Apple has hit back recent iOS security concerns from Google, claiming its arch-rival has created a ‘false impression of mass exploitation’ to spook iPhone users.
Toward the end of August, a security researcher at Google published a blog post exposing 12 security flaws in Apple’s Safari web browser that allowed hackers to grab personal data from iPhones. Shifty websites planted monitoring software into smartphones allowing criminals to steal data and send it to an external exploit sever every 60 seconds.
Apple posted the response on its website after receiving a number of complaints from customers voicing their concerns about the vulnerabilities, despite the fact these flaws were patched up in February.
Related: Best Phone
Apple criticised Google’s language in the post, arguing that “the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones “en masse” as described” and that Google created a “false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time”.
The company explained that hackers hit fewer than a dozen websites, primarily targeting content related to the Uighur community. It accused Google of exaggerating the scale of the attack to scare iPhone users and of sharing the information six months after the issue had been fixed “stoking fear among all iPhone users that their devices had been compromised”.
Related: Best iPhone
Apple also called Google out for implying that the attack took place over the space of two years rather than the two months Apple found the group were operational:
“We fixed the vulnerabilities in question in February – working extremely quickly to resolve the issue just 10 days after we learned about it. When Google approached us, we were already in the process of fixing the exploited bugs”.
Google shared news of Apple’s security blunder less than two weeks before iOS 13 was set to be unveiled. The newest OS update is expected to include new security features including ‘Sign in with Apple’ in the hopes to cut down on incidents of personal data theft.