Security Researchers Claim Apple Technically Capable Of Intercepting iMessages
L33tdawg: The finalized #HITB2013KUL conference agenda is here. Do note that prices for the conference increase after Sept 25th. You can register oniine here.
Two security researchers have posted an outline for a talk about Apple’s iMessage security to be presented next month. The report claims that Apple could — but not that it does — intercept iMessages and read them if it wishes.
Apple had previously claimed, via its security documents, that iMessages were encrypted end-to-end and that it is unable to read them. Researchers ‘GG’ and Cyril ‘Pod2G‘ Cattiaux of firm Quarkslab claim that they have discovered a method to perform a man-in-the-middle (MITM) attack, which can intercept these messages and allow them to be read, despite the encryption used by Apple.
Cattiaux, under the moniker Pod2G, may be familiar to many in the iOS jailbreak community. He was formerly part of the Chronic Dev Team, one of the larger jailbreak groups and has discovered several exploits that allow these teams to perform their unlocking of the iOS system partition. The presentation, entitled How Apple Can Read Your iMessages and How You Can Prevent It, will take place at the HITB Security Conference in Asia next month.