Google deliberately concealed hacking attacks launched by Western allies involving zero-day vulnerabilities in Safari and Google Chrome
Google has a strong security team that not only helps Google’s internal products solve security vulnerabilities, but also looks for other product vulnerabilities.
For example, Apple released an emergency security update to fix a zero-day vulnerability in the browser kernel, and this zero-day vulnerability was researched and discovered by the Google security team.
However, there has been more serious analysis within Google a few days ago, because its engineers found that Google sometimes deliberately concealed hacking attacks initiated by certain Western allies of the United States.
This incident was confirmed to use 1 Safari browser zero-day vulnerability and 10 Google browser zero-day vulnerabilities (including Windows and Android versions).
In this attack, it is clear that the current zero-day vulnerabilities in the Apple browser and Google browser have been fixed, so there is no need to worry.
When the vulnerabilities are fixed, it means that the Western allies of the United States cannot continue to attack through these vulnerabilities. It stands to reason that it should be okay to prevent hacker attacks, right?
But even so, this has caused controversy within Google, because Google knew that this top hacker group was initiated by Western governments before fixing the vulnerabilities.
At the same time, Google also knows that this hacker group was established by Western countries for the purpose of counter-terrorism, so some Google employees believe that it is unreasonable to prevent its attacks.
It is worth noting that Google has concealed its internal security notifications, deliberately concealing the details of the attack and the attackers behind it can be considered to protect its Western allies.
However, there are also Google engineers who believe that Google should not have any concealment because the company has a precedent for deliberately allowing vulnerabilities to be exploited by allies.
If it is unreasonable to conceal the name of its allies and not reveal the target of the attack, it is more controversial that Google deliberately did not fix the vulnerability in the first place.
Google has been found to have not fixed the vulnerability the first time, that is, Google will not immediately fix the zero-day vulnerability after it knows that it is an attack initiated by a US ally.
The company’s strategy is to fix vulnerabilities on a regular basis instead of immediately, which is tantamount to setting aside more time for its allies to collect various intelligence.
At the same time, Google may also notify the U.S. government department in advance before the vulnerability is about to be fixed so that the U.S. government department will pass on relevant information about the vulnerability to its allies.
Even so, Google will still be criticized by the US government. A former senior official of a US intelligence agency said that sometimes Google fixing loopholes can cause serious problems.
Especially when vulnerabilities are repaired at critical moments of certain counter-terrorism missions, it means that network agents cannot collect data, which makes the work of intelligence agencies even more difficult.
So when American private companies, including Google, release security investigation reports, American intelligence agencies will notify these companies and say that it is not their job.
It is worth noting that Google is also very difficult to fix the vulnerabilities in a timely manner because the Google security team is obliged to provide the best security protection for all customers.
In fact, it is true. The Google security team concluded that no matter who the hacker is and what the purpose is, it is very reasonable to exploit the vulnerability.
Because as long as the loopholes exist, there is no guarantee that only their US allies will use them. These vulnerabilities will eventually be discovered by other hacker groups and launch more extensive attacks.
Therefore, Google’s current approach is to fix the vulnerability as soon as the vulnerability is found, no matter who the attacker is, so as to ensure that the vulnerability will not be widely used.
However, in order to avoid a head-on conflict with the United States or its Western allies, Google will always conceal potential attackers and targets when issuing security bulletins.
For Google, maintaining transparency is as important as handling government relations, because an airtight wall, as long as it conceals information, will definitely be exposed and cause a crisis.
But the company cannot directly confront the U.S. government, because the fight against the U.S. government will end badly. The well-known antivirus software Kaspersky is an example.
Kaspersky was previously blocked by the U.S. government because Kaspersky accidentally returned confidential documents of employees of the U.S. intelligence agency to Kaspersky’s servers.
Kaspersky and Google did the same, knowing that it was a US intelligence agency that launched the attack but did not disclose it. However, the US intelligence agency still discovered that the documents were leaked.
For Google, Kaspersky is a living example. If you dare to confront the US government head-on, no matter whether it is reasonable or not, the ultimate fate will be completely blocked.
So Google can only be as neutral as possible and fix the vulnerability as soon as it is discovered, but at the same time, it will not disclose information about its allies to avoid potential retaliatory strikes.
Via: technologyreview