TECH NEWS – There’s another scandal happening around the two tech giants, Apple and Google.
Google Project Zero‘s report revealed that a few malicious websites specialized to target iPhones (and their operating system, the iOS) – the security vulnerabilities allowed the attackers to spy on the victims. Thus, Zerodium, the biggest bug-hunting program, raised zero-day Android exploit bounties to 2.5 million dollars, while iOS remained at 2 million. Over the past few years, we have seen a few times that there were security concerns around Apple with its iOS, but now, the apple is biting back…
Apple says that this attack was sophisticated and narrowly focused, and not en masse. „The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation” to “monitor the private activities of entire populations in real-time,” stoking fear among all iPhone users that their devices had been compromised. This was never the case,” Apple wrote.
Google says the security flaw existed between iOS versions 10 and 12, hinting at the fact that the attacks could have happened for two years. Apple’s response to it was „all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not ‘two years’ as Google implies.” Google has informed Apple about the flaw (to which they say they already knew about it), and they had a week to address it – which is why iOS 12.1.4 came out in February.
„Project Zero posts technical research that is designed to advance the understanding of security vulnerabilities, which leads to better defensive strategies. We stand by our in-depth research which was written to focus on the technical aspects of these vulnerabilities. We will continue to work with Apple and other leading companies to help keep people safe online,” Google told WCCFTech.
Apple’s users are 100% in the hands of the company itself with the security concerns, but we can question it all if a third-party company reveals a security flaw that wasn’t even mentioned in the changelog of iOS 12.1.4 in February. Therefore, we have to question what else could Apple hide from the users, and when Google will reveal that information…