Skip to main content

Hackers: Here's video of how Apple's iMessage surveillance flaw works

posted onOctober 18, 2013
by l33tdawg

Hackers this week showed security conference attendees findings and demonstrations directly contradicting Apple's public claim that it can't read iMessages.

Even though the messages are encrypted end-to-end as Apple claims, according to QuarksLab researchers showed a packed room at Hack In The Box Kuala Lumpur, due to the lack of certificate pinning, "Apple can technically read your iMessages whenever they want."

More worryingly, in the presentation "How Apple Can Read Your iMessages and How You Can Prevent It," the researchers also showed that iMessages can be intercepted and instantly changed via a man-in-the-middle (MiTM) attack. The message interception allows a third-party attacker to seamlessly change the sent message before it arrives — and with the sender impersonated, the iMessage recipient is none the wiser.

Source

Tags

Apple iMessage Encryption PRISM HITB2013KUL

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th