Researchers Show Apple Can Read iMessages

← Back to Stories (view on slashdot.org)

Researchers Show Apple Can Read iMessages

Posted by timothy on Thursday October 17, 2013 @04:47AM from the leetspeak-vs-panopticon dept.

Trailrunner7 writes "The Apple iMessage protocol has been shrouded in secrecy for years now, but a pair of security researchers have reverse-engineered the protocol [original analysis] and found that Apple controls the encryption key infrastructure for the system and therefore has the ability to read users' text messages–or decrypt them and hand them over at the order of a government agency. ... The researchers found that while that basic framework makes sense from a security point of view, there are a number of issues with the iMessage system. One major issue is that Apple itself controls the encryption key infrastructure use for iMessage, and has the keys for each individual user. The upshot of this is that Apple has the ability to read users' messages if it so chooses. The researchers who looked at iMessage, known as Pod2g and GG, said that there is no evidence that Apple is in fact reading users' iMessages, but it's possible that the company could. Users' AppleID passwords also are sent in clear text to the Apple servers."

23 of 124 comments (clear)

Min score:

Reason:

Sort:

Terrible summary by AmiMoJo · 2013-10-17 04:49 · Score: 4, Insightful

The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA. TFS leaves the last and far more interesting bit right until the end: Usernames and passwords sent in cleartext.
In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
1. Re:Terrible summary by JSG · 2013-10-17 04:54 · Score: 2, Informative
  
  The article only mentions the username going in clear.
2. Re:Terrible summary by Anonymous Coward · 2013-10-17 04:58 · Score: 5, Informative
  
  Also, the password isn't sent over the wire in cleartext; it's sent as cleartext *inside of the SSL stream*. As in: you need to defeat SSL to read it as a man in the middle. SSH does the same thing.
3. Re:Terrible summary by Laxori666 · 2013-10-17 05:02 · Score: 4, Informative
  
  From TFA:
  
  Second surprise was actually bigger: we saw our AppleID and password going through this SSL communication. Yes, the clear text password... There can be a lot of good reason to send the password as cleartext, ssh does it for instance. But here, we dont see any reason for Apple to get our password.
  
  Firstly, it means that Apple can replay our password using for instance our email also on many websites. Ok, Apple has no reason to do so. But what of intelligence agencies? Secondly, it also means that anyone capable of adding a certificate and able to proxify the communications can get user's AppleID and password, thus get access to iCloud accounts, backups, buy apps, ....
4. Re:Terrible summary by gl4ss · 2013-10-17 05:04 · Score: 4, Interesting
  
  Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?
  because technically and in practice the agencies can ask and order them to co-operate. it's not like it's a choice you know. they have no choice in the matter - except choice of going out of business, *eo's potentially going to jail and so forth. that's not really an option.
  in that context proving the opposite would have been a feat. so it would have been an interesting article if they had proved that apple can't read the imessages. besides, if they can reset your password without your account breaking then they can read your stuff. eos.
  
  --
  world was created 5 seconds before this post as it is.
5. Re:Terrible summary by Ash+Vince · 2013-10-17 05:05 · Score: 4, Insightful
  
  The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA.
  Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?
  Any US based executive that refused to co-operate with an NSA request can be sent to prison. You can try challenging them in the relevant (secret) mickey mouse course of rubber stamps or you can look for the odd work around like just disclosing what you have from the logs then closing down your entire service so you do not have to do it again.
  
  --
  I dont read /. to RTFA, I read /. to offend people in ignorance.
6. Re:Terrible summary by OlivierB · 2013-10-17 05:08 · Score: 5, Informative
  
  The username and password are sent in clear text in the SSL tunnel. So no, people at Starbucks won't get your username and password.
  What this suggests is that iMessage should only be sending a hash of the username and password to Apple Servers without ever sending those things even within a SSL tunnel.
  
  --
  Artificial intelligence is no match for natural stupidity
7. Re:Terrible summary by Andy+Dodd · 2013-10-17 05:14 · Score: 4, Interesting
  
  Keep in mind that between some of the more recent Snowden disclosures, and some of the disclosures coming out of Lavabit's shutdown (I think it was Lavabit that was printing SSL private keys in 4-point text???), the NSA can easily MITM these streams without anyone noticing as they are forcing US-based companies to provide them with SSL private keys for just this purpose.
  If the password were a salted hash there would at least be some level of protection here, although as long as Apple has a password reset mechanism and a way to recover "old" messages after a reset - it's nearly impossible for them to guarantee that someone who has legal power over Apple (such as the FISA courts) can't read messages.
  
  --
  retrorocket.o not found, launch anyway?
8. Re:Terrible summary by Anonymous Coward · 2013-10-17 05:15 · Score: 2, Insightful
  
  From TFA: "we saw our AppleID and password going through this SSL communication".
  The password is cleartext over an SSL connection. So, no, all the people in Starbucks are not broadcasting to everyone else in range. Apple just isn't hashing, encrypting or otherwise obscuring the password when sent through the SSL connection. So they have access to the password in iMessage; they have access to the password when someone uses icloud.com, appleid.apple.com, or any other Web based access to Apple Services so, it isn't much different.
9. Re: Terrible summary by um...+Lucas · 2013-10-17 05:23 · Score: 2
  
  Has apple ever claimed that iMessages were secure? I'm not thinking so. Just that you could send iMessages to other ios users and not get billed for lots of texts, which are far less secure still than iMessages. Next story?
10. Re:Terrible summary by JohnnyMindcrime · 2013-10-17 05:37 · Score: 2
  
  Encryption (e.g. in SSL) actually serves two important purposes - it encrypts clear text such that it appears like rubbish to anyone taking a look, but it also acts as authentication security because it allows you to validate that the endpoint you are communicating with is who they say they are.
  In SSH, for example, you can do away with passwords entirely by using private and public keys - the idea being that you encrypt with the private key and give the public key to the other endpoint, the algorithm used for both keys being such that when you decrypt with one you can only decrypt with the other. If you control the keys properly, then by virtue of being able to communicate with each other, you can pretty much confirm both endpoints are who they say they are.
  In the case of this iMessage issue, yes the passwords are encrypted but the keys are not properly "pinned" (i.e. controlled) meaning that a third party can potentially intrude using their own keys - and because you have a valid communication with that third party, you've no reason to assume it's not Apple you are talking to, which probably makes it that much worse as a form of exploit.
  The point is that encryption is only half the story, authentication is the other half...
  
  --
  Windows 10 is great - I used it to download Linux.
11. Re:Terrible summary by Anonymous Coward · 2013-10-17 06:27 · Score: 2, Informative
  
  How the fuck did this AC get modded informative with that speculative bullshit? Look at the fingerprint thing for example:
  
  Apple admits, ‘iPhone 5s Fingerprint Database To Be Shared With NSA
  
  Tim Richardson, District Manager of Apple’s North America Marketing Department admits about the sharing of Database with NSA ... he told: “Frankly, if a person is foolish enough to allow something as specific and criminally implicit as their fingerprints to be cataloged by faceless corporations and Government officials Well, you can’t exactly blame us for capitalizing upon it, can you? Personally, I believe this effort will support a greater good. Some of the folks they’re hoping to apprehend are quite dangerous. Besides, it’s not like this is covered in the Constitution.”
  
  What kind of braindead moron actually believes an Apple exec said this? And then, wait, is that a little update notice way at the bottom of the page?
  
  Update: The Source (National Report) is said to be a Parody site and the news they published is a rumor, that’s why we want to inform to all the users, “This News is awaiting confirmation”
  
  Uh huh. And the second link the parent gave is also from this parody site. Nobody, ACs especially, should be modded informative for posting lies or parody as fact.
12. Re:Terrible summary by Anonymous Coward · 2013-10-17 06:29 · Score: 3, Informative
  
  Apple admits, âiPhone 5s Fingerprint Database To Be Shared With NSAâ(TM)
  Um, no.
  http://www.theguardian.com/technology/2013/sep/27/no-nsa-iphone-5s-fingerprint-apple
  Important quote, in case you decide to not read the linked article:
  
  Reality check: the article claiming this comes from a right-wing "satire" site. Why are people confused? Because the satire's badly executed.
  And, before you don your tinfoil hat in an attempt to refute this information, please try to remember that my source is The Guardian - you know, the source of the Snowden information.
  So, yeah - please do think twice before spouting off moronic stupidity.
13. Re:Terrible summary by HiThere · 2013-10-17 07:16 · Score: 2
  
  They're also saying that any man-in-the-middle would get sufficient information to impersonate you, and could do anything that you are allowed to do.
  That was "good enough" security in 1970 on mainframe terminals, but they weren't broadcast over the internet. And there wasn't much malicious hacking. As it is.... well, I'm just glad that I don't use their services.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
14. Re:Terrible summary by phantomfive · 2013-10-17 09:51 · Score: 2
  
  iMessage should only be sending a hash of the username and password to Apple Servers without ever sending those things even within a SSL tunnel.
  If you do that, then the hash becomes the password, so anyone who gets the hash can log into your account.
  
  --
  "First they came for the slanderers and i said nothing."
Upshot? by stevemoink · 2013-10-17 04:56 · Score: 3, Informative

"The upshot of this is that Apple has the ability to read users' messages if it so chooses."
I do not think upshot means what you think it means.
of greater concern than TFA by nimbius · 2013-10-17 05:01 · Score: 4, Insightful

at no time should we have any expectation of privacy in a SaaS or PaaS environment that is controlled by an american company. the government has numerous laws that require corporations to preserve data for investigation both with and without a warrant provided, which in turn guarantees corporations will engineer systems to ensure they are compliant. Corporations do not exist to pick fights with the government or question legislation until it begins to impact their quarterly earnings, and as most people arent concerned about their privacy its only natural corporations in turn arent either. if snapchat users, gmail users, facebook users and paypal users en-masse boycotted their respective service providers, im certain the message would be clearly sent that spying on customers kills business.

but as customers are clearly powerless to do anything about the spying, and corporations are well aware of this, nothing will change. we need our gmail and our facebook if only because we're without alternative or uncomfortable with the idea of learning something new. You'll eventually need an app that resists snooping, which is hard when apple controls the platform and can simply engineer access to your messages through numerous means such as keylogging.

--
Good people go to bed earlier.
Wrong by globalist · 2013-10-17 05:06 · Score: 2

You're reverse-engineering it wrong.
No fingerprint sharing by MikeMo · 2013-10-17 06:31 · Score: 3, Insightful

I'm sorry, but part of your comment is just plain wrong. Firstly, Apple is not collecting your fingerprint, only something similar to a hash of the fingerprint's characteristics. Secondly, it isn't shared with anyone. Thirdly, the explicitly state in this article that your actual fingerprint can not be reverse engineered from the data the store on the phone.

In addition to this, the NYPD's stated reason for pushing the iPhone 5s is that it makes iPhone theft a thing of the past, which it clearly, demonstrably does. The link you posted saying NYPD is after the fingerprints is clearly, demonstrably false. Now, I'm sure you can find folks that say something different, but I can also show you pictures of Obama shaking hands with space aliens - you can find anything you like, but it doesn't make it true.

Finally, Apple (and Google) outright deny sharing data with the NSA.

You can continue to believe that they are sharing if you like, but stating that they have admitted they are sharing is incorrect.
Sweet onions by mynameiskhan · 2013-10-17 06:32 · Score: 2

That last link is akin to reading Onion and considering it real news. Only the Chinese gov. will assume it to be true info.
Re:No. by HiThere · 2013-10-17 07:21 · Score: 2

It's a bit stronger than that. Yes, Apple can, but so can any man-in-the-middle. So you have to trust the entire chain of connections between you and Apple.
Now man-in-the-middle attacks aren't that common, but they also aren't that difficult. It would probably only affect a small group of people at a time, depending on where the compromise took place. But this would seem to mean that Apple may have been telling the truth when they denied sharing information with the NSA. The NSA didn't need to ask them.

--

I think we've pushed this "anyone can grow up to be president" thing too far.
Oh no! by rabtech · 2013-10-17 09:05 · Score: 2

Google can read your email!
Jabber servers can read your IMs! So can Yahoo! So can AOL!
Oh wait, this is Apple. Nevermind, carry on with the hysterics.
(FYI: No matter what scheme you devise, key management always gets you because if Apple doesn't have the keys, it makes iMessage much, much harder to use. If they do, then someone can snoop the messages. If you use a chain of trust, who ever sits at the top of the chain can be compromised. In an ideal world, people would learn about crypto keys and understand how to manage them, but you'd have to meet face to face to avoid mistaken identities).

--
Natural != (nontoxic || beneficial)
To add some more information about the protocol by rabtech · 2013-10-17 10:33 · Score: 4, Informative

The system appears secure; hacking it requires injecting your own certificate into the trusted roots on the device.
Further, forging messages requires you compromise the private key which is only contained on the device (Apple doesn't know it). The public key is submitted to Apple's push CA which generates a certificate. The public part of your key is what other devices see when they get a copy of your certificate. So far, so good.
The issue is, of course, that Apple controls the CA so in theory if the government ordered them to issue a certificate in your name to the government, the gov could then monitor your communications or forge your identity.
Apple claims not to be able to read iMessages and that appears to be true, and as far as I'm aware not even the Patriot act requires them to issue forged certificates (aka allow the government to impersonate you digitally). So insofar as the law works and is followed, there is no legal authority to compel Apple to issue bunk certificates.
For the curious, when you send a message it contacts Apple and requests the list of public certs for a given URI (telephone number, email address, etc). Apple responds with a list of the public certs issued to each of your registered devices, which the client then uses to send messages encrypted with that public key to each, and also signed with your own private key. The receiver does a similar lookup and uses your public key to validate the signature (proving you sent the message and that it was sent from the correct device even), then uses its own private key to decrypt the message you encrypted with the public key.
I'm not sure how this could be improved. No matter what you do, someone has to be in charge of saying "The certificate for mobile number xxx-yyy-zzzz is ..." and that gives you a chain of trust problem. The alternative is requiring every iMessage user to meet face-to-face to exchange keys before sending any messages.

--
Natural != (nontoxic || beneficial)