Apple says Google’s blog post creates the false impression of mass exploitation of iPhone users. (Image source: Bloomberg)Google’s Project Zero security research team published a blog last week, outlining some vulnerabilities it discovered within iOS. Apple had fixed these issues in February this year and now it has responded to the findings, reaffirming iPhone users about the iOS security, outlining exactly what had happened.
As per Google’s blog, some malicious websites were accessing iPhone user’s phones to steal files and uploading live location data, as often as every minute. Google termed the attack as “one of the largest attacks against iPhone users ever”.
Apple statement accuses Google’s blog post of creating the false impression of “mass exploitation” to “monitor the private activities of entire populations in real-time”, stoking fear among all iPhone users that their devices had been compromised. It says that the attack detailed by Google was never “broad-based” exploit of iPhone users, instead the “attack affected fewer than a dozen websites that focus on content related to the Uighur community”.
It further says that these website attacks were only operational for a brief period, which roughly amounts to “two months”, and not “two years” as Google describes.
Apple says that it fixed the vulnerabilities in February– just 10 days after they learned about it. It says that Google’s post has been issued six months after iOS patches were released.
The Cupertino-based company finished the statement reassuring iPhone users that it takes security seriously. “Security is a never-ending journey and our customers can be confident we are working for them,” Apple said.
Also read | Google says iOS security flaws led malicious websites to hack iPhone for years
Google responded to Apple’s message in a statement to CNBC saying that it stands by its in-depth research which was written to focus on the technical aspects of these vulnerabilities and the goal of its Project Zero technical research is to understand security vulnerabilities, which leads to better defensive strategies.
With Google sticking to its findings and Apple declining such claims, the whole situation has turned into he said, she said scenario.
