Apple slams Google for ‘stoking fear’ among iPhone users

Apple slams Google for ‘stoking fear’ among iPhone users

September 10, 2019   12:26 pm

-

Google’s reporting of a major iOS security vulnerability has been criticised by Apple, which says its rival had exaggerated the impact of the situation.

Last month, Google’s Project Zero research team detailed a flaw that could see user data, such as files, messages and location data, compromised if a user with an affected device visited a malicious website.

“There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” Google’s team had said.

The vulnerability was patched six months ago and Apple says it was already in the process of fixing the flaws when it was contacted by Google. Indeed, it says the issue was resolved just 10 days after the communication.

However Apple has taken issue with Google’s disclosure. It refutes the suggestion that the target was ‘indiscriminate’, arguing that fewer than a dozen sites were affected – mainly those serving the Chinese Uighur community, and says the post unnecessarily caused panic among iOS users.

“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised,” says Apple. “This was never the case.”

Apple regards the relative security of the iOS platform as a key differentiator, so the topic is a sensitive one for the company.

The company launched a bug bounty programme for iOS three years ago, offering up to $200,000 to ethical hackers that responsibly reported vulnerabilities. However it increased the upper limit to $1 million earlier this year, a move which would combat claims the rewards on offer were too low.

“Project Zero posts technical research that is designed to advance the understanding of security vulnerabilities, which leads to better defensive strategies,” a Google spokesperson told TechRadar Pro.

“We stand by our in-depth research which was written to focus on the technical aspects of these vulnerabilities. We will continue to work with Apple and other leading companies to help keep people safe online.”

Source: TechRadar

Disclaimer: All the comments will be moderated by the AD editorial. Abstain from posting comments that are obscene, defamatory or slanderous. Please avoid outside hyperlinks inside the comment and avoid typing all capitalized comments. Help us delete comments that do not follow these guidelines by flagging them(mouse over a comment and click the flag icon on the right side). Do use these forums to voice your opinions and create healthy discourse.

Most Viewed Video Stories