Apple Says Google Blew iPhone Hacking Report Out of Proportion

Apple Says Google Blew iPhone Hacking Report Out of Proportion

Apple is used to promoting the security of its products in comparison to the competition, but it was on the defensive last week following a report from Google’s Project Zero. According to Google researchers, iOS was the target of a sophisticated attack for two years until Google alerted Apple in early 2019. However, Apple is now seeking to downplay the severity of the attack, claiming Project Zero has blown the whole thing out of proportion.

The news of Apple’s iPhone vulnerability broke recently with an in-depth report from Project Zero, a group at Google that specializes in uncovering zero-day hacks that threaten internet users. According to the team, a number of websites had deployed hacks that could install malware with root access on the iPhone. The operators of the sites could steal data, monitor phone locations, and even access the user’s on-device password storage. Google said the attacks operated “over a period of at least two years” and covered almost every version of iOS active during that time.

Apple issued a press release late last week disputing part of Google’s findings. The iPhone maker strenuously objects to Google’s claim that the attacks operated for two years. In fact, Apple says it was closer to two months. Furthermore, Apple says it already knew about the flaws and was conveniently already working on a fix. It’s impossible to verify that claim, but it does sound suspect. Google’s Project Zero researchers are cited in Apple’s official changelog from February as reporting the flaws.

The timeline of iOS hacks from Project Zero.
The timeline of iOS hacks from Project Zero.

Apple also says the attack focused on the Uyghur community, a group of ethnically Turkic Muslims living in western China. Uyghurs have been targeted for persecution and imprisonment by Chinese authorities for years. The government often uses technological means like the iPhone hack to track and investigate the Uyghur population.

Apple seems to be suggesting that Google wanted to make the flaws look more severe than they were, but Project Zero has traditionally conducted its business in without favoritism. In response to Apple’s criticism, Project Zero has issued a statement standing by its “in-depth research which was written to focus on the technical aspects of these vulnerabilities.”

Google is used to getting publicly chastised for security vulnerabilities — Android is open source, but Apple has the benefit of quietly patching exploits as it finds them in its closed software. Perhaps the iPhone maker is just a little overly sensitive with its new iPhone unveiling this week.

Continue reading

Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera
Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera

According to a recent iFixit report, Apple's hostility to the right of repair has hit new heights with the iPhone 12 and iPhone 12 Pro.

Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps
Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps

Both Nvidia and Google have announced iOS support for their respective cloud gaming platforms via progressive web applications. Apple can't block that.

Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi
Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi

According to Ian Beer of Google's Project Zero security team, the flaw allowed him to steal photos from any iPhone just by pointing a Wi-Fi antenna at it.

Stadia Is Now Playable on iPhone Thanks to Google’s New Web App
Stadia Is Now Playable on iPhone Thanks to Google’s New Web App

Google promised iPhone support, but Apple's App Store policies got in the way. Now, there's finally a way to play Stadia on iOS — just fire up Safari and go to the Stadia site to use the new progressive web app.