Apple says Uighurs targeted in iPhone attack but disputes Google
findings
Send a link to a friend
 [September 07, 2019] By
Stephen Nellis
(Reuters) - Apple Inc on Friday confirmed
that China's Uighurs, a mostly Muslim minority group considered a
security threat by Beijing, had been the target of attacks due to iPhone
security flaws, but disputed rival Alphabet Inc's description of the
effort to track users of the smartphone in real time.
Google Project Zero researchers said last week that five security flaws
led to a "sustained effort to hack the users of iPhones in certain
communities over a period of at least two years."
The researchers did not specify the communities, but CNN, TechCrunch and
other news organizations reported that the attacks had been aimed at
monitoring Uighurs. Reuters recently reported that China hacked Asian
telecommunications companies to spy on Uighur travelers.
Apple said on Friday the attack "was narrowly focused" and affected
"fewer than a dozen websites that focus on content related to the Uighur
community" rather than the "en masse" hack of iPhone users described by
Google researchers. Apple also said it fixed the issue in February,
within 10 days of being notified by Google.
Apple said evidence suggested that the website attacks lasted only two
months, rather than the two years that Google researchers had suggested.
[to top of second column] |
A woman looks at the screen of her mobile phone in front of an Apple
logo outside its store in Shanghai, China July 30, 2017. REUTERS/Aly
Song/File Photo
"Google's post, issued six months after iOS patches were released, creates the
false impression of "mass exploitation" to "monitor the private activities of
entire populations in real time," stoking fear among all iPhone users that their
devices had been compromised," Apple said in a newsroom post. "This was never
the case."
In a statement, Google said it stood by its findings and would continue to work
with Apple and other companies to find and fix flaws.
"Project Zero posts technical research that is designed to advance the
understanding of security vulnerabilities, which leads to better defensive
strategies," Google said in statement. "We stand by our in-depth research which
was written to focus on the technical aspects of these vulnerabilities."
Google and Apple are rivals in the smartphone market, where their iOS and
Android operating systems vie for users. But Google's Project Zero team of
researchers is focused on finding serious security flaws from a wide range of
software and hardware firms, not solely Apple. Last year the group played a key
part in finding security flaws in chips made by Intel Corp.
(Reporting by Stephen Nellis in San Francisco; Editing by Richard Chang and
Marguerita Choy)
[© 2019 Thomson Reuters. All rights
reserved.] Copyright 2019 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
