Apple said evidence suggested that the website attacks lasted only two months, rather than the two years that Google researchers had suggested.
“Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation” to “monitor the private activities of entire populations in real time,” stoking fear among all iPhone users that their devices had been compromised,” Apple said in a newsroom post. “This was never the case.”
In a statement, Google said it stood by its findings and would continue to work with Apple and other companies to find and fix flaws.
“Project Zero posts technical research that is designed to advance the understanding of security vulnerabilities, which leads to better defensive strategies,” Google said in statement. “We stand by our in-depth research which was written to focus on the technical aspects of these vulnerabilities.”
Google and Apple are rivals in the smartphone market, where their iOS and Android operating systems vie for users. But Google’s Project Zero team of researchers is focused on finding serious security flaws from a wide range of software and hardware firms, not solely Apple. Last year the group played a key part in finding security flaws in chips made by Intel.