Printed from http://www.electronista.com

Apple denies claims it could intercept iMessages on behalf of gov't.

updated 10:51 am EDT, Fri October 18, 2013

Research group says mad-in-the-middle attack could be used

Apple is denying that it could or would want to intercept iMessage traffic, according to an official statement. In a white paper issued Thursday, security firm QuarksLab argued that despite Apple assurances in the past, Apple could use a man-in-the-middle attack to provide US agencies like the NSA or the FBI with demanded information. The attack would exploit the company's control of encryption keys to convince senders and recipients that they're communicating with each other, when in reality they're passing information through an unsecure point where Apple can listen. QuarksLab says it's not suggesting that Apple does listen, simply that it has the option if compelled.

The paper is reportedly being well-received by other security researchers. "I think what their presentation demonstrates is that it's very difficult, but not impossible, for an outside attacker to intercept messages if they're able to control key aspects of the network," says one researcher, Ashkan Soltani. "Probably not something that just any actor can do, but definitely something a state/government actor or Apple themselves could do, if motivated."

In its new statement, Apple claims that QuarksLab's theory is just a theory, and would require reprogramming the iMessage system. "iMessage is not architected to allow Apple to read messages," says spokeswoman Trudy Muller. "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."

The truth of Apple's statement is difficult to verify, since US agencies have gone after services like Lavabit and Skype to intercept communications, despite their promises of secure connections. Lavabit chose to shut down before handing over encryption information.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News