The security of Apple’s iPhone products has been brought into question thanks to a Google Project Zero finding. While Apple implicitly responded when they released a new iOS to deal with the security issues, but they have just released an official statement regarding the Project Zero finding. In it, the company outlines their stance on the reporting and reaffirms their commitment to security.
According to Apple’s statement, Google Project Zero’s statement “stok[ed] fear among all iPhone users that their devices had been compromised [but] this was never the case.”
Apple adamantly proclaims that the Project Zero’s report and, implicitly, later findings exaggerate just how large of an impact this hacking had.
To start, Apple countered current narratives that a large user base could have been affected, stating, “the sophisticated attack was narrowly focused… affect[ing] fewer than a dozen websites that focus on content related to the Uighur attack.” Additionally, the company insisted that the attacks only happened over a period of two months rather than two years.
As a counter narrative, Apple ensured to its users that “security is a never-ending journey and our customers can be confident we are working for them.” Not only did they clarify that they fixed the vulnerability within 10 days of hearing from Project Zero, but they also mentioned that they were already being proactive in the process of fixing the security issue before Google reached out.
In a response to Apple’s statement, Google affirmed its original report to The Verge. In the statement, Google said, “Project Zero posts technical research that is designed to advance the understanding of security vulnerabilities, which leads to better defensive strategies. We stand by our in-depth research which was written to focus on the technical aspects of these vulnerabilities. We will continue to work with Apple and other leading companies to help keep people safe online.”