Skip to main content

iMessage

Apple hardens FaceTime and iMessage security

posted onFebruary 13, 2015
by l33tdawg

Apple has taken steps to make it harder for hackers to gain access to FaceTime and iMessage by extending its optional two-step verification process to cover the services.

The addition means that even if a hacker has access to a user's username and password, they still won't be able to use the services on a new device because the user would be sent a 4-digit verification code to a selected device that would need to be used to authorize the new device.

EFF Finds Apple’s iMessage To Be The Most Secure Mass-Market Option

posted onNovember 6, 2014
by l33tdawg

 The Electronic Frontier Foundation or EFF, a non-profit digital rights group, has investigated the security of various messaging apps and created a new Secure Messaging Scorecard, ranking messaging apps and tools like iMessage, FaceTime, BlackBerry Messenger, Skype, Snapchat, and more, based on seven different factors:

Hackers: Here's video of how Apple's iMessage surveillance flaw works

posted onOctober 18, 2013
by l33tdawg

Hackers this week showed security conference attendees findings and demonstrations directly contradicting Apple's public claim that it can't read iMessages.

Even though the messages are encrypted end-to-end as Apple claims, according to QuarksLab researchers showed a packed room at Hack In The Box Kuala Lumpur, due to the lack of certificate pinning, "Apple can technically read your iMessages whenever they want."

Experts: Yes, Apple and the NSA Can Read Your iMessages

posted onOctober 18, 2013
by l33tdawg

Security experts have long suspected that iMessage is not as safe and impenetrable as Apple claims. But a group of researchers says it has proof that Apple can indeed eavesdrop on your iMessages — and the NSA can, too.

The researchers, through a careful and thorough study of the iMessage protocol, conclude that Apple has the ability to intercept and decrypt iMessages. Even though the messages are encrypted end-to-end, Apple manages the keys needed to encrypt and exchange the messages, the researchers found.

Apple denies iMessage vulnerability after security firm publishes flaw

posted onOctober 18, 2013
by l33tdawg

Touting its commitment to user privacy in the wake of the NSA surveillance scandal earlier this year, Apple said that the end-to-end encryption protecting its iMessage instant-messenger service is so secure that even the company itself cannot decrypt it. But, on Thursday, security outfit QuarksLab disputed that claim, arguing that Apple could intercept iMessage communications if it wanted to.

Apple iMessage Research Sparks Corporate Security Debate

posted onOctober 18, 2013
by l33tdawg

Researchers at the Hack in the Box conference in Kuala Lumpur Thursday showed that Apple on its own or per orders by the U.S. government could harvest messages sent over its proprietary service, which lets people using Apple mobile devices send text messages for free.

Apple has said that its end-to-end encryption prevents the company or anyone else from descrambling the messages. That claim is "just basically lies," Cyril Cattiaux, a developer of iOS jailbreak software and a researcher at Quarkslab, said, as reported by IDG News Service.

Apple's claim of unbreakable iMessage encryption 'basically lies,' researchers say

posted onOctober 18, 2013
by l33tdawg

A close look at Apple's iMessage system shows the company could easily intercept communications on the service despite its assurances to the contrary, researchers claimed Thursday at a security conference.

Apple asserted in June, following disclosures about the NSA's data collection programs, that iMessage, which lets users send texts over Wi-Fi for free, is protected by end-to-end encryption that makes it impossible for Apple or anyone else to descramble the messages.

Google yanks sketchy iMessage clone for Android from app store

posted onSeptember 25, 2013
by l33tdawg

An app that purportedly spoofed a Mac so that Android smartphone and tablet owners could send and receive text-like messages through Apple's iMessage service disappeared today from the Google Play app store.

Google confirmed that it yanked the app for violating its store policies.

Dubbed "iMessage Chat," the app came under quick fire Monday from other app developers who said the program may have been harvesting Apple ID usernames and passwords by passing packets through a China-based server.