While this particular episode is about iOS, android has had its share also. Should we dig them up and compare notes?
Part of me wonders if Google uses Project Zero, at least in part, as a smoke screen to divert attention from their own unenviable security situation. We know of Google's own security problems with both Android and their Play Store - problems that hit the computer security news weekly. Are Technica alone can probably provide dozens of examples from just 2019. In contrast, Apple's security record from a news perspective is profoundly enviable, and I do understand if Google is anxious to take Apple down a peg or two just so it doesn't seem so bad in comparison.
Second, the usual Apple-bashing, be it deserved or undeserved, is practically a cultural phenomenon at this point, especially when you know the competition and opinion journalists have a tendency to exaggerate the scale of the actual issue. I guess this is a package deal when you are an Apple product user.
Third, while I understand people expecting or desiring a different sort of response from Apple, I actually appreciate what Apple has provided here. The omission of any detail about compromised websites by Google was (IMO) unnecessary, and left me as an iOS user wanting more info (i.e. was my device exploited visiting tech blog x?). As someone living in Singapore, while the Uighur situation is obviously horrendous, Google's report did nothing to answer any burning questions I might have, and simply served to generate more alarm than it otherwise should have.
In this regard, Apple's response actually provided a lot more context. I now know that this wasn’t randomly hitting thousands of users all over the world (thus increasing chance of detection), but thousands of very specific users in a very specific bit of the world.
Knowing the compromised sites were also going after Android and Windows devices (albeit with less exotic exploits) is also useful additional info, I think (but the critics will likely say that I am deflecting).
I don't understand the criticism levelled at Apple in this regard. It is not the business of Apple's software security team to condemn the unpleasant surveillance regimes of governments. If anything, Apple has gone one step further by pointing the finger directly at the Chinese, something I don't believe anyone else has done. Not even Google, whom in theory should have been able to take the high road here because it doesn't have any business ties with China.
I suppose one could argue that Apple kinda brought it on themselves, by allowing themselves to become too addicted to China's inexpensive and competent labour chain, which in turn gives Apple a strong incentive to turn a blind eye towards China's criminal behaviour, both locally and internationally. For Apple's sake, I hope that they take their manufacturing out of China sooner than later.
@macfacts Now that I have had some time to think this through, I retract my earlier statement about Google lying. While Google technically did tell the truth, what they have done here is even more disingenuous and dishonest than if they had just flat-out lied, IMO.
