Pages: [1]   Go Down
  Print  
Author Topic: Apple Says iMessage Interception Would Require Re-Engineering Systems, Has No Interest in Doing So  (Read 378 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79425



« on: October 18, 2013, 07:00:40 pm »

Apple Says iMessage Interception Would Require Re-Engineering Systems, Has No Interest in Doing So

Yesterday, researchers made a presentation at the Hack in the Box conference arguing that Apple's iMessage system could theoretically allow Apple or another party to intercept the encrypted messages. The concern stems in part from Apple's use of a private server for storing users' public keys used to encrypt messages, meaning that senders have no way of knowing whether a potentially false key has been inserted in order to intercept messages intended for a different recipient.   In a statement to AllThingsD, Apple once again denies that it can read iMessages, noting that it would require the service's systems to be re-engineered and that the company has no interest in doing so.Apple says that QuarksLab’s theory is just that — a theory, and one that would require a rearchitecting of iMessage for it ever to be a threat in the real world.   “iMessage is not architected to allow Apple to read messages,” said Apple spokeswoman Trudy Muller said in a statement to AllThingsD. “The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.”Apple's statement does not actually refute the original claim, simply confirming that as the service is currently configured it is impossible for Apple to intercept iMessages. The researchers' argument rests on the observation that changes could be made to Apple's systems to allow for iMessages to be intercepted without users being aware of the changes.   The result is that Apple is arguing users should trust that the company has no interest in making such changes, and if users take Apple at its word, the researchers' concerns remain merely theoretical. But some users may remained concerned that Apple could be quietly compelled to make changes by government security agencies, compromising Apple's touted "secure end-to-end encryption" for iMessage.   Recent Mac and iOS Blog Stories • Amazon France and Amazon Germany Hint at Upcoming Refresh for Apple TV • Apple Releases MacBook Air Flash Storage Firmware Update to Test for Data Loss Issue [Updated] • Facebook for iOS Updated With Editing Features, Photo Comments • AT&T to Introduce $5 Per Day 250MB iPad Data Passes, $25 3-Month 1GB Data Plan • Microsoft Launches 'Remote Desktop' Apps for Mac and iOS • Apple Tops J.D. Power Smartphone Satisfaction Rankings for Five Years Running • Apple E-Commerce Chief RJ Pittman Heads to eBay • Facebook Ads 1790% More Profitable on iOS Than on Android    
 


http://www.macrumors.com/2013/10/18/apple-says-imessage-interception-would-require-re-engineering-systems-has-no-interest-in-doing-so/
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: