Researchers from Johns Hopkins University have found a vulnerability in iMessages that allowed them to decrypt both photos and videos sent via the service. Apple said that iOS 9 provided a partial fix – making the attack method more difficult – while it is fully fixed in iOS 9.3.
The Washington Post reports that the team advised Apple of the flaw, and will publish a paper as soon as iOS 9.3 has been officially released, expected for later today. The team has, however, explained in outline how their attack worked …
To intercept a file, the researchers wrote software to mimic an Apple server. The encrypted transmission they targeted contained a link to the photo stored in Apple’s iCloud server as well as a 64-digit key to decrypt the photo.
Although the students could not see the key’s digits, they guessed at them by a repetitive process of changing a digit or a letter in the key and sending it back to the target phone. Each time they guessed a digit correctly, the phone accepted it. They probed the phone in this way thousands of times.
“And we kept doing that,” Green said, “until we had the key.”
Computer science professor Matthew D. Green said he suspected there might be a vulnerability in iMessage when he read an Apple security guide to the encryption process, and he’d initially alerted Apple at that time. When the company didn’t fix it, he and a team of students decided to try it in practice. The attack took several months.
Green says that the fact that such weaknesses still exist is support for Apple’s position against the FBI.
Even Apple, with all their skills — and they have terrific cryptographers — wasn’t able to quite get this right. So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.
iOS 9.3 has been in public beta for some time, and is due to be released later today. It runs on all iPhones from the 4s onward, on all iPads since the iPad 2 and on the 5th- and 6-generation iPod Touch.
Image: iosdevicerecovery.info
FTC: We use income earning auto affiliate links. More.
So the attack took several months and iOS 9.3 already fixes it. Got it.
While fixing this bug, Apple can also add able to create multiple draft text/message before send option in iMessage App. Missing since it’s inception against android stock message app. iPhone users say create multiple draft using Notes App and cut/paste into imessage when ready to send. I say why ? why not build into imessage like android.
What’re you sending in Messages that requires this? Are you sending novels in text? Seems excessive for a platform that’s meant to be quick text.
Our society is worse off for having missed out on Robert Wood’s magnum opus – which does not exist solely due to a lack of draft functions in iMessages!
“Meant to be” — I hate phrases like this. The fact is, iMessage is a better platform than email for sending messages, not to mention they’re encrypted (well, at least they’re SUPPOSED to be!). If someone wants to use this as their primary communications service, I say more power to them.
You can do it in the Mac version (kind of) — but yes, I see that on iOS it’s basically forcing you to send the message or not use anything else in the messages app. Lame. iMessage should be treated by Apple as one of the best things they have to offer to the public — a fully secure platform for sending and receiving messages with attachments. The apps themselves not only deserve a full overhaul (there are several bugs in place right now with client side caching \ messages saving on both Mac and OS X) but the service itself should also get top priority and get security audits.
Not listening when a prominent researcher tells you there’s a security flaw, is a pretty atrocious thing for Apple to do, I must say.
The Feds better be careful with upgrading their iPhones then¡
Seriously, this is nothing new. The encryption used by Apple most certainly doesn’t apply to everything on iOS. Heck, even music downloaded from iTunes is tagged with the user email *after* the user has received the file. iTunes adds it then, not before. So intercepting the data before it hits iTunes would be DRM free. But that doesn’t matter since its removed now anyway.
Nope. It’s tagged at the server.
Excellent news for iMessage and encryption.
So, iOS 9.2.1 can run on everything back to the iPad 2, but iOS 9.3 can only run on the iPad Air 1 and 2?
Nope, it’s probably a typo. http://d.pr/i/1bv44
Corrected, thanks.
I thought it might have been because Night Shift is apparently only available on iPad Air and newer, but other 9.3 features are available for older devices.
So, has the FBI and DOJ tried to block this patch yet since it is obvious that Apple is supporting terrorist, child pornographers, and kidnappers with this unacceptable increase in security.
I am, of course, being facetious to make a point about how absurd the FUD spouted by the government is.
Yet another security failure.
Perhaps Apple should spend less time/effort on obstructing law enforcement and more time on keeping our devices secure ?
What the…He told Apple about it originally and they never bothered to fix it? This is very concerning….