Apple Says Google Blew iPhone Hacking Report Out of Proportion

Apple Says Google Blew iPhone Hacking Report Out of Proportion

Apple is used to promoting the security of its products in comparison to the competition, but it was on the defensive last week following a report from Google’s Project Zero. According to Google researchers, iOS was the target of a sophisticated attack for two years until Google alerted Apple in early 2019. However, Apple is now seeking to downplay the severity of the attack, claiming Project Zero has blown the whole thing out of proportion.

The news of Apple’s iPhone vulnerability broke recently with an in-depth report from Project Zero, a group at Google that specializes in uncovering zero-day hacks that threaten internet users. According to the team, a number of websites had deployed hacks that could install malware with root access on the iPhone. The operators of the sites could steal data, monitor phone locations, and even access the user’s on-device password storage. Google said the attacks operated “over a period of at least two years” and covered almost every version of iOS active during that time.

Apple issued a press release late last week disputing part of Google’s findings. The iPhone maker strenuously objects to Google’s claim that the attacks operated for two years. In fact, Apple says it was closer to two months. Furthermore, Apple says it already knew about the flaws and was conveniently already working on a fix. It’s impossible to verify that claim, but it does sound suspect. Google’s Project Zero researchers are cited in Apple’s official changelog from February as reporting the flaws.

The timeline of iOS hacks from Project Zero.
The timeline of iOS hacks from Project Zero.

Apple also says the attack focused on the Uyghur community, a group of ethnically Turkic Muslims living in western China. Uyghurs have been targeted for persecution and imprisonment by Chinese authorities for years. The government often uses technological means like the iPhone hack to track and investigate the Uyghur population.

Apple seems to be suggesting that Google wanted to make the flaws look more severe than they were, but Project Zero has traditionally conducted its business in without favoritism. In response to Apple’s criticism, Project Zero has issued a statement standing by its “in-depth research which was written to focus on the technical aspects of these vulnerabilities.”

Google is used to getting publicly chastised for security vulnerabilities — Android is open source, but Apple has the benefit of quietly patching exploits as it finds them in its closed software. Perhaps the iPhone maker is just a little overly sensitive with its new iPhone unveiling this week.

Continue reading

Google Pixel Slate Owners Report Failing Flash Storage
Google Pixel Slate Owners Report Failing Flash Storage

Google's product support forums are flooded with angry Pixel Slate owners who say their devices are running into frequent, crippling storage errors.

Western Digital Changes Its Reported Drive Speeds to Reflect Reality
Western Digital Changes Its Reported Drive Speeds to Reflect Reality

Western Digital has launched new WD Red Plus models to correct previous communicated inaccuracies regarding the spindle speeds on its 8TB-14TB products in this family.

Nvidia Will Mimic AMD’s Smart Access Memory on Ampere: Report
Nvidia Will Mimic AMD’s Smart Access Memory on Ampere: Report

AMD's Smart Access Memory hasn't even shipped yet, but Nvidia claims it can duplicate the feature.

Report: Samsung May Kill Galaxy Note Series, Add Stylus to Galaxy Z Fold3
Report: Samsung May Kill Galaxy Note Series, Add Stylus to Galaxy Z Fold3

Samsung may be planning a major shift in its smartphone strategy in 2021. According to a recent analyst report, Samsung may drop the popular Galaxy Note family in favor of a foldable with a stylus. The problem, it seems, is that the Note series isn't as popular as it once was.