iMessage is supposed to be bulletproof. Apple claims its end-to-end encrypted messaging service, as well as its video messaging app FaceTime, are so secure that even it lacks the means to decrypt the data sent between sender and receiver. No backdoors, no workarounds, nothing.
Less than a month after it first went on sale, Apple's refreshed, moderately enhanced iPhone 5c has been targeted as possibly being a failure in scores of reports across a wide variety of major news outlets, even drawing comparisons to Microsoft's Surface flop. Can the company survive another 48 hours?
Less than a week after iPhone 5c went on sale, Adam Turner of the Australian Sydney Morning Herald asked "Is the iPhone 5c Apple's Surface RT flop?"
Hackers this week showed security conference attendees findings and demonstrations directly contradicting Apple's public claim that it can't read iMessages.
Even though the messages are encrypted end-to-end as Apple claims, according to QuarksLab researchers showed a packed room at Hack In The Box Kuala Lumpur, due to the lack of certificate pinning, "Apple can technically read your iMessages whenever they want."
Security experts have long suspected that iMessage is not as safe and impenetrable as Apple claims. But a group of researchers says it has proof that Apple can indeed eavesdrop on your iMessages — and the NSA can, too.
The researchers, through a careful and thorough study of the iMessage protocol, conclude that Apple has the ability to intercept and decrypt iMessages. Even though the messages are encrypted end-to-end, Apple manages the keys needed to encrypt and exchange the messages, the researchers found.
Touting its commitment to user privacy in the wake of the NSA surveillance scandal earlier this year, Apple said that the end-to-end encryption protecting its iMessage instant-messenger service is so secure that even the company itself cannot decrypt it. But, on Thursday, security outfit QuarksLab disputed that claim, arguing that Apple could intercept iMessage communications if it wanted to.
Researchers at the Hack in the Box conference in Kuala Lumpur Thursday showed that Apple on its own or per orders by the U.S. government could harvest messages sent over its proprietary service, which lets people using Apple mobile devices send text messages for free.
Apple has said that its end-to-end encryption prevents the company or anyone else from descrambling the messages. That claim is "just basically lies," Cyril Cattiaux, a developer of iOS jailbreak software and a researcher at Quarkslab, said, as reported by IDG News Service.
A close look at Apple's iMessage system shows the company could easily intercept communications on the service despite its assurances to the contrary, researchers claimed Thursday at a security conference.
Apple asserted in June, following disclosures about the NSA's data collection programs, that iMessage, which lets users send texts over Wi-Fi for free, is protected by end-to-end encryption that makes it impossible for Apple or anyone else to descramble the messages.
Smartphones carry a lot of sensitive data that in theory should be accessible only to their owners. In practice, a lot of it can be exfiltrated from the devices and from the backups either stored on the device or in the cloud by employing different forensic methods.
"Sources familiar with the matter" are telling AllThingsD that Apple's next product announcement will be taking place on October 22 and that the event will likely focus on new iPads, the Mac Pro, and OS X 10.9 Mavericks. AllThingsD has a strong track record when it comes to Apple news (the publication correctly predicted the company's September 10 iPhone event), and the date would make sense given the iPad-focused announcements Apple made in October of 2012. If Apple's scheduling is the same as it normally is, look for official invitations to go out at some point next Tuesday.
Apple has been criticized by the developer of a Chinese app designed to bypass China's Internet censorship protocols after the company removed the title from the App Store in China because its functionality is illegal in that country.
Open Door was sold in the Chinese App Store until July of this year, when Apple pulled the program, saying that it contained content that was illegal within China. The app saw roughly 2,000 daily downloads in China, according to the Daily Mail, and it is still available in the App Stores of other countries, including the U.S. App Store.
