

Last week, some reports also suggested that the hacked websites targeted Android and Windows users as well, but Google didn't provide any details about that aspect of the attacks. Google noted its "Threat Analysis Group" or TAG team had "discovered a small collection of hacked websites".

Apple is long due for a major design change for its iPhones since it unveiled the iPhone 6. Additionally, the security remains "unmatched" as it takes care of the security of the software and hardware.

"Project Zero posts technical research that is created to advance the understanding of security vulnerabilities, which leads to better defensive strategies", the company said in a statement.

Tile-Like Product: Apple has been rumored to be developing a Tile-like product and service so that users can track their devices better.

Google still stands by its claims. One of the URLs was quite clearly a news site aimed at Uighur readers.

Share