Recently, it was all over the news that Google’s cybersecurity experts had found an attempted mass iPhone hack. This had the potential to lead to mass hysteria.
But Apple has released a statement calling out Google for creating a “false impression” with their news and also “stoking fear among all iPhone users.” They have published what they say are the real facts behind this, creating a circumstance of who should be believed.
Apple vs. Google
This all started with Google’s blog post. They claimed their security researchers discovered a group of hacked websites that were being used in attacks against iPhone users who visited the sites. Users didn’t have to do anything other than just visit the website.
This, for obvious reasons, was not good news for Apple. They issued a statement defending their business and hallmark device while also lobbing the ball right back across the court.
Apple wants to “makes sure all our customers have the facts” and to let them know that Google’s claims on their blog are “narrowly focused.”
“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised,” issued Apple. “This was never the case.”
While they had everyone’s attention, the company went about laying out its case of how they believe Google misled its customers.
They claim the attacks Google mentioned weren’t “en masse” and were really only a few dozen websites that were targeted in a minority community in China.
Google’s researchers had found that the malicious websites were visited thousands of times each week and that these websites could install a “monitoring implant” that allowed hackers to have access to iMessages, photos, and location data.
It added that these vulnerabilities were in iPhones that were using operating systems “from iOS 10 through to the latest version of iOS 12.”
Apple did not deny the attacks outright. They admitted users were vulnerable to a “sophisticated attack.” Yet, Apple claims that the flaws that allowed this attack were fixed ten days after they were discovered.
“All evidence indicates that these website attacks were only operational for a brief period, roughly two months, not ‘two years’ as Google implies,” explained Apple.
Because Apple prides itself on its security, they wanted to show that while not coming right out and saying Google’s Android wasn’t as secure.
“iOS security is unmatched because we take end-to-end responsibility for the security of our hardware and software,” they said.
Google is not about to back down, though, as they threw the ball right back into Apple’s court.
“We stand by our in-depth research, which was written to focus on the technical aspects of these vulnerabilities. We will continue to work with Apple and other leading companies to help keep people safe online,” said a Google spokesperson in a statement.
What seemed of interest about this announcement by Google was the timing. They just happened to release research on iPhone security a week-and-a-half before a major Apple release of new iPhones.
Google even says in their blog post that this information was discovered “earlier this year.” It would seem they discovered it and then held onto the information until the point they could cause the most damage. As Apple said, they had fixed the vulnerability six months prior.
What do you think of this exploit? Is Google making something out of nothing? Is Apple a sore loser? Or is this just two huge companies feuding? Leave your thoughts and concerns in the comments below.