Apple Counters Hackers' Claims About iMessage Snooping Flaw

The Citizen's Guide to the Future
Oct. 18 2013 4:32 PM

Apple Counters Hackers' Claims About iMessage Snooping Flaw

Apple is defending iMessage security's honor

Photo by BEN STANSALL/AFP/Getty Images

Apple is hitting back at hackers’ claims that its iMessage service could be subject to snooping.

Back in September, researchers at the security firm Quarkslab probed the encryption protocol used by the iMessage service to secure users’ communications. Apple has previously stated that the messages “are protected by end-to-end encryption so no one but the sender and receiver can see or read them.” However, the Quarkslab team claimed they had discovered that “Apple can technically read your iMessages whenever they want.”


On Thursday, Quarkslab offered new insight into their findings at the HITB security conference in Malaysia, showing off how they had found a way to intercept iMessages in real time by performing a so-called “man-in-the-middle attack” on a targeted iPhone. The researchers have no evidence that this type of snooping has been performed by Apple or any government agency seeking to conduct surveillance. Their point is that a sophisticated adversary could potentially exploit the same flaw in order to eavesdrop on conversations.

But Apple isn’t buying it. Following Quarkslab’s presentation Thursday, spokeswoman Trudy Muller told the website AllThingsD:

iMessage is not architected to allow Apple to read messages. The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.

Even if iMessages can theoretically be read by Apple, it’s safe to say the service is still more secure than conventional text messages. Earlier this year, for instance, an internal Drug Enforcement Agency document revealed agents complaining about their lack of ability to eavesdrop on iMessage due to its encryption. But following recent revelations about the broad scope of NSA surveillance, which implicated Apple, trust in major American technology companies is rapidly evaporating. Quarkslab’s claims, theoretical or otherwise, tap into the same privacy and trust issues—and will likely be enough to prompt some to ditch iMessage for a more secure alternative, despite Apple’s rebuttal.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.


Frame Game

Hard Knocks

I was hit by a teacher in an East Texas public school. It taught me nothing.

Chief Justice John Roberts Says $1,000 Can’t Buy Influence in Congress. Looks Like He’s Wrong.

After This Merger, One Company Could Control One-Third of the Planet's Beer Sales

Hidden Messages in Corporate Logos

If You’re Outraged by the NFL, Follow This Satirical Blowhard on Twitter

Sports Nut

Giving Up on Goodell

How the NFL lost the trust of its most loyal reporters.

How Can We Investigate Potential Dangers of Fracking Without Being Alarmist?

My Year as an Abortion Doula       

  News & Politics
Sept. 15 2014 8:56 PM The Benghazi Whistleblower Who Might Have Revealed a Massive Scandal on his Poetry Blog
Sept. 15 2014 7:27 PM Could IUDs Be the Next Great Weapon in the Battle Against Poverty?
Sept. 15 2014 4:38 PM What Is Straight Ice Cream?
  Double X
The XX Factor
Sept. 15 2014 3:31 PM My Year As an Abortion Doula
  Slate Plus
Tv Club
Sept. 15 2014 11:38 AM The Slate Doctor Who Podcast: Episode 4  A spoiler-filled discussion of "Listen."
Brow Beat
Sept. 15 2014 8:58 PM Lorde Does an Excellent Cover of Kanye West’s “Flashing Lights”
Future Tense
Sept. 15 2014 4:49 PM Cheetah Robot Is Now Wireless and Gallivanting on MIT’s Campus
  Health & Science
Bad Astronomy
Sept. 15 2014 11:00 AM The Comet and the Cosmic Beehive
Sports Nut
Sept. 15 2014 9:05 PM Giving Up on Goodell How the NFL lost the trust of its most loyal reporters.