Can Apple read your iMessages? During the heat of the PRISM affair, much information was leaked concerning the NSA and their gathering of data from cell phone companies such as Verizon and AT&T. As the information came to light, many Americans became concerned about their personal privacy and how deep the NSA and the PRISM program could delve into their data and private information. At the time, Apple made a very public claim regarding iMessages and the strength of their encryption, letting customers know Apple couldn't possibly read their iMessages, and for that matter, neither could the NSA. Here is Apple's statement at the time.
"Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data."
For many iPhone users it was reassuring to know private conversations taking place over iMessage were not being recorded or decrypted by Apple and that truly, their privacy had been preserved. According to French iOS hacker Cyril Cattiaux aka @pod2g, however, this statement is not completely true. In researching iMessage encryption along with QuarksLab teammate "GG," renowned iOS hacker @Pod2g has discovered Apple can in fact read your iMessages.
@Pod2g and QuarksLabs To Discuss Apple iMessage Encryption At HITB Malaysia 2013
@Pod2g is well known in the hacking community as a jailbreak creator, having been intimately involved in the exploitation of iOS 5 and 6 and other Apple firmwares. According to his bio, @Pod2g now works now as a security researcher for QuarksLabs, but prior to that "has discovered and exploited several bootrom vulnerabilities on iDevices, including 24kpwn, steaks4uce, and SHAtter, as well as several userland and kernel exploits that have been used in various jailbreak tools. He is the initiator of Corona and Rocky-Racoon, and the latest public jailbreaks [for iOS 6.0 - 6.1.2]. In December 2012, he created the 2G Lab company, focused on software development and security research projects."
In this latest iMessage project, which will be discussed at HITB 2013 in Malaysia, @Pod2g and his teammate "GG" will discuss their findings concerning iMessage end-to-end encryption and decryption.
According to the presentation abstract, the "Quarkslab team studied iMessage protocol for quite some time." Those who attend the "Hack In The Box" convention in Malaysia, October 16-17 can expect to hear QuarksLabs researchers discuss and explain multiple aspects of iMessage security including "protocol layers, with Push then iMessage itself."
Attendees will also watch as the QuarksLabs team "build a MITM attack toward iMessage [and] explain the mandatory conditions for the MITM to succeed." The abstract adds that, "We will take you deep into the crypto used for encryption, authentication and key management. All pieces put together will prove that Apple can technically read your iMessages whenever they want." Those who attend the conference and iMessage presentation will also walk away with a valuable tool for protecting their iMessages further — that is, if they happen to be jailbroken. The tool will help owners of jailbroken iPhones, iPads and other iDevices which use iMessage to prevent MITM attacks from happening. The conference and session will certainly be something worth considering for anyone interested in iOS security, data encryption, and other topics related to mobile hacking.
For those of us who are not so technically proficient as @Pod2g and his friends at QuarksLabs, however, I am sure there are many questions about just how concerned we should be about this latest research. If Apple can in fact read our iMessages are they actually doing it? And what are the implications for the personal privacy and safety of the everyday iOS user?
So Is Apple Reading Our iMessages? iDesignTimes Interview With Pod2g [EXCLUSIVE]
I managed to speak with @Pod2g for a few moments today and he offered a little clarification on these points. When I asked him if there was any evidence at this time of Apple actually reading customers' iMessages, @pod2g was quick to reply.
"We haven't seen any evidence that Apple has read iMessages of people. We would have these evidences if they had tried to spy us. But it's not the case. Also, nobody can prove they [Apple] did the design flaw intentionally to spy on people. It may be, or it is just a consequence of another choice. Only Apple can know."
I then asked him how he thought Apple would respond to the news that he and his QuarksLab teammates had discovered this flaw in iOS iMessages. To that @pod2g replied, "We are really curious on how Apple would fix that, and if they want to."
Of course this is not the first time hackers like @Pod2g have informed Apple of security concerns. In 2012 while iOS 6 was still in beta form, @Pod2g reported another security concern he found with iMessages. At the time the hacker had discovered that SMS messages could be "spoofed" meaning that users may receive messages that appear to be from a friend but end up leading to malicious websites or spam. Apple responded quickly to these concerns when brought to light by promoting the use of iMeassages more heavily since the company itself is able to verify the addresses of the senders. In addition, when releasing iOS 6.1.3, which patched the latest evasi0n jailbreak, Apple was also mindful to send a hat tip to the Evad3rs for four of the vulnerabilities found and patched in that update.
So if this iOS hacker could design a way to attack Apple's iMessages, I was curious what the likelihood was that other hackers might attempt similar deeds on the system and how concerned the everyday user should be. According to @Pod2g, "the iMessage protocol is strong. Only Apple or a powerful institution (NSA is randomly chosen as an example) could tamper with it."
In other words, you don't have too much to fear from your run-of-the-mill spammer and scammer, however, it does leave open the question: is iMessage as secure as Apple has claimed it is? At this point, it appears the answer is no.
To learn more about this latest research on Apple's iMessage end-to-end encryption and decryption, make sure to sign up and attend the "Hack in The Box" Conference in Malaysia taking place October 16-17, 2013. Information about tickets and lodging can be found at the HITB conference web page along with other information about trainings and topics being presented that same week.
Like this article?
For More Apple Security And Jailbreak Related News See:
When Is The iOS 7 Public Release? Upgrade Or Stay On 6.1.3? What Jailbreakers Should Do [Interview With @Planetbeing]