Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
iPhone users have been under the impression that their iMessages were safe from snooping. It was one of the big selling points for the latest model. Although security did not take main stage for reviews and releases, mobile data security was a hot issue. Many iPhone users were reassured that their private conversations were not being recorded or decrypted. They felt safe with the iPhone knowing that their privacy had been preserved. But according to the French iOS hacker Cyril Cattiaux aka @pod2g, this statement is not true.
After word got out about the NSA’s surveillance capabilities and activities, Apple announced very publicly that the strength of their encryption used for iMessages protected them. They claimed that Apple could not read their iMessages, and that the NSA could not either. This closed the deal for many tentative iPhone buyers because many Americans’ concerns about personal privacy were put to rest. They believes that no matter how deep the NSA and the PRISM program were previously digging into their data and private information, that they would be safe from now on.
Apple announced that iMessage and FaceTime messages are protected by end-to-end encryption. They also stated clearly that no one but the sender and receiver can see or read them, and that Apple does not have the ability to decrypt that message data. But @pod2g revealed that Apple does actually have the ability to read iMessages. @Pod2g is renowned in the hacking community as a jailbreak creator, and now focuses on software development and security research projects. He has been intimately involved in the exploitation of iOS 5 and 6 and other Apple firmware. He discovered and exploited several bootrom vulnerabilities on iDevices, such as steaks4uce, 24kpwn, and SHAtter, as well as several userland and kernel exploits that have been used in various jailbreak tools. He researched iMessage encryption along with his QuarksLab teammate known as GG, also a renowned iOS hacker.
After studying iMessage for quite some time, @Pod2g and GG discovered that Apple can technically read a user’s iMessages whenever they want. Through a MITM attack toward iMessage, they were able to decrypt iMessage data. The team added that there is a way for users to protect their iMessages if their iPhones are jailbroken. But we will have to wait for the iOS version of iMITMProtect to be released. This tool, already available for OS X, will help owners of jailbroken iPhones, iPads and other iDevices using iMessage to prevent MITM attacks. It is available at https://github.com/quarkslab/iMITMProtect.
Should iPhone Users Be Concerned?
If Apple can read iMessages, and they are sharing information with the NSA, this could mean they are really sharing this data. There is yet no evidence that Apple is actually reading iMessages. @Pod2g said that it also cannot be proven that Apple made the design error that allows the reading of iMessages for this purpose. It therefore also cannot yet be proven whether they did it to spy on people. But there are still implications for the personal privacy and safety of the everyday iOS user.
@Pod2g was able to successfully attack Apple’s iMessages, so other hackers might also be able to get in. @Pod2g explained that the iMessage protocol is strong, so he thought that only Apple or another powerful institution like the NSA could actually attack it. Users might be safe from the average hacker or scammer, but it looks like iMessage is really not as secure as Apple claimed it is.
Better Security with a VPN for iPhone
Using a VPN for iPhone will not protect iMessage data. Once the data is sent to a server somewhere, it can be accessed by whoever controls that server. But the user’s personal data can be protected by the privacy and security that a VPN for iPhone provides. Using a VPN for iPhone to cover all internet activities and communications means that user data and traffic is encrypted and sent through a private tunnel. The technology used in a VPN for iPhone secures data so that it cannot be easily read or intercepted by third parties. But care must still always be taken by the user when sharing credentials. For instance, if the user’s Apple ID contains real personal information, this information can be accessed by Apple on their servers, and by anyone else that Apple shares this data with. Using alternate information can protect the user’s identity. Another example is a user’s IP address. Even with a “fake” Apple ID, users can be identified by their IP address. ISPs have the names and connection locations of users on record. This data can be read and shared in the same way. A VPN for iPhone routes user connections through anonymous servers to hide this location data. Users then cannot be traced because their personal information is not connected to the VPN servers.