作者kouta (ΦωΦ)
看板MobileComm
标题Fw: [讨论] 苹果发文反击谷哥:别在那边夸大其词带
时间Sun Sep 8 04:40:50 2019
※ [本文转录自 iOS 看板 #1TT1M-Eg ]
作者: kouta (ΦωΦ) 看板: iOS
标题: [讨论] 苹果发文反击谷哥:别在那边夸大其词带
时间: Sun Sep 8 04:40:26 2019
苹果发文反击谷哥:别在那边夸大其词带风向
by Brian Fang on 9/07/2019
最近美国 Google 公司旗下的安全团队 Project Zero,发布了 iPhone 存在一系列安全漏洞报告,可被恶意网站利用来盗取用户讯息。Apple 公司今天发布了一篇「有关 iOS 安全性的讯息」声明回应,表示 Google 提到的漏洞复杂攻击范围很狭隘,并非大规模的安全漏洞,对於大多数人来说没有太大威胁。
Apple 希望确保所有用户都了解事实,无论攻击规模如何,我们都非常重视所有用户的安全。其次,所有证据表明,这些网站攻击只能在短时间内运行,大约两个月,而不是 Google 暗示的“两年”,而且我们在 2 月修复了有问题的漏洞。
Google 利用 Project Zero 研究来反击 Apple 主打的隐私权行销,因为 Google 主要的业务收入是记录用户的网路浏览行为和个人资讯,然後放送精准的广告。
Apple 表示:「安全是一个永无止境的旅程,我们的客户可以确信我们正在为他们工作。iOS 安全性是无与伦比的,因为我们对硬体和软体的安全性负有端到端的责任。」
Copyright 爱疯日报
https://www.iphonetaiwan.org/2019/09/a-message-about-ios-security.html
------------
官方 Newsroom 网页:
https://www.apple.com/newsroom/2019/09/a-message-about-ios-security/
(目前台湾网站还没发新闻,之後有的话即补充。)
Last week, Google published a blog about vulnerabilities that Apple fixed for iOS users in February. We’ve heard from customers who were concerned by some of the claims, and we want to make sure all of our customers have the facts.
First, the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones “en masse” as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Regardless of the scale of the attack, we take the safety and security of all users extremely seriously.
Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation” to “monitor the private activities of entire populations in real time,” stoking fear among all iPhone users that their devices had been compromised. This was never the case.
Second, all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not “two years” as Google implies. We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it. When Google approached us, we were already in the process of fixing the exploited bugs.
Security is a never-ending journey and our customers can be confident we are working for them. iOS security is unmatched because we take end-to-end responsibility for the security of our hardware and software. Our product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they’re found. We will never stop our tireless work to keep our users safe.
苹果少见会特别发新闻澄清事件,
看来的确是很在意被指控不安全,
苹果之後又要推出 Sign In with Apple,
某书跟其它各种靠使用者隐私数据来卖广告的公司真的要气炸。
--
※ 发信站: 批踢踢实业坊(ptt.cc), 来自: 220.133.14.178 (台湾)
※ 文章网址: https://webptt.com/cn.aspx?n=bbs/iOS/M.1567888830.A.3AA.html
※ 转录者: kouta (220.133.14.178 台湾), 09/08/2019 04:40:50
1F:→ karta177024 : 结果被攻击的还真的是维吾尔族XDD 09/08 05:16
2F:→ kouta : QQ 09/08 05:33
3F:推 force5566 : 脑羞 09/08 07:50
4F:→ DarenR : 通常都是被戳到痛处才会这样气pupu 09/08 08:17
5F:→ ke19721972 : 通常是莫名被抹黑才会气pupu吧,虽然我不知道这次 09/08 08:29
6F:→ ke19721972 : 情况算哪种XD 09/08 08:29
粉丝会各自解读 马上就有活生生的例子
7F:→ abelyi100 : 原po的发言不也是带着立场解读的活生生例子吗= = 09/08 08:45
这篇文章里的哪一个部分?
※ 编辑: kouta (220.133.14.178 台湾), 09/08/2019 08:49:27
8F:嘘 DarenR : 整个部分,谢谢 09/08 09:01
9F:→ abelyi100 : 光最後一行就是了,推出Sign in with Apple这点 09/08 09:05
10F:→ abelyi100 : 就自动帮其他公司脑补会气炸也是不容易 09/08 09:05
11F:→ abelyi100 : 何况这东西到底推不推的起来,能不能达到隐私防范 09/08 09:06
12F:→ abelyi100 : 都是未知数,争议也不少 09/08 09:06
13F:推 enderboy7652: 总之水果还是有漏洞嘛,打脸狂粉都说水果不会被骇 09/08 09:43
14F:推 abc21086999 : 靠,别人帮你抓漏洞还要被你骂 09/08 10:05
15F:推 chitsaijang : 把金钥给中国的人谈隐私?? 09/08 10:36
16F:推 ReDmango : 看了内文想说是哪来的无视狂粉 出去看ID原来如此 09/08 11:28
17F:推 zrna0515 : 最近CamScan事件还比较严重吧!? 09/08 12:32
18F:嘘 blue09 : ID 09/08 12:53
19F:嘘 jhangyu : 笑死,只影响两个月,骗外行的吧 09/08 13:50
20F:嘘 lanszul : 贫果从老贾开始就在脑羞了,库克还一直洗老贾脸 09/09 00:41
21F:推 DJRobin : 推这句「安全是一个永无止境的旅程」 09/09 09:33
22F:→ DJRobin : 或者安卓有自信以後都不用更新修正任何漏洞? 09/09 09:35
23F:推 otherman : 把所有资料放在中国就永远不可能安全 09/09 09:35
24F:→ otherman : 习皇要你apple监控人民你敢说不? 09/09 09:36
25F:→ qqq15963 : 感觉真的很气耶! 09/09 20:55