> First, the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones “en masse” as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community.
Of course, being 0-days, this is speculation on Apple's part.
> When Google approached us, we were already in the process of fixing the exploited bugs.
This is an interesting twist: Apple apparently knew about these bugs prior to Google Project Zero's involvement? The media overhyped the vulnerabilities (as they normally do), but this statement seems like it's blaming Google for making a big deal of something that Apple supposedly didn't need help on. Not a good look for Apple to be throwing shade in a public statement :/
I'm not denying that they're serious vulnerabilities–made especially concerning because it looks like they're the work of a nation state against an ethnic minority–but headlines of "1 billion iPhones hacked" do not convey the issue accurately.
Right, probably. No one knows who else might have used it, though.
What's kind of sad is that this story was not used to enlighten the general population on how exactly the modern information security works (which can be reduced to "nothing is secure").
Which it can be. Especially because Apple's statement shows who the attacker was and who they were attacking. I mean if Trump used an attack like this to target Muslims people would be screaming their heads off about government overreach and violations of privacy. And that's essentially what happened here.
That wasn't an actual headline though. You can find: "Google Warns 1 Billion Apple Users They May Have Been Attacked." Which is quite different and doesn't conform to your complaint as well.
So you created it, and then used its wording as the focus of your complaint. And your link has the same headline I referenced above, which is quite different in tone and implication.
I just read the article I linked a bit more closely, and it's worse than I thought: pretty much everything in it is wrong.
> The details of the exploits are being kept a secret
They are not.
> Four out of the six bugs can trigger a malicious code on an iOS device, and a user doesn’t even need to do anything. Simply sending the message to the phone will execute the code once a person opens and looks at the message.
No.
The article also fails to mention that the the bugs targeted previous versions of iOS and have been fixed by Apple. And finally, the title makes it clear that "1B Apple users could be hacked", which is categorically false and much closer in meaning to my headline than yours.
Which to me is a big yawn because as long as we have javascript engines in our browsers this will probably be possible. Browsing websites is basically an RCE anyway.
The point of a browser's security model is to make it so that "remote code execution" does not mean "arbitrary remote code execution with elevated privileges".
I remember having been able to jailbreak my iPhone 3GS for a period of time entirely through visiting a website and letting it exploit such vulnerabilities enough to perform the task. Searching for a related article, appears to have been possible on iOS 4.0/4.0.1:
Edit: I use ‘letting’ above loosely meaning that the specific website mentioned allowed the visitor to control whether the exploit was actually executed or not.
Of course, being 0-days, this is speculation on Apple's part.
> When Google approached us, we were already in the process of fixing the exploited bugs.
This is an interesting twist: Apple apparently knew about these bugs prior to Google Project Zero's involvement? The media overhyped the vulnerabilities (as they normally do), but this statement seems like it's blaming Google for making a big deal of something that Apple supposedly didn't need help on. Not a good look for Apple to be throwing shade in a public statement :/