How iPhone Users Were Attacked - By Google's Project Zero

Share
Embed
  • Published on Sep 2, 2019
  • SPONSOR: Go to eero.com/vector and get $100 off the eero base unit and 2 beacons package, and 1 year of eero Plus, enter VECTOR at checkout!
    When does a team dedicated to ferreting out bugs, exploits, and vulnerabilities turn into its own form of malware attack?
    For Google’s Project Zero, the answer just may have been this week.
    SUBSCRIBE: ru-clip.net/user/vector
    LINKS:
    Project Zero: googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
    TechCrunch: techcrunch.com/2019/08/31/china-google-iphone-uyghur/
    Forbes: www.forbes.com/sites/thomasbrewster/2019/09/01/iphone-hackers-caught-by-google-also-targeted-android-and-microsoft-windows-say-sources/#3c2d8cb84adf
    MORE:
    Merch: standard.tv/vector
    Gear: kit.com/reneritchie
    Web: www.imore.com/vector
    Podcast: applepodcasts.com/vector
    Twitter: reneritchie
    Instagram: reneritchie
  • Science & TechnologyScience & Technology

Comments • 308

  • Mr. Death
    Mr. Death 28 days ago

    Apple has provided no proof for their statement. Also, the manner they issued the statement was like they don't fucking care about it. Chinese Govt was fucking exploiting zero days and they conveniently hided that fact because China is biggest iPhone market these days

  • Nom
    Nom Month ago

    Just so you know. The same vulnerability does not affect Android. The equivalent is phishing apps.

  • Marc Pena
    Marc Pena Month ago

    I noticed that you put darker objects with less light on the sides of the video, and evidentially this seems to really make the notch much less visible while watching a video. I wonder if this was done intentionally? Thanks Rene

  • Automotive Stories
    Automotive Stories Month ago

    I love this guy.

  • iFranco
    iFranco Month ago

    Can't stand this shlomo...smug apple deepthroater

  • Shaun Anderson
    Shaun Anderson Month ago

    Rene is trying to deflect. Apple is the company built on security. Read any security researchers comments of the issue. iOS was cracked for 2 years. iPhone users should be affraid, this is the most serious attack ever recorded on iOS. No one thought this was possible. Also project zero has reported bugs on chrome, Android, windows and iOS. They have a stake in all those platform. I hate it was people like Rene just spin for Apple. Why didn't apple report to it's users that this happened. Months after the fix. No matter which way you spin it, apple dealt with this whole thing wrong.

    • Shaun Anderson
      Shaun Anderson Month ago

      @Rene Ritchie I wish you didn't even mention Google here. I don't care about their motivations. I care that Apple said nothing to it's users. They wait until a paper released to describe the volnurbility other security researchers to say something. Apple needs to do better!

    • Rene Ritchie
      Rene Ritchie  Month ago +1

      Except that’s not an accurate account of what happened here or how it was covered.

  • Verne Arase
    Verne Arase Month ago +1

    Project Zero: Google's new guerrilla marketing team.

  • Neko Michi
    Neko Michi Month ago +1

    The fact that they left out other vulnerable platforms from their report is rather concerning. Imagine if news outlets announced that Hurricane Dorian would only affect Florida and hid the fact that they knew the Bahamas was also in its path. That would never have been acceptable.

  • Joe Moyer
    Joe Moyer Month ago +1

    Thanks for boosting the signal and sorting through the noise!

  • zt9233
    zt9233 Month ago

    Renee Apple just put out a response. Might as well have just shared this video. Some new information however including that Apple was aware of the issue prior and already working to solve it (so uh not a zero day if Apple figured it out before them?). Also Apple responded to what it states is misinformation by google. I appreciate that Apple (and for that matter project zero) were working on things targeting what is a “small community” hopefully that means larger scale vulnerabilities are also covered. Would like to add that Uighers aren’t that small their population is larger than many countries. In fact there are 11million of them being oppressed by China. That’s about one third the population of Canada! Compared to China that may seem like few but targeting 11million people is still serious. China has the desire and the research team to do it. They’re not the only ones so I appreciate the challenges these companies have. Google for its part actually seems to roll over for them. The reality is most google phones in China are already shipping with gov software to monitor the user. Google’s overly dramatic publicity stunt here is strange and shameful and likely a way for them to distract from Apple announcements coming up esp privacy related ones (guessing any discussion about iPhone privacy post conference will get caveat of googles report.). Also thinking google going all out to see if they can make pixel work this year if not I’m guessing they may soon redirect or rebrand the phone hardware approach. Hopefully they go back to nexus.

  • Aimee Keel
    Aimee Keel Month ago +2

    In your blatant animosity of Google, I think you may have missed the point that Apple frequently describes their software as the most secure in the world. It is important for people to understand that iOS does indeed have exploits. Yes it is slightly irresponsible and unethical for google to have reported the story as such. However, the blog post in question was not an attack against iOS saying it was the only one exploited, rather the focus was that iOS is not secure against these sorts of exploits. Instigating a witchhunt of your own is not really a productive means to foster the sort of communication you say they should have used.

  • Anon Bin Anon
    Anon Bin Anon Month ago

    www.wired.com/story/android-zero-day-more-than-ios-zerodium/
    Enjoy, if you haven’t read already.

  • Kyrie
    Kyrie Month ago +4

    I've always told people that it is good that everyone jumps at any minor blemish on Apple's reputation. It basically means that they subscribe Apple to a really high standard. As a result, even the most minor matters seem very big. As compared to it's competitors, where problems are so common that people just regard it as a norm haha.

  • Patrick Rochon
    Patrick Rochon Month ago

    the problem is not how Google delivered the news, is that fundamentally, because of Apple marketing, people thinks iphone is a more secure plateform, wich this proves false. ru-clip.net/video/Nug0KlQ9kVk/video.html

  • Dennis Kirschbaum
    Dennis Kirschbaum Month ago +1

    As always, Rene, we can count on you for the "rest of the story." Thanks for all the good work you do. Hitting like 'cause I do and I'm zero day hacking that bell dohicky.

  • teemuntubetus
    teemuntubetus Month ago

    ”OCTOBER 4, 2015
    Alphabet, which took over as Google’s new holding company on Friday, has dropped the tech giant’s “Don’t Be Evil” mantra from its code of conduct.”
    Yeah... it shows...

  • Ann-Louise Winter
    Ann-Louise Winter Month ago

    Thank you again! You point out what’s really happening and force yourself and others to question. Always keep poking the bear and questioning what you see and hear!

  • Anon Bin Anon
    Anon Bin Anon Month ago +1

    I really think security is not your strongest point. Stick to what you know best.

  • Furat Ceylan
    Furat Ceylan Month ago

    hey rene ritchie, what would your answer be to ru-clip.net/video/Nug0KlQ9kVk/video.html ?

  • Bryan Hawley
    Bryan Hawley Month ago +1

    Windows?

  • Ticken1000
    Ticken1000 Month ago

    Google so aiti-China

  • G-Force
    G-Force Month ago

    This is a true video on how media is manipulated. Google PZ’s Ian Beer is a hacker that wanted millions from Tim Cook in the past. Google has let him run amok overseas. It’s like the anti-virus company writing the virus.

  • Delain124
    Delain124 Month ago +5

    Apple gets hacked
    Apple fanboys: It's all Googles fault

    Macbook has hardware issues
    Apple fanboys: Windows PCs can have hardware issues to.
    You are right but we have more options

    iPhone 6 has any issue with bending
    Apple fanboys: What about Android phones
    What about them? When Android phones have a problem they are recalled and people also don't buy the phone because they have options.

    Stop defending the mistakes that Apple makes. Start calling them out on it. They are the only company that makes the hardware for there software.

  • Graham Jones
    Graham Jones Month ago

    When you fail to disclose the full story, you leave yourself open to accusations of propaganda. Google could clear this up quite quickly, and the longer they don’t, it leaves a vacuum open for others to fill. If they don’t address at all, then it paints an even murkier picture of themselves. We all know the tech giants don’t miss an opportunity to throw shade at each other, but it just isn’t cool. I always see it as a weakness and an insecurity. Defend your name, for sure, but don’t descend to the same level as others.

  • Patel
    Patel Month ago +2

    Poor android users. Most of them won’t even get fix for this vulnerability.

    • Kyrie
      Kyrie Month ago +2

      Well, but they get what they want for a number of them - something bad to say about Apple. LoL

  • Kim Rene Jensen
    Kim Rene Jensen Month ago

    You are too stupid... Did you need 3 days to construct this insane video ? Google does not need to fake security news to destroy Apple.. Apple is very capable in doing this by themselves.. Number of Class Action Lawsuits against Apple is adding up every month..

  • calin2k
    calin2k Month ago +2

    So ios has bugs that completely expose the user like any other phone os to surveillance. stop believing that having an iphone makes you completely safe, safer maybe.

  • kancocorp
    kancocorp Month ago

    Rene, you're amazing... but please make it more clear when your promo is about to begin... it compromises your lack of bias... just my opinion

    • EMMNUEL J
      EMMNUEL J Month ago +1

      Like when he says iOS is the most popular OS in the world

  • Shoumik Islam
    Shoumik Islam Month ago

    Anything that includes codeword "Bad Apple" will get more views, no matter what :v

  • Autokrat
    Autokrat Month ago

    Google’s own FIDO key used debug keys for 2FA and never replaced it with actual encryption keys. Zero day is only for non-google platforms. They should look within as well and accept responsibility.

  • Adam Fontana
    Adam Fontana Month ago +1

    Well done, Rene. Thanks for the info.

  • TankQ
    TankQ Month ago

    Surprise surprise. If China wants to target Uyghur minority they would target Android, most Chinese use Android, and with closed system Android used in China, users may be using older Android versions without new security patches, they don't even have Google play store. So 0 day is even scarier, when all your patches are coming from local manufacturers, which have to get go aheads from their government.
    Heck I have 2 phones of about the same year, one is on Oreo and the other is iOS 13 beta.

  • Manfred Pauli
    Manfred Pauli Month ago

    Hey Rene! Interesting Video like always. But I did like the old ‚V‘ in your intro better!!!

  • The ABC Jug Band
    The ABC Jug Band Month ago

    “Don’t be evil” is just a slogan at Google.

    • Durian Durian
      Durian Durian Month ago

      Apple are in bed with Goldman Sachs who.are extremely dubious

  • Mark Binder
    Mark Binder Month ago +3

    You are missing the main point of Project Zero's findings. I happen to have a very close friend who works for Project Zero and I can HONESTLY tell you that Google was the one who disclosed the hack in the first place, not to the public, but to the government and other phone manufactures including Microsoft and Apple, because they didn't want to panic consumers. They were also the FIRST company to patch the Android OS against the attacks, with Microsoft shortly behind. It was Apple who REFUSED to admit they had the issue and did NOTHING about it until Google threatened to expose them, hence the 14 day warning! It wasn't until that point that Apple released the 12.1.4 patch. Microsoft and Google had already patched their OSes, which is why the story reports were only about Apple devices. Apple will do anything to protect their "secure OS" reputation, including not admitting they have a vulnerability until threatened to get exposed. Get your REAL facts straight before posting such GARBAGE! I'm so sick of Apple Fan Boys pretending Apple is so perfect, when everyone knows they only thing Apple cares about is making money, and lots of it!

    • Mark Binder
      Mark Binder Month ago

      @John B Correction, installing external apps can make a device less secure. Just because Google "allows" it, doesn't inherently make the OS less secure. If someone want's to be stupid enough to install external apps, that has no bearing on the OS itself. This is no different than someone who chooses to jailbreak iOS. These are "personal choices" and you can't fault the OS for that. Yes, Apple does design most of it's hardware in house, but that doesn't mean Google can't code their software to work perfectly with hardware not created by Google. That's what software coding is all about. Not to mention, Google does work conjointly with hardware manufacturers to receive parts with specifications exactly as Google needs for the Pixel line, so basically the same thing except Google doesn't have the manufacturing costs for the parts.

    • John B
      John B Month ago

      @Mark Binder Allowing external apps to be installed does make a device less secure. To clarify about the hardware Apple designs most of it in house, for example, the processor. I think the middle ground really is that all operating systems have flaws and no player is even close to perfect on security. No one will ever be perfect in terms of security.

      Google is for sure making a good effort to secure all devices which is a big plus for them in my eyes. I do agree with you on the video that guy doesn't understand the reason behind the post from Project Z. He seems to think the post is a press release rather than a paper going in-depth on a specific.

    • Mark Binder
      Mark Binder Month ago +1

      @John B Be careful with your words, you're twisting things a bit. Google makes Android OS and they also make Pixel phones. The Pixel line is no different from Apple's iPhone line when it comes to optimizing OS to hardware, so your claim there is false. If you're going to claim that "iOS is slightly more secure than...Android" you need to clarify that you are talking about non-Pixel Android phones, as Google sends out updates and security patches every month for the Pixel phones, something other Android manufacturers do not do. Just because Apple doesn't allow you to install external apps, doesn't mean the OS is any less susceptible to virus or malware than any other device. All-in-all they are all just OSes based on BSD. The only reason Android has more attacks is because it has a much larger global market share compared to iOS.

    • John B
      John B Month ago

      Apple does have a slightly more secure OS in comparison to Microsoft and Android. The fact that Project Zero has published the paper on how the OS was broken kind of shows they respect the secuirty. The security on iOS comes from a mixture of in house hardware and software. Adding to this Apple limits what users can do like install external apps. They have greater control of app store apps too. Probably a big plus is Apple is targeted less.

      Yours faithfully
      Not an fanboy of Apple

  • The ABC Jug Band
    The ABC Jug Band Month ago +1

    Just trying to divert attention in the lead up to Apple’s event next week.

  • kmannewyork
    kmannewyork Month ago +4

    Wow your amazing. I like how you research and give us unbiased information. I wish I had found this channel sooner

  • Raymond Bruce
    Raymond Bruce Month ago

    This has been address by Eero and Amazon.

  • Moe Szyslak
    Moe Szyslak Month ago +1

    Great backgrounds, Rene.

  • Paolo Kuslan
    Paolo Kuslan Month ago

    The only fact I know and I am sure about it is that the article was published just now that brand new Android models are in stores and just few days before the Apple September event when new iPhones will be showed. A window for manufactures to sell as more Androids as they can. And I can imagine people thinking… why spend more for an iPhone if it is unsafe as an Android?

  • Mark Williamson
    Mark Williamson Month ago

    I have liked your video, and I don’t do that often
    Terrific to hear someone discuss the real world of the persecution in china. Not just a tech channel with wealthy people discussing wealthy products while the world burns. Thank you

  • URS
    URS Month ago

    Good job Rene 👍🏻

  • Deon H
    Deon H Month ago

    As a long time  user I often wonder if the other side of the fence is not worth exploring, but every time I hear of these type of practises by a tech giant such as Google, I'm grateful not to be a part of that family or ecosystem. A pity this is not in the face of every Android user making them think twice about who has their best interests in mind.

    • IT pe paine
      IT pe paine Month ago

      @Jason A. Well that is Google culture,I respect what they do.

    • Jason A.
      Jason A. Month ago

      Deon H you want to know why you don’t want to try try google stuff? Simple you never know how long they will support anything. Seems like every other week they come out with some new free app, it’s online for maybe. 5 minutes then they kill it. Google wonders whey they can’t messaging apps to take hold? Because they never promote things, then they kill it. You can’t rely on them to support any app you might one day need! That’s googles problem. They are basically the company equivalent of a kid with ADD.

  • Dennis W
    Dennis W Month ago

    More media BIAS against Apple

  • Tom Alawatte
    Tom Alawatte Month ago

    Dirty marketting tricks by Google. If they continue to shoot up their own feet and hope for a 5 second media victory like this they'll be very sorry very soon.

  • Pliablemoose
    Pliablemoose Month ago

    Google has some serious problems with honesty & bias.

  • Marnnador
    Marnnador Month ago

    So project zero was created to point out security flaws, but aren't they helping Apple to become aware of those flaws sooner in the process?
    A double edged strategy if you ask me.

  • Matthew Jardine
    Matthew Jardine Month ago +1

    Thank you for making this video.

  • ThanatosXRS
    ThanatosXRS Month ago

    Android is spyware

  • John B
    John B Month ago +6

    I mean the title of the article is "A very deep dive into iOS Exploit chains found in the wild" the focus being iOS Exploit chains. The post also has 5 sub-posts one for each Exploit. The Forbes article also fails to mention sources of the people close to the situation that claim the Exploit is also targeting other operating systems. Assuming the website is serving up malware to other operating systems the exploits will not be the same.

    The posts from the team at google are a technical deep dive into how iOS was exploited. The purpose is not to inform the general public, but to inform security professionals. Mainstream media jumped on this to feed the outrage culture much like this video is doing with the Forbes article.

    It's also worth noting that the majority of websites that mention other operating systems being targeted use the Forbes article as a source.

  • Moudire Ifan
    Moudire Ifan Month ago +1

    This is one professional, well researched video !
    Thanks,

  • Mr AppleFanBoy
    Mr AppleFanBoy Month ago

    Excellent video, Rene. Thanks.

  • Naomi Alex
    Naomi Alex Month ago +11

    One of the absolute basic things we were taught in Media & Communications was always look at the source of the material and look at what is missing because that is where you will find most of the story more often than not. A deep dive sponsored by Google that omits Google AND neglects to mention crucial information such as what sites and where the problem is coming from? Come on now...
    EDIT: I mean this is also just common sense but seriously, they actually TEACH this as part of the curriculum for media students where I live, that's how fundamental it is.

    • Apple Exposed
      Apple Exposed Month ago

      Apple haters don't care about common sense.

  • Don’t Bother I Will Most Likely not Respond Anyway

    That’s one of the reasons why I use as few Google services as possible, except for RU-clip with a fake account, as well as why I will never switch to Android. I will not support any of this wrong doing.

  • This Is Noah Evans
    This Is Noah Evans Month ago

    Apple are probably kicking themselves right now. Days before the iPhone 11 launch, they’re being incorrectly publicised about.

    • Kyrie
      Kyrie Month ago +1

      Probably not. Assuming if Apple is still running on the same values as Jobs' days. They have never aimed on being the first in anything or winning their competition. Look up Simon Sinek about The Infinite Game.

  • Bruce McKay
    Bruce McKay Month ago

    Google are wankers through and through... what a pack of dicks

  • Guy-Robert Kernisant
    Guy-Robert Kernisant Month ago +4

    Well done Rene. I clearly think this was meant to heart Apple's iOS security perception. It doesn't matter that other OSes were targets as well since people actually expect that. After rectification we are left knowing the mighty iOS has flaws...

  • Chris Silva
    Chris Silva Month ago +7

    I think the title is a bit over the top. Google's Project Zero delivers a paper that reveals major security flaws within IOS. This does not mean it is an attack. It is a paper about major security flaws.

    • krb693
      krb693 Month ago

      Chris Silva really? Come on now!

  • Thamsanqa Mvayo
    Thamsanqa Mvayo Month ago +1

    Yet another reason to follow this man, accurate reporting, something that is becoming endangered in the internet and newspapers these days. Thank you Rene.

  • manjdhariwal
    manjdhariwal Month ago +1

    Shut up