Think Apple’s iMessage is safe? Think again. Despite the company’s claims that the messaging app is supposed to be totally encrypted, researchers have claimed that it is possible for your messages to be intercepted. Macworld has reported that researchers at the Hack in the Box conference at Kuala Lumpur have displayed that someone inside Apple – either by their own violation or if they were forced by a government – will be able to intercept messages.
Not so safe?
At the height of the NSA leaks, Apple had claimed that it did not have the ability to read messages as iMessage offered "end-to-end encryption so no one but the sender and receiver can see or read them.” It added, “Apple cannot decrypt that data." Cyric Cattiaux, who works for a penetration testing and reverse engineering company Quarkslab calls Apple’s claim, “just basically lies.” Cattiaux has also been responsible for developing iOS software."Yes, there is end-to-end encryption as Apple claims, but the weakness is in the key infrastructure as it is controlled by Apple: They can change a key anytime they want, thus read the content of our iMessages," reads a blog post by Cattiaux. Essentially, when an Apple device sends an iMessage to another one, the keys are managed by a directory called the ESS server instead of exchanging the encryption keys directly like most applications end up doing. Apple has controls over these keys that are managed. It can essentially intercept a message and unlock it using the recipient’s key, read it, pack it back and send it to the intended recipient without either the sender or the receiver ever knowing what has happened. The researchers have vehemently emphasised on the fact that this does not mean that Apple is indeed spying on users but have also said that they’ve notified Apple about the same. "It's a big deal for privacy, but not for security," Quarkslab CEO Fred Raynar told The Washington Post in an interview.
ReadMore:Android Games
No comments:
Post a Comment