- September 8, 2019 at 19:40 #5410
Alarming news came out of Silicon Valley late last month, when Google discovered sustained hacking efforts being carried out against iPhone users over a period of several years. In a series of posts (https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html ) from a member of Project Zero, Google’s cyber security division, the extent and the targets of the attack are analyzed –the victims were iPhone users with versions of iOS from 10 to 12, the latest. The malware was hidden on a number of websites that infected users’ devices, principally when using the Safari browser.
Apple, however, was quick to retaliate to Google’s report, which it claimed had mischaracterized the event; this was not an instance of a random attack against people unlucky enough to visit the websites which had the malware set up as a booby-trap. In a statement, the company said: “Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised. This was never the case.”
Unlike Google, Apple was fully willing to state who the attack had been intended against. “”The sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en masse’ as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community.”
As Google did not mention the victims of the malware, it naturally did not disclose as to who was responsible. Yet there is, of course, only one faction that has sought to monitor and aggressively control the Uighur people, a community of Turkic people scattered across Central and Eastern Asia, the majority of whom are adherents of Sunni Islam. The treatment of the Uighur people at the hands of Xi Jinping’s government has made international headlines, especially due to the forced incarceration of hundreds of thousands of people in the Chinese government’s re-education camps. These facilities, which are highly reminiscent of the concentration camps of Hitler’s Germany or the gulags of the Soviet Union, remain largely closed to the outside world – access to foreign media has been infrequent and highly restricted. International outcry against China’s actions largely stemmed from the inmates being forced to speak Chinese, abandon their religious beliefs, and submit to enough government propaganda to constitute brainwashing.
That the Uighur community had been specifically targeted was verified by Volexity, a Washington-based cyber security firm. Volexity found that it was not only iPhone users who had been affected, with a number of Android devices suffering a similar fate. The fact that Android, a Google-affiliated operating system, had been affected was not mentioned in Google’s own report.
Google has some prior form in refusing to explicitly name China as an offensive cyber actor. During the initial Hong Kong protests, a series of pro-government misinformation efforts were unleashed on social media; while Facebook and Twitter executives publicly stated that they were confident that Beijing’s state bodies were responsible, Google guardedly released its own statement in which it said it would simply remove some published material pertaining to the civil unrest.
Yet Apple, although pointing out the fact that Google has not named the Uighur people as the victims of the malware, has also not explicitly named China as the aggressor. And with China serving as such a massive market for both companies, it is unlikely that either will risk pointing the finger at Beijing.September 13, 2019 at 14:23 #5517
This makes us really think about everything we share in our phones, Are we safe from this kind of attacks. I am an Iphone user, it makes me ask myself am I safe to share my information since Iphone users are not safe? anything work related or even health can be used in a way for them. yes we can protect our self but if the iphone servers got hacked that’s it for your personal data.October 7, 2019 at 18:03 #5630
It’s been featured on our medium: https://medium.com/@cybersecurecentral/google-apple-and-the-uighurs-from-our-forums-66ceeedfa7e3October 26, 2019 at 19:30 #5720Anonymous
Further evidence that Cyber Security is now a primary good, not a luxury. In a world filled with conspiracies, cyber attacks, misinformation, and competitors doling out rhetoric against the other side, one simply cannot trust people with the safety of their information, and in my opinion, no government is exempt. Cyber Security is now the condom that all users must wear before using tech devices and passing around information, for fear of contracting the virus that is having your information monitored, stolen, or used against you. If you ask me, I neither trust Apple’s nor Google’s claims on the matter.November 18, 2019 at 17:13 #6042
It is funny how easily companies point fingers and lay blame when they themselves are to blame for the many breaches of ethics that they so easily accuse others of. The fact remains that these corporations exist to make a profit, and are not interested with the well being of their clients beyond the point where it may begin to affect the bottom line. It falls on each and every individual to be well informed in all cyber security matters and understand the game that is being played, lest one become a pawn for them to sacrifice.November 21, 2019 at 23:47 #6115
The day that I begin believing in the integrity of big corporations is the day I cut my own arm off. The fact is this, the way this world is built is simple. If you wish to be so far ahead, such as companies like Google, Facebook, etc.., and if you intend on continuously being dominant in world markets, then you are going to use some underhanded tactics to do so. However, of course, you can’t be too forward about it, and need to find logical and ethical explanations for the utilisation of these tactics. It’s all just a game really.November 26, 2019 at 12:18 #6166
Oh just the typical social engineering schemes, served by two of your favourite major software and tech companies. Nothing new really. The fact is, there are a lot of shady dealings involved when it comes to Fortune 500 companies that specialise in technology, and I have very little confidence when it comes to them safeguarding my information.
You must be logged in to reply to this topic.