Apple says China’s Uighur Muslims were targeted in the recent iPhone hacking campaign
The tech giant gave a rare statement that bristled at Google’s analysis of the novel hacking operation.
In the wake of one of the worst attacks ever against iPhone and iPad security, Apple issued a rare statement on Friday rebutting claims about the attack made by Google in a blog post last week.
The Google post said that hacked websites were used to “indiscriminately” attack individuals who visited them, through numerous critical vulnerabilities in iOS, the operating system that powers iPhones and iPads. These exploits were used to attack as many as thousands of victims per week, according to Google. However, according to Apple’s new statement, Google’s report left out or misrepresented key details.
Targets of attack: Apple’s new statement confirms that the hacking campaign targeted Uighurs, a Muslim minority in China, many of whom live in Xinjiang, a northwestern province where approximately a million people are being held in detention camps. A report last month detailed how Chinese officials put spyware apps on Uighurs’ phones, one of many surveillance techniques the government has used against Uighurs, Tibetans, and other dissidents.
Scale of attack: Apple disputed some key facts in Google’s report, which said that potentially thousands of iPhone users could have been hit every week in a two-year-long hacking campaign.
“First, the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en masse’ as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community,” Apple wrote. “Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised. This was never the case.”
In a statement replying to Apple’s statement, a Google spokesperson said, “We stand by our in-depth research which was written to focus on the technical aspects of these vulnerabilities.”
Length of attack: Apple asserted that the campaign lasted “roughly two months” and “not ‘two years’ as Google implies.”
Apple says it fixed the problem shortly after it became aware of it. iPhone users who have updated their phones’ operating systems are protected.
Impact of attack: The overall thrust of Google’s report is not in question. The attack is one of the most serious, and successful, attacks ever perpetrated against iPhones. Not only is the number of people who were affected unclear, but so too is the impact on those individuals.
Amnesty International has detailed what it describe as “an effort by the Chinese government to wipe out religious beliefs and aspects of cultural identity in order to enforce political loyalty for the State and the Communist Party of China.”
Apple, which does a large amount of business in China, never names the country, or the Chinese government, in its statement. Google likewise avoided any such characterizations.
Geoffrey Hinton tells us why he’s now scared of the tech he helped build
“I have suddenly switched my views on whether these things are going to be more intelligent than us.”
Deep learning pioneer Geoffrey Hinton has quit Google
Hinton will be speaking at EmTech Digital on Wednesday.
Video: Geoffrey Hinton talks about the “existential threat” of AI
Watch Hinton speak with Will Douglas Heaven, MIT Technology Review’s senior editor for AI, at EmTech Digital.
Doctors have performed brain surgery on a fetus in one of the first operations of its kind
A baby girl who developed a life-threatening brain condition was successfully treated before she was born—and is now a healthy seven-week-old.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.