Apple isn’t happy about the way Google revealed a major iPhone security flaw recently. Google security researchers revealed that malicious websites used previously undisclosed security flaws in iOS to hack into devices over at least two years. While Apple doesn’t dispute the research, the company accuses Google of “stoking fear among all iPhone users that their devices had been compromised” because key details were omitted in Google’s blog post.
“The sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en masse’ as described,” explains Apple. “The attack affected fewer than a dozen websites that focus on content related to the Uighur community.” Subsequent reports have revealed that these websites also targeted Windows and Android users, but Google didn’t detail this aspect of the attacks. “All evidence indicates that these website attacks were only operational for a brief period, roughly two months, not ‘two years’ as Google implies,” says Apple.
Apple fixed the vulnerabilities back in February, just 10 days after it learned about the security issues. “When Google approached us, we were already in the process of fixing the exploited bugs,” explains Apple. It’s not clear whether Google was aware of the reported attempts to hack Android devices with the same websites or why the company didn’t reveal that the overall attack was very narrow as Apple claims.
“Security is a never-ending journey and our customers can be confident we are working for them,” says Apple. “Our product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they’re found. We will never stop our tireless work to keep our users safe.”
source: the verge
If you have a story you want to share with Kuulpeeps and the world, please send us an email on firstname.lastname@example.org