Apple denounces Google’s ‘panic-mongering’ over iPhone hacks investigation
Apple believes that Google caused unnecessary panic with the coverage of the major iPhone hacks of a week ago. The company says the discovered vulnerability was only active for two months. Apple also acknowledges that the attack was aimed at Uyghurs.
Apple writes this in a public letter. The company is responding to Google’s discovery last week. The company’s security researchers then released details about vulnerabilities in the iOS operating system that were allegedly exploited to infect iPhones with malware.
In an analysis, Google said the vulnerabilities had been deployed since September 2016. That would happen on websites where visitors were directly infected when they visited them. Apple denies that the leak was active for so long. “Everything indicates that the website attacks lasted for a short period of time, roughly two months, rather than two years as Google implies.” The company also says that the vulnerability was fixed ten days after it was discovered. “When Google knocked on our door, we were already working on a fix,” Apple writes.
Apple denounces Google’s “creating the false impression” that the vulnerability was widely exploited. Google used terms like “mass exploitation” in the study, saying the attacks were used to “monitor private activities of entire populations in real time.” Apple denies that and says iPhone users are not necessarily affected.
Apple acknowledges that the website likely tracked the Uyghur Chinese minority group. Even after Google published the research, it was not clear exactly which websites were used for the attacks, and for what purpose. Sources later told Forbes that it would be Chinese attacks against Uyghurs. They have been hunted down in China for years and placed in ‘re-education camps’ by the government. Apple doesn’t specifically point the finger at China in the letter, but says the attack involved “less than a dozen websites with content related to the Uyghur community.”