Apple iMessage Research Sparks Corporate Security Debate
Researchers at the Hack in the Box conference in Kuala Lumpur Thursday showed that Apple on its own or per orders by the U.S. government could harvest messages sent over its proprietary service, which lets people using Apple mobile devices send text messages for free.
Apple has said that its end-to-end encryption prevents the company or anyone else from descrambling the messages. That claim is "just basically lies," Cyril Cattiaux, a developer of iOS jailbreak software and a researcher at Quarkslab, said, as reported by IDG News Service.
Whether the IM service is from Apple or another vendor, if the communications are sensitive, then companies need to incorporate additional security, experts say. "If you're concerned about trusting Google or Apple with your data, but still want to use their hosted services, you need to use another layer of encryption," Zak Dehlawi, senior security engineer for Security Innovation, said.