Apple Counters Hackers' Claims About iMessage Snooping Flaw

Future Tense
The Citizen's Guide to the Future
Oct. 18 2013 4:32 PM

Apple Counters Hackers' Claims About iMessage Snooping Flaw

Apple is defending iMessage security's honor

Photo by BEN STANSALL/AFP/Getty Images

Apple is hitting back at hackers’ claims that its iMessage service could be subject to snooping.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

Back in September, researchers at the security firm Quarkslab probed the encryption protocol used by the iMessage service to secure users’ communications. Apple has previously stated that the messages “are protected by end-to-end encryption so no one but the sender and receiver can see or read them.” However, the Quarkslab team claimed they had discovered that “Apple can technically read your iMessages whenever they want.”


On Thursday, Quarkslab offered new insight into their findings at the HITB security conference in Malaysia, showing off how they had found a way to intercept iMessages in real time by performing a so-called “man-in-the-middle attack” on a targeted iPhone. The researchers have no evidence that this type of snooping has been performed by Apple or any government agency seeking to conduct surveillance. Their point is that a sophisticated adversary could potentially exploit the same flaw in order to eavesdrop on conversations.

But Apple isn’t buying it. Following Quarkslab’s presentation Thursday, spokeswoman Trudy Muller told the website AllThingsD:

iMessage is not architected to allow Apple to read messages. The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.

Even if iMessages can theoretically be read by Apple, it’s safe to say the service is still more secure than conventional text messages. Earlier this year, for instance, an internal Drug Enforcement Agency document revealed agents complaining about their lack of ability to eavesdrop on iMessage due to its encryption. But following recent revelations about the broad scope of NSA surveillance, which implicated Apple, trust in major American technology companies is rapidly evaporating. Quarkslab’s claims, theoretical or otherwise, tap into the same privacy and trust issues—and will likely be enough to prompt some to ditch iMessage for a more secure alternative, despite Apple’s rebuttal.

Future Tense is a partnership of SlateNew America, and Arizona State University.


The World

The Budget Disaster that Sabotaged the WHO’s Response to Ebola

Are the Attacks in Canada a Sign of ISIS on the Rise in the West?

PowerPoint Is the Worst, and Now It’s the Latest Way to Hack Into Your Computer

Is It Offensive When Kids Use Bad Words for Good Causes?

Fascinating Maps Based on Reddit, Craigslist, and OkCupid Data


The Real Secret of Serial

What reporter Sarah Koenig actually believes.


The Actual World

“Mount Thoreau” and the naming of things in the wilderness.

In Praise of 13th Grade: Why a Fifth Year of High School Is a Great Idea

Can Democratic Sen. Mary Landrieu Pull Off One More Louisiana Miracle?

  News & Politics
Oct. 23 2014 3:55 PM Panda Sluggers Democrats are in trouble. Time to bash China.
Business Insider
Oct. 23 2014 2:36 PM Take a Rare Peek Inside the Massive Data Centers That Power Google
Atlas Obscura
Oct. 23 2014 1:34 PM Leave Me Be Beneath a Tree: Trunyan Cemetery in Bali
  Double X
The XX Factor
Oct. 23 2014 11:33 AM Watch Little Princesses Curse for the Feminist Cause
  Slate Plus
Oct. 23 2014 11:28 AM Slate’s Working Podcast: Episode 2 Transcript Read what David Plotz asked Dr. Meri Kolbrener about her workday.
Brow Beat
Oct. 23 2014 3:23 PM This Is What Bette Midler Covering TLC’s “Waterfalls” Sounds Like
Oct. 23 2014 11:45 AM The United States of Reddit  How social media is redrawing our borders. 
  Health & Science
Bad Astronomy
Oct. 23 2014 7:30 AM Our Solar System and Galaxy … Seen by an Astronaut
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.