Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Show Apple Can Read iMessages

Posted by timothy on from the leetspeak-vs-panopticon dept.

Trailrunner7 writes "The Apple iMessage protocol has been shrouded in secrecy for years now, but a pair of security researchers have reverse-engineered the protocol [original analysis] and found that Apple controls the encryption key infrastructure for the system and therefore has the ability to read users' text messages–or decrypt them and hand them over at the order of a government agency. ... The researchers found that while that basic framework makes sense from a security point of view, there are a number of issues with the iMessage system. One major issue is that Apple itself controls the encryption key infrastructure use for iMessage, and has the keys for each individual user. The upshot of this is that Apple has the ability to read users' messages if it so chooses. The researchers who looked at iMessage, known as Pod2g and GG, said that there is no evidence that Apple is in fact reading users' iMessages, but it's possible that the company could. Users' AppleID passwords also are sent in clear text to the Apple servers."

9 of 124 comments (clear)

  1. Terrible summary by AmiMoJo · · Score: 4, Insightful

    The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA. TFS leaves the last and far more interesting bit right until the end: Usernames and passwords sent in cleartext.

    In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    1. Re:Terrible summary by Anonymous Coward · · Score: 5, Informative

      Also, the password isn't sent over the wire in cleartext; it's sent as cleartext *inside of the SSL stream*. As in: you need to defeat SSL to read it as a man in the middle. SSH does the same thing.

    2. Re:Terrible summary by Laxori666 · · Score: 4, Informative
      From TFA:

      Second surprise was actually bigger: we saw our AppleID and password going through this SSL communication. Yes, the clear text password... There can be a lot of good reason to send the password as cleartext, ssh does it for instance. But here, we dont see any reason for Apple to get our password.

      Firstly, it means that Apple can replay our password using for instance our email also on many websites. Ok, Apple has no reason to do so. But what of intelligence agencies? Secondly, it also means that anyone capable of adding a certificate and able to proxify the communications can get user's AppleID and password, thus get access to iCloud accounts, backups, buy apps, ....

    3. Re:Terrible summary by gl4ss · · Score: 4, Interesting

      Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?

      because technically and in practice the agencies can ask and order them to co-operate. it's not like it's a choice you know. they have no choice in the matter - except choice of going out of business, *eo's potentially going to jail and so forth. that's not really an option.

      in that context proving the opposite would have been a feat. so it would have been an interesting article if they had proved that apple can't read the imessages. besides, if they can reset your password without your account breaking then they can read your stuff. eos.

      --
      world was created 5 seconds before this post as it is.
    4. Re:Terrible summary by Ash+Vince · · Score: 4, Insightful

      The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA.

      Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?

      Any US based executive that refused to co-operate with an NSA request can be sent to prison. You can try challenging them in the relevant (secret) mickey mouse course of rubber stamps or you can look for the odd work around like just disclosing what you have from the logs then closing down your entire service so you do not have to do it again.

      --
      I dont read /. to RTFA, I read /. to offend people in ignorance.
    5. Re:Terrible summary by OlivierB · · Score: 5, Informative

      The username and password are sent in clear text in the SSL tunnel. So no, people at Starbucks won't get your username and password.

      What this suggests is that iMessage should only be sending a hash of the username and password to Apple Servers without ever sending those things even within a SSL tunnel.

      --
      Artificial intelligence is no match for natural stupidity
    6. Re:Terrible summary by Andy+Dodd · · Score: 4, Interesting

      Keep in mind that between some of the more recent Snowden disclosures, and some of the disclosures coming out of Lavabit's shutdown (I think it was Lavabit that was printing SSL private keys in 4-point text???), the NSA can easily MITM these streams without anyone noticing as they are forcing US-based companies to provide them with SSL private keys for just this purpose.

      If the password were a salted hash there would at least be some level of protection here, although as long as Apple has a password reset mechanism and a way to recover "old" messages after a reset - it's nearly impossible for them to guarantee that someone who has legal power over Apple (such as the FISA courts) can't read messages.

      --
      retrorocket.o not found, launch anyway?
  2. of greater concern than TFA by nimbius · · Score: 4, Insightful

    at no time should we have any expectation of privacy in a SaaS or PaaS environment that is controlled by an american company. the government has numerous laws that require corporations to preserve data for investigation both with and without a warrant provided, which in turn guarantees corporations will engineer systems to ensure they are compliant. Corporations do not exist to pick fights with the government or question legislation until it begins to impact their quarterly earnings, and as most people arent concerned about their privacy its only natural corporations in turn arent either. if snapchat users, gmail users, facebook users and paypal users en-masse boycotted their respective service providers, im certain the message would be clearly sent that spying on customers kills business.

    but as customers are clearly powerless to do anything about the spying, and corporations are well aware of this, nothing will change. we need our gmail and our facebook if only because we're without alternative or uncomfortable with the idea of learning something new. You'll eventually need an app that resists snooping, which is hard when apple controls the platform and can simply engineer access to your messages through numerous means such as keylogging.

    --
    Good people go to bed earlier.
  3. To add some more information about the protocol by rabtech · · Score: 4, Informative

    The system appears secure; hacking it requires injecting your own certificate into the trusted roots on the device.

    Further, forging messages requires you compromise the private key which is only contained on the device (Apple doesn't know it). The public key is submitted to Apple's push CA which generates a certificate. The public part of your key is what other devices see when they get a copy of your certificate. So far, so good.

    The issue is, of course, that Apple controls the CA so in theory if the government ordered them to issue a certificate in your name to the government, the gov could then monitor your communications or forge your identity.

    Apple claims not to be able to read iMessages and that appears to be true, and as far as I'm aware not even the Patriot act requires them to issue forged certificates (aka allow the government to impersonate you digitally). So insofar as the law works and is followed, there is no legal authority to compel Apple to issue bunk certificates.

    For the curious, when you send a message it contacts Apple and requests the list of public certs for a given URI (telephone number, email address, etc). Apple responds with a list of the public certs issued to each of your registered devices, which the client then uses to send messages encrypted with that public key to each, and also signed with your own private key. The receiver does a similar lookup and uses your public key to validate the signature (proving you sent the message and that it was sent from the correct device even), then uses its own private key to decrypt the message you encrypted with the public key.

    I'm not sure how this could be improved. No matter what you do, someone has to be in charge of saying "The certificate for mobile number xxx-yyy-zzzz is ..." and that gives you a chain of trust problem. The alternative is requiring every iMessage user to meet face-to-face to exchange keys before sending any messages.

    --
    Natural != (nontoxic || beneficial)