Skip to main content

Researchers break Apple's iMessage encryption, will be fixed in iOS 9.3

posted onMarch 21, 2016
by l33tdawg

The way the FBI tells it, the encryption on Apple’s iOS is so secure, nothing can break it. Well, not so fast. As reported by the Washington Post, researchers at Johns Hopkins University say they’ve found a bug that allows them to break the encryption of iMessages, decoding photos and videos.

The method requires the data to be in transit, not stored, so it wouldn’t actually help in the case of the San Bernardino shooter’s locked iPhone. By writing software to mimic an Apple server, researchers were able to intercept an encrypted transmission that contained a link to a photo on an iCloud server, as well as a 64-digit key that decrypts it. The key wasn’t visible, but the researchers were able to brute-force each digit. The team notified Apple, who says it paritally fixed the flaw in iOS 9, and will release the full fix on Monday in iOS 9.3.

The Johns Hopkins team is led by computer science professor Matthew Green, who says that the government shouldn’t force Apple to intentionally weaken the security of its own software, when the reality is that perfect encryption is incredibly hard if not impossible to achieve. Apple’s job should be plugging holes, not poking new ones.

Source

Tags

Security

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th