Google hackers find major iPhone security flaw

Jamie McKane

MyBroadband Journalist
Staff member
Super Moderator
Joined
Mar 2, 2016
Messages
5,381
Google hackers find major iPhone security flaw

On the same day Apple Inc. revealed the date for its latest iPhone event, Google’s privacy team said it had discovered a two-year long vulnerability in the phone-maker’s software.

The bug targeted a small number of websites. Simply visiting those pages could have left iPhone users susceptible to the breach and possibly affected thousands of users per week, Google Zero wrote in a number of blog posts on Thursday.

[Bloomberg]
 

3WA

Executive Member
Joined
Sep 25, 2012
Messages
7,935
What websites? I've done some shameful things. I have fetishes that are not easily catered to by the mainstream.
 

Tharaxis

Senior Member
Joined
Aug 9, 2003
Messages
527
The article is confusing... firstly it refers to these issues as being active and out in the wild, then refers to the issue having being reported months ago and having being swiftly resolved. So which is it, is this an active issue, or is this an issue that has already been fixed? If it's already been fixed then pretty much every recent iPhone with the latest software (which because of how updates work is almost guaranteed to be the case) is already safe from this.
 

Swa

Honorary Master
Joined
May 4, 2012
Messages
23,824
The article is confusing... firstly it refers to these issues as being active and out in the wild, then refers to the issue having being reported months ago and having being swiftly resolved. So which is it, is this an active issue, or is this an issue that has already been fixed? If it's already been fixed then pretty much every recent iPhone with the latest software (which because of how updates work is almost guaranteed to be the case) is already safe from this.
It seems it was active for 2 years and they only fixed it after Google revealed it. Iphone not as secure as people claim.
 

Tharaxis

Senior Member
Joined
Aug 9, 2003
Messages
527
It seems it was active for 2 years and they only fixed it after Google revealed it. Iphone not as secure as people claim.
Not quite sure what you're trying to imply, but no piece of software is "absolutely" secure. Most software only gets security fixed after being reported by outsiders... it's impossible to secure against issues you don't know exist. Chances are the bug was found in the latest version of iOS at the time, it was then analyzed and found in versions that were up to 2 years old, and once it was reported, Apple fixed it within a week. That sounds like an extremely good turnaround when other platforms often take weeks if not longer to get fixed.

I would say Apple is generally *extremely* good when it comes to fixing security issues.
 

Swa

Honorary Master
Joined
May 4, 2012
Messages
23,824
Not quite sure what you're trying to imply, but no piece of software is "absolutely" secure. Most software only gets security fixed after being reported by outsiders... it's impossible to secure against issues you don't know exist. Chances are the bug was found in the latest version of iOS at the time, it was then analyzed and found in versions that were up to 2 years old, and once it was reported, Apple fixed it within a week. That sounds like an extremely good turnaround when other platforms often take weeks if not longer to get fixed.

I would say Apple is generally *extremely* good when it comes to fixing security issues.
Iphone security is often overstated. We don't know how long it took them to fix. Can also be they knew and it was an easy fix they applied when it was reported. No reason to assume one or the other scenario.
 

AfricanTech

Honorary Master
Joined
Mar 19, 2010
Messages
34,624
Corporate politics eh!

When Google’s Project Zero reported a massive malware attack on iPhones last week, it neglected to mention that the attack targeted Android and Windows as well.
Google also didn’t say what websites hosted the malware, who was targeted, and by whom. TechCrunch sources got the answer to that question: It was China targeting its repressed Uyghur Muslims. The iOS aspect of this story was an important and fascinating disclosure, but it reeks of corporate politics that Project Zero withheld information about other platforms, the attacker, and its targets. But hey, who can blame giant U.S. corporations for not wanting to mess with China right now? — FORBES
 

mercurial

MyBB Legend
Joined
Jun 12, 2007
Messages
39,114
Top