Technology
Apple accuses Google of ‘stoking fear’ over iPhone vulnerabilities
Disclosure
Every product here is independently selected by Mashable journalists. If you buy something featured, we may earn an affiliate commission which helps support our work.
More than a week after researchers at Google detailed one of the most serious iPhone exploits in recent memory, Apple has responded.
In a statement published Friday, Apple went on the defensive, saying that Google researchers were “stoking fear” and had exaggerated the seriousness of the attack.
Cupertino’s statement comes more than a week after Google’s Project Zero researchers published a blog post detailing how malware embedded in specific websites could steal large amounts of personal data off users’ iPhones. This included messages, both encrypted and otherwise, real-time GPS locations, and passwords.
“We estimate that these sites receive thousands of visitors per week,” Project Zero researcher Ian Beer wrote. Though Beer didn’t elaborate on who may have been impacted by the malware, it was subsequently reported that it was a state-sponsored attack targeting China’s Uighur Muslims.
In its statement, Apple noted that “the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en masse’ as described.”
“The attack affected fewer than a dozen websites that focus on content related to the Uighur community,” Apple wrote. The company’s statement makes no mention of China, where the government has been accused of widespread hacking in order to track the country’s Muslim minority community.
Though the malware could have infected any iPhone that visited the websites in question, Apple said Google overstated the scale of the exploit.
Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation” to “monitor the private activities of entire populations in real time,” stoking fear among all iPhone users that their devices had been compromised. This was never the case.
Second, all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not “two years” as Google implies. We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it. When Google approached us, we were already in the process of fixing the exploited bugs.
The company also made a veiled dig at Google’s Android operating system, writing, “iOS security is unmatched because we take end-to-end responsibility for the security of our hardware and software.”
-
Business6 days ago
UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’
-
Business7 days ago
Mood.camera is an iOS app that feels like using a retro analog camera
-
Business5 days ago
Tesla’s new growth plan is centered around mysterious cheaper models
-
Business4 days ago
Xaira, an AI drug discovery startup, launches with a massive $1B, says it’s ‘ready’ to start developing drugs
-
Business5 days ago
UK probes Amazon and Microsoft over AI partnerships with Mistral, Anthropic, and Inflection
-
Entertainment3 days ago
Summer Movie Preview: From ‘Alien’ and ‘Furiosa’ to ‘Deadpool and Wolverine’
-
Entertainment7 days ago
Furious Watcher fans are blasting it as ‘greedy’ over paid subscription service
-
Business6 days ago
Two widow founders launch DayNew, a social platform for people dealing with grief and trauma