Saturday, September 21, 2019
News

Apple slams Google for raising false alarm on iOS security

   SocialTwist Tell-a-Friend    Print this Page   COMMENT

San Francisco | Saturday, 2019 5:45:05 PM IST
Apple has slammed Google for creating a false impression about its iPhones being at hacking risk owing to security flaws that allegedly let several malicious websites break into its iOS operating system.

Researchers working in Google's Project Zero team had discovered several hacked websites that used security flaws in iPhones to attack users who visited these websites -- compromising their personal files, messages, and real-time location data.

In a statement, Apple said the so-called sophisticated attack was narrowly focused, not a broad-based exploit of iPhones "en masse" as described.

"The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Regardless of the scale of the attack, we take the safety and security of all users extremely seriously," the Cupertino-based iPhone maker said on Friday.

"Google's post, issued six months after iOS patches were released, creates the false impression of 'mass exploitation' to 'monitor the private activities of entire populations in real time', stoking fear among all iPhone users that their devices had been compromised. This was never the case," Apple said.

According to Google, the websites delivered their malware indiscriminately and were operational for years.

According to the iPhone maker, "all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not 'two years' as Google implies".

Google's Threat Analysis Group (TAG) discovered that there was no target discrimination as simply visiting the hacked site was enough for the exploit server to attack the iPhone, and if it was successful, install a monitoring implant.

"We estimate that these sites receive thousands of visitors per week," said the Google blog post.

Google researchers also said they identified a vulnerability that accessed all the database files on the victim's iPhone used by end-to-end encryption apps like WhatsApp, Telegram and iMessage.

Apple said that it fixed the vulnerabilities in question in February -- working extremely quickly to resolve the issue just 10 days after it learnt about it.

"When Google approached us, we were already in the process of fixing the exploited bugs," said the company, adding that its product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they're found.

--IANS na/mag/

( 384 Words)

2019-09-07-11:38:05 (IANS)

 
  LATEST COMMENTS (0)
POST YOUR COMMENT
Comments Not Available
 
POST YOUR COMMENT
 
 
TRENDING TOPICS
 
 
CITY NEWS
MORE CITIES
 
 
 
MORE SCIENCE NEWS
#CorporateTaxCut trends as FM announces ...
Facebook bringing new interactive ad sol...
Facebook shuts several apps post-Cambrid...
Tech companies hail corporate tax cut...
Twitter purges over 10,000 propaganda ac...
Realme ups the ante, eyes top spot in Di...
More...
 
INDIA WORLD ASIA
UP: BJP and allies conduct meeting to re...
Ashish Shelar slams Sharad Pawar over 'P...
Saurashtra, Kutch to receive heavy rainf...
Defence Secretary lauds Centre over exem...
President accepts resignation of Madras ...
UP farmers begin march towards Kisan Gha...
More...    
 
 Top Stories
Celebrate the Bhaav and Bandish of ... 
Pak cleric arrested for molesting m... 
Heartfulness meditation cultivates ... 
WC bronze motivation for upcoming c... 
Trump doesn't foresee China trade d... 
Madras HC Chief Justice V.K. Tahilr... 
K'taka: Varsity develops 'Green' li... 
Fadnavis urges people to vote in up...