Technology
Apple accuses Google of ‘stoking fear’ over iPhone vulnerabilities
Disclosure
Every product here is independently selected by Mashable journalists. If you buy something featured, we may earn an affiliate commission which helps support our work.
More than a week after researchers at Google detailed one of the most serious iPhone exploits in recent memory, Apple has responded.
In a statement published Friday, Apple went on the defensive, saying that Google researchers were “stoking fear” and had exaggerated the seriousness of the attack.
Cupertino’s statement comes more than a week after Google’s Project Zero researchers published a blog post detailing how malware embedded in specific websites could steal large amounts of personal data off users’ iPhones. This included messages, both encrypted and otherwise, real-time GPS locations, and passwords.
“We estimate that these sites receive thousands of visitors per week,” Project Zero researcher Ian Beer wrote. Though Beer didn’t elaborate on who may have been impacted by the malware, it was subsequently reported that it was a state-sponsored attack targeting China’s Uighur Muslims.
In its statement, Apple noted that “the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en masse’ as described.”
“The attack affected fewer than a dozen websites that focus on content related to the Uighur community,” Apple wrote. The company’s statement makes no mention of China, where the government has been accused of widespread hacking in order to track the country’s Muslim minority community.
Though the malware could have infected any iPhone that visited the websites in question, Apple said Google overstated the scale of the exploit.
Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation” to “monitor the private activities of entire populations in real time,” stoking fear among all iPhone users that their devices had been compromised. This was never the case.
Second, all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not “two years” as Google implies. We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it. When Google approached us, we were already in the process of fixing the exploited bugs.
The company also made a veiled dig at Google’s Android operating system, writing, “iOS security is unmatched because we take end-to-end responsibility for the security of our hardware and software.”
-
Entertainment7 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment6 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment7 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment6 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment5 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
-
Entertainment4 days ago
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
-
Entertainment4 days ago
Mars is littered with junk. Historians want to save it.
-
Entertainment5 days ago
CES 2025 preview: What to expect