Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researchers Show Apple Can Read iMessages

timothy posted about a year ago | from the leetspeak-vs-panopticon dept.

Communications 124

Trailrunner7 writes "The Apple iMessage protocol has been shrouded in secrecy for years now, but a pair of security researchers have reverse-engineered the protocol [original analysis] and found that Apple controls the encryption key infrastructure for the system and therefore has the ability to read users' text messages–or decrypt them and hand them over at the order of a government agency. ... The researchers found that while that basic framework makes sense from a security point of view, there are a number of issues with the iMessage system. One major issue is that Apple itself controls the encryption key infrastructure use for iMessage, and has the keys for each individual user. The upshot of this is that Apple has the ability to read users' messages if it so chooses. The researchers who looked at iMessage, known as Pod2g and GG, said that there is no evidence that Apple is in fact reading users' iMessages, but it's possible that the company could. Users' AppleID passwords also are sent in clear text to the Apple servers."

cancel ×

124 comments

Sorry! There are no comments related to the filter you selected.

1984 (-1, Offtopic)

Anonymous Coward | about a year ago | (#45154209)

“He who controls the past controls the future. He who controls the present controls the past.”
 
George Orwell

Re:1984 (1)

jamiesan (715069) | about a year ago | (#45157047)

He who controls the spice controls the universe.

Terrible summary (4, Insightful)

AmiMoJo (196126) | about a year ago | (#45154221)

The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA. TFS leaves the last and far more interesting bit right until the end: Usernames and passwords sent in cleartext.

In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

Re:Terrible summary (0, Troll)

gnasher719 (869701) | about a year ago | (#45154277)

The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA.

Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?

Re:Terrible summary (4, Interesting)

gl4ss (559668) | about a year ago | (#45154425)

Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?

because technically and in practice the agencies can ask and order them to co-operate. it's not like it's a choice you know. they have no choice in the matter - except choice of going out of business, *eo's potentially going to jail and so forth. that's not really an option.

in that context proving the opposite would have been a feat. so it would have been an interesting article if they had proved that apple can't read the imessages. besides, if they can reset your password without your account breaking then they can read your stuff. eos.

Re:Terrible summary (1)

Zemran (3101) | about a year ago | (#45154755)

" if they had proved that apple can't read the imessages. "

In any situation, take an image, load said image to clone machine, reset password on interesting account and look as much as you like... Live machine still unaffected.

Re:Terrible summary (4, Insightful)

Ash Vince (602485) | about a year ago | (#45154455)

The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA.

Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?

Any US based executive that refused to co-operate with an NSA request can be sent to prison. You can try challenging them in the relevant (secret) mickey mouse course of rubber stamps or you can look for the odd work around like just disclosing what you have from the logs then closing down your entire service so you do not have to do it again.

Re:Terrible summary (1)

macsimcon (682390) | about a year ago | (#45158971)

Sorry, that just isn't true.

If your company creates a system that doesn't allow you access to customer information (say, because it's encrypted, and only the customer has the key), neither your nor your company can be compelled to reprogram your system so you get the keys, and can therefore hand them over to the government.

The trick is in how you design the system. If it's onerous or impossible to provide the government the information, no amount of NSLs are going to matter.

Now, I'm not claiming that Messages is designed that way, but it's not beyond the realm of possibility that a company could design such a system (e.g. Threema)

Re:Terrible summary (1)

Anonymous Coward | about a year ago | (#45159883)

>If your company creates a system that doesn't allow you access to customer information (say, because it's encrypted, and only the customer has the key), neither your nor your company can be compelled to reprogram your system so you get the keys, and can therefore hand them over to the government.

The recent issue with Lavabit shows that this is no longer true.

Re:Terrible summary (0, Informative)

Anonymous Coward | about a year ago | (#45154563)

NSA Collects Data Directly From Servers Of Google, Apple, Microsoft, Facebook And More [techcrunch.com]
Apple iOS 7 Update Gives Law Enforcement Unlimited Access To User’s Personal Data [nationalreport.net] (NSA is specifically mention in the article.)
Apple admits, ‘iPhone 5s Fingerprint Database To Be Shared With NSA’ [hackersnewsbulletin.com]
Apparently Apple has officially admitted it after the NSA leaks.

Considering what has been revealed, shouldn't you think twice before calling someone paranoid or a tin-foil hat?
Seriously, either you have lived in a closet the last months or you are a government goon spreading FUD.

Re:Terrible summary (2, Informative)

Anonymous Coward | about a year ago | (#45155505)

How the fuck did this AC get modded informative with that speculative bullshit? Look at the fingerprint thing for example:

Apple admits, ‘iPhone 5s Fingerprint Database To Be Shared With NSA [hackersnewsbulletin.com]

Tim Richardson, District Manager of Apple’s North America Marketing Department admits about the sharing of Database with NSA ... he told: “Frankly, if a person is foolish enough to allow something as specific and criminally implicit as their fingerprints to be cataloged by faceless corporations and Government officials Well, you can’t exactly blame us for capitalizing upon it, can you? Personally, I believe this effort will support a greater good. Some of the folks they’re hoping to apprehend are quite dangerous. Besides, it’s not like this is covered in the Constitution.”

What kind of braindead moron actually believes an Apple exec said this? And then, wait, is that a little update notice way at the bottom of the page?

Update: The Source (National Report) is said to be a Parody site and the news they published is a rumor, that’s why we want to inform to all the users, “This News is awaiting confirmation”

Uh huh. And the second link the parent gave is also from this parody site. Nobody, ACs especially, should be modded informative for posting lies or parody as fact.

Re:Terrible summary (3, Informative)

Anonymous Coward | about a year ago | (#45155525)

Apple admits, âiPhone 5s Fingerprint Database To Be Shared With NSAâ(TM)

Um, no.

http://www.theguardian.com/technology/2013/sep/27/no-nsa-iphone-5s-fingerprint-apple [theguardian.com]

Important quote, in case you decide to not read the linked article:

Reality check: the article claiming this comes from a right-wing "satire" site. Why are people confused? Because the satire's badly executed.

And, before you don your tinfoil hat in an attempt to refute this information, please try to remember that my source is The Guardian - you know, the source of the Snowden information.

So, yeah - please do think twice before spouting off moronic stupidity.

Re:Terrible summary (1)

DJRumpy (1345787) | about a year ago | (#45155717)

The Apple hate has grown to the point where they are marking satire as 'informative'? Seriously? I would expect my parents to fall for something like this. Any /. user that does needs to hand in their geek card.

No fingerprint sharing (3, Insightful)

MikeMo (521697) | about a year ago | (#45155551)

I'm sorry, but part of your comment is just plain wrong. Firstly, Apple is not collecting your fingerprint, only something similar to a hash of the fingerprint's characteristics. Secondly, it isn't shared with anyone. Thirdly, the explicitly state in this article [apple.com] that your actual fingerprint can not be reverse engineered from the data the store on the phone.

In addition to this, the NYPD's stated reason for pushing the iPhone 5s is that it makes iPhone theft a thing of the past, which it clearly, demonstrably does. The link you posted saying NYPD is after the fingerprints is clearly, demonstrably false. Now, I'm sure you can find folks that say something different, but I can also show you pictures of Obama shaking hands with space aliens - you can find anything you like, but it doesn't make it true.

Finally, Apple (and Google) outright deny [allthingsd.com] sharing data with the NSA.

You can continue to believe that they are sharing if you like, but stating that they have admitted they are sharing is incorrect.

Sweet onions (2)

mynameiskhan (2689067) | about a year ago | (#45155561)

That last link is akin to reading Onion and considering it real news. Only the Chinese gov. will assume it to be true info.

Re:Terrible summary (1)

Anonymous Coward | about a year ago | (#45157717)

You are aware that the National Report is satire, right? (Aparently not) It's like the Onion, only more obvious.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154623)

Go back under your rock, you seem to like hiding there. Read your own fucking news about Snowden and the stuff he leaked, and READ THE ACTUAL STUFF HE LEAKED not what people say he leaked.

Re: Terrible summary (1, Informative)

Anonymous Coward | about a year ago | (#45154809)

I have plenty of evidence. And this topic really isn't anything new. Apple have woeful security practices that broadcast their own customers private data while using no encryption whatsoever. You need to research a little more instead of being a tool.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45155767)

The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA.

Excuse me, but how do we know this? Except for your prejudice and paranoia, do you have any actual evidence?

Oh, look, someone who has obviously been living under a rock. Try typing "Snowden" into Google search and see what turns up, it won't tell you the entire story but it's a good step towards educating yourself. With a little effort and luck, you might even not come off sounding like a complete fucking retard next time you post.

Re:Terrible summary (2, Informative)

JSG (82708) | about a year ago | (#45154279)

The article only mentions the username going in clear.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154363)

Copied directly from the article:
"Users’ AppleID passwords also are sent in clear text to the Apple servers."

Re:Terrible summary (1)

Shabbs (11692) | about a year ago | (#45154389)

The article only mentions the username going in clear.

Might want to double check that...

FTA: "Users’ AppleID passwords also are sent in clear text to the Apple servers."

http://threatpost.com/apple-imessage-open-to-man-in-the-middle-spoofing-attacks/102610 [threatpost.com]

Re:Terrible summary (5, Informative)

OlivierB (709839) | about a year ago | (#45154515)

The username and password are sent in clear text in the SSL tunnel. So no, people at Starbucks won't get your username and password.

What this suggests is that iMessage should only be sending a hash of the username and password to Apple Servers without ever sending those things even within a SSL tunnel.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154797)

I believe services like gmail, googletalk, skype also can know your passwords too.

This is a very normal way of doing things - the passwords are sent in an encrypted tunnel to the server, the service/app on the server gets the plaintext password and verifies it.

So I don't see why this is news. Yes this is insecure if you can't trust Apple, but that news was out long ago already.

You can do the hash thing but if you can't trust Apple it's pointless since the software, updates and the service is from apple. The only way might be authentication via a 3rd party device. e.g. your password unlocks the key on the device and the device then uses public key crypto to authenticate with Apple.

SRP (0)

Anonymous Coward | about a year ago | (#45155393)

What this suggests is that iMessage should only be sending a hash of the username and password to Apple Servers without ever sending those things even within a SSL tunnel.

What this suggests is that Apple should be using something like SRP instead of a simple "hash":

https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol

Mutual authentication and pretty good resistance to oracle (and offline) attacks.

Re:Terrible summary (2)

phantomfive (622387) | about a year ago | (#45158049)

iMessage should only be sending a hash of the username and password to Apple Servers without ever sending those things even within a SSL tunnel.

If you do that, then the hash becomes the password, so anyone who gets the hash can log into your account.

Re:Terrible summary (1)

OlivierB (709839) | about a year ago | (#45158713)

Ok, I could have made this a little more explicit.

For something like iMessage, where the client and the server are trusted, but not the communication channel you could very well (for example) input your user name and password on the client, have the client generate hashes of the username and login, sign said hashes with the sever's public key and send them over to the server.

That's one step better than cleartext auth wrapped with SSL but, as someone else remarked, a SRP (or even DH) exchange is pretty straightforward and pretty robust.

Re:Terrible summary (1)

phantomfive (622387) | about a year ago | (#45159497)

If the communication channel is not trusted, and someone gets the hash, then how will the server know it is getting the hash from you and not from an attacker?

That's why the hash essentially becomes the password, because in that situation the attacker can use it to impersonate you.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154641)

TFA leaves out entirely the fact that these "clear text" passwords are SSL encrypted. At least the original report makes this clear, even if it is unnecessarily alarmist about the fact that your password is being sent *to the company who uses it to authenticate you.* How is that a surprise?

Re:Terrible summary (4, Informative)

Laxori666 (748529) | about a year ago | (#45154403)

From TFA [quarkslab.com] :

Second surprise was actually bigger: we saw our AppleID and password going through this SSL communication. Yes, the clear text password... There can be a lot of good reason to send the password as cleartext, ssh does it for instance. But here, we dont see any reason for Apple to get our password.

Firstly, it means that Apple can replay our password using for instance our email also on many websites. Ok, Apple has no reason to do so. But what of intelligence agencies? Secondly, it also means that anyone capable of adding a certificate and able to proxify the communications can get user's AppleID and password, thus get access to iCloud accounts, backups, buy apps, ....

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154281)

Yeah, that cleartext password is a pretty big problem, I think.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154409)

It's cleartext *inside of the SSL stream*. TFS is wrong. They're saying that, since Apple can decrypt the SSL stream, they (or the NSA) could try your username and password on other sites. SSH has the same architecture; the architecture's not necessarily broken, but the people who you're trusting to validate your password might be.

Re:Terrible summary (2)

HiThere (15173) | about a year ago | (#45156045)

They're also saying that any man-in-the-middle would get sufficient information to impersonate you, and could do anything that you are allowed to do.

That was "good enough" security in 1970 on mainframe terminals, but they weren't broadcast over the internet. And there wasn't much malicious hacking. As it is.... well, I'm just glad that I don't use their services.

Re:Terrible summary (1)

cbhacking (979169) | about a year ago | (#45157497)

SSH only "has the same architecture" if you use password auth instead of public key auth. The latter is considerably safer. Additionally, there are *still* other, better options, such as SRP.

Re:Terrible summary (5, Informative)

Anonymous Coward | about a year ago | (#45154339)

Also, the password isn't sent over the wire in cleartext; it's sent as cleartext *inside of the SSL stream*. As in: you need to defeat SSL to read it as a man in the middle. SSH does the same thing.

Re:Terrible summary (1)

sribe (304414) | about a year ago | (#45154449)

...it's sent as cleartext *inside of the SSL stream*...

Why, oh why, did you post that like two minutes after my mod points expired???

Re:Terrible summary (4, Interesting)

Andy Dodd (701) | about a year ago | (#45154599)

Keep in mind that between some of the more recent Snowden disclosures, and some of the disclosures coming out of Lavabit's shutdown (I think it was Lavabit that was printing SSL private keys in 4-point text???), the NSA can easily MITM these streams without anyone noticing as they are forcing US-based companies to provide them with SSL private keys for just this purpose.

If the password were a salted hash there would at least be some level of protection here, although as long as Apple has a password reset mechanism and a way to recover "old" messages after a reset - it's nearly impossible for them to guarantee that someone who has legal power over Apple (such as the FISA courts) can't read messages.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154989)

It's absolutely a legitimate issue, and defense in depth would tell you to use something like a hashed password or even a challenge/response scheme inside of the SSL stream to improve security in the face of an attacker like the NSA. The summary was waaay wrong, though.

Re:Terrible summary (1)

tlhIngan (30335) | about a year ago | (#45156269)

Keep in mind that between some of the more recent Snowden disclosures, and some of the disclosures coming out of Lavabit's shutdown (I think it was Lavabit that was printing SSL private keys in 4-point text???), the NSA can easily MITM these streams without anyone noticing as they are forcing US-based companies to provide them with SSL private keys for just this purpose.

If the password were a salted hash there would at least be some level of protection here, although as long as Apple has a password reset mechanism and a way to recover "old" messages after a reset - it's nearly impossible for them to guarantee that someone who has legal power over Apple (such as the FISA courts) can't read messages.

If the NSA were to MITM an iMessage stream - they could just as easily MITM an iTunes connection, an iCloud.com connection or even apple.com connection and get at your Apple ID and password information right there when you type it in on the web page.

Considering all the places where your Apple ID and password are available "in the clear" (well, inside an SSL tunnel), if the NSA can MITM iMessages, it doesn't really matter in the end since they can easily MITM many Apple SSL sites to get your Apple ID. Heck, they can hijack your Mac to get it straight from OS X itself.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154695)

Also, the password isn't sent over the wire in cleartext; it's sent as cleartext *inside of the SSL stream*. As in: you need to defeat SSL to read it as a man in the middle. SSH does the same thing.

and

In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

Clearly a man in the middle attack is of no concern when accessing an unknown public wifi.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45155369)

An unknown wi-fi access point could forge certificates, but they'd either have to conspire with a CA to issue trusted certificates, or trick your device in to trusting their hand-built CA root. In any other case, SSL would tell you that certificate verification/validation failed. Not saying it's impossible, or that users are smart enough to heed the warning, but the attack would require a bit of competence/determination.

Re:Terrible summary (1)

Urza9814 (883915) | about a year ago | (#45160171)

sslstrip perhaps?

No seriously, that's not rhetorical. I forget what all it does and I can't check because the site is blocked from work...so I dunno if it would work against iMessage or not...

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154715)

you need to defeat SSL to read it as

"Oh no! SSL! They got us. Might as well pack up and go home!" -NSA.

Seriously. Holding all the certificates and the very algorithms used by the different random number generators isn't enough, right? It turns out that there are far fewer actual "random" numbers than you think, when you know the formulae used to derive those random numbers from a finite possibility of "entropy" events in an OS...

Re:Terrible summary (2)

JohnnyMindcrime (2487092) | about a year ago | (#45154891)

Encryption (e.g. in SSL) actually serves two important purposes - it encrypts clear text such that it appears like rubbish to anyone taking a look, but it also acts as authentication security because it allows you to validate that the endpoint you are communicating with is who they say they are.

In SSH, for example, you can do away with passwords entirely by using private and public keys - the idea being that you encrypt with the private key and give the public key to the other endpoint, the algorithm used for both keys being such that when you decrypt with one you can only decrypt with the other. If you control the keys properly, then by virtue of being able to communicate with each other, you can pretty much confirm both endpoints are who they say they are.

In the case of this iMessage issue, yes the passwords are encrypted but the keys are not properly "pinned" (i.e. controlled) meaning that a third party can potentially intrude using their own keys - and because you have a valid communication with that third party, you've no reason to assume it's not Apple you are talking to, which probably makes it that much worse as a form of exploit.

The point is that encryption is only half the story, authentication is the other half...

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45155433)

" If you control the keys properly,"

There's the catch. NSA et al. have ways of getting keys not taken into account by just looking at the signal path. Everything from demanding copies of such from cert issuers to hacking your device(s) directly. Of course, in the latter case, you're pretty much screwed anyway.

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45156175)

Also, the password isn't sent over the wire in cleartext; it's sent as cleartext *inside of the SSL stream*. As in: you need to defeat SSL to read it as a man in the middle. SSH does the same thing.

And it's considered bad security in the design of SSH as well.

Re:Terrible summary (1)

isorox (205688) | about a year ago | (#45157557)

Also, the password isn't sent over the wire in cleartext; it's sent as cleartext *inside of the SSL stream*. As in: you need to defeat SSL to read it as a man in the middle. SSH does the same thing.

I tunnel my SSL traffic over an SSH tunnel through an SSTP vpn, what could possibly go wrong?

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45159833)

who owns/holds the Root CA's Private key, that all other keys are a subkey of? Verisign isn't it? They're owned by the NSA and who already has that key? This is the fatal flaw of the SSL/HTTPS protocol. Everything is derived from a Root Key that is owned by the Root CA - don't believe me, check the chain of trust in Firefox and IE. Everything is a subkey (it's how the damn thing is designed).

Fast Turtle - Posting AC to preseve Mods

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45154433)

YAWNS

Dang anyone who think they got the least bit of privacy on the net , phone , even home are simply on opium. Comm links that have been put in place for the military primarily had to give them the upper end for all security matters.

No. (0)

Anonymous Coward | about a year ago | (#45154439)

Usernames and passwords sent in cleartext.

In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

No.

The researchers are saying that Apple can see the user and password in the clear--i.e., that it's a traditional user/password authentication system and not challenge/response, for example. The user and password are encrypted on the wire. From TFA:

we saw our AppleID and password going through this SSL communication

Re:No. (2)

HiThere (15173) | about a year ago | (#45156087)

It's a bit stronger than that. Yes, Apple can, but so can any man-in-the-middle. So you have to trust the entire chain of connections between you and Apple.

Now man-in-the-middle attacks aren't that common, but they also aren't that difficult. It would probably only affect a small group of people at a time, depending on where the compromise took place. But this would seem to mean that Apple may have been telling the truth when they denied sharing information with the NSA. The NSA didn't need to ask them.

Re:Terrible summary (1)

DarkOx (621550) | about a year ago | (#45154539)

The only facts are that Apple can read iMessages, and that this was always well known and obvious.

Any encrypted messaging scheme where some third party handles the keys and the cipher text pretty much implies said third party *can* see the messages in clear text.

This is even the case of asymmetric crypto because if you obtain the public key through the same channel the cipher text is to be sent over you can be man in the middle attacked easily.

Honestly if security is of primary concern third party key management is FAIL.

Re:Terrible summary (2, Insightful)

Anonymous Coward | about a year ago | (#45154601)

From TFA: "we saw our AppleID and password going through this SSL communication".

The password is cleartext over an SSL connection. So, no, all the people in Starbucks are not broadcasting to everyone else in range. Apple just isn't hashing, encrypting or otherwise obscuring the password when sent through the SSL connection. So they have access to the password in iMessage; they have access to the password when someone uses icloud.com, appleid.apple.com, or any other Web based access to Apple Services so, it isn't much different.

Re:Terrible summary (0)

Dunbal (464142) | about a year ago | (#45154651)

"I use Apple products because they are 'safer'".

Re: Terrible summary (2)

um... Lucas (13147) | about a year ago | (#45154707)

Has apple ever claimed that iMessages were secure? I'm not thinking so. Just that you could send iMessages to other ios users and not get billed for lots of texts, which are far less secure still than iMessages. Next story?

Re:Terrible summary (1)

JohnnyMindcrime (2487092) | about a year ago | (#45155003)

In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

I've never owned an Apple device in my life and have no intention of ever doing so - but wrong is wrong and I have to correct you.

The passwords are encrypted over SSL and therefore anyone snooping a connection will only see gobbledigook - in no way are they broadcast in clear text.

The actual vulnerability here is that someone can, using their own constructed SSL keys, perform a man-in-the-middle attack to step into the middle of a communication - at which point they could no doubt request the password and be sent it in what would be a decryptable and readable format.

So, yes, it's a vulnerability, but whereas anyone can run sniffer traces to read packets on the wire or in the air, a man-in-the-middle attack takes a considerably higher amount of technical expertise to carry out.

Re:Terrible summary (1)

LordLimecat (1103839) | about a year ago | (#45155573)

Most sane programs would throw a hissy fit if someone tried to MITM an SSL communication with constructed SSL keys--
A) because the thumbprint would drastically change and
B) because the cert would not be signed by a trusted CA

Re:Terrible summary (0)

Anonymous Coward | about a year ago | (#45155295)

Why is this incorrect crap still modded up...

Capture them, buy iPads! (0)

Anonymous Coward | about a year ago | (#45155311)

That Apple ID is also their Apple Store ID.

Re:Terrible summary (0)

myowntrueself (607117) | about a year ago | (#45159875)

The fact that Apple can read iMessages and hand them over to the authorities is hardly surprising, especially given that we know they co-operate with the NSA. TFS leaves the last and far more interesting bit right until the end: Usernames and passwords sent in cleartext.

In other words all those people using Starbucks' free wifi are broadcasting their Apple ID and password to everyone else in range.

I read somewhere that the NSA referred to Steve Jobs as 'Big Brother'. That should be all we need to know to assume that ALL Apple products will sell their users out.

Yawn (0)

Anonymous Coward | about a year ago | (#45154231)

Of course they can. I'm sure the NSA has every text message, regardless of the device used.

Since iDon't use any Apple products... (0, Troll)

Sir_Eptishous (873977) | about a year ago | (#45154297)

iDon't give an iShit.

Re:Since iDon't use any Apple products... (0)

Anonymous Coward | about a year ago | (#45154399)

Dear Sir_EatShitHouse,

If you don't care, then why did you read it and then post about it.

Re:Since iDon't use any Apple products... (0)

Anonymous Coward | about a year ago | (#45154493)

Because he knew I was watching in the background and knows that it humours me greatly to see fishing lines cast and foaming-at-the-mouth fanbois taking the bait.

Re:Since iDon't use any Apple products... (0)

Anonymous Coward | about a year ago | (#45154653)

Right you are!

Re:Since iDon't use any Apple products... (0)

Anonymous Coward | about a year ago | (#45154451)

Yeah, who cares about the privacy of others; clearly it has no foreseeable effect on you whatsoever.

Re:Since iDon't use any Apple products... (0)

Anonymous Coward | about a year ago | (#45154465)

Why does this have a score of 3? Just another useless slashdot comment that adds /nothing/ to the subject.

-1 flamebait

Upshot? (4, Informative)

stevemoink (134725) | about a year ago | (#45154317)

"The upshot of this is that Apple has the ability to read users' messages if it so chooses."

I do not think upshot means what you think it means.

Re:Upshot? (0)

Anonymous Coward | about a year ago | (#45158463)

No, it doesn't mean what you think it means. The usage in TFA is fine.

Upshot [reference.com] :

noun
1. the final issue, the conclusion, or the result: The upshot of the disagreement was a new bylaw.
2. the gist, as of an argument or thesis.

Synonyms
1. consequence, outgrowth, aftereffect.

Wait, what? (0)

Anonymous Coward | about a year ago | (#45154357)

All that schpeal about how they can decrypt your messages, but this gets a single sentance at the end: "Users' AppleID passwords also are sent in clear text to the Apple servers."? Would that pe the same AppleID that is tied to a credit card, so you can buy things in the Apple store?

That Apple can read your messages is not at all supriseing, THIS tidbit is shocking!

Re:Wait, what? (1)

roc97007 (608802) | about a year ago | (#45154427)

All that schpeal about how they can decrypt your messages, but this gets a single sentance at the end: "Users' AppleID passwords also are sent in clear text to the Apple servers."? Would that pe the same AppleID that is tied to a credit card, so you can buy things in the Apple store?

That Apple can read your messages is not at all supriseing, THIS tidbit is shocking!

Yep. I just bought the entire Grateful Dead catalog on your credit card. Thanks!

Re:Wait, what? (0)

Anonymous Coward | about a year ago | (#45154525)

Ain't that Heaven sent...

Re:Wait, what? (0)

Anonymous Coward | about a year ago | (#45154531)

Mental note, do not assume summaries are accurate.

It is still in the SSL stream. so it's silly, but not THAT bad.

Re:Wait, what? (1)

Dr. Sheldon Cooper (2726841) | about a year ago | (#45154671)

It's "spiel."

You're welcome.

Re:Wait, what? (0)

Anonymous Coward | about a year ago | (#45155847)

Congratulations. You corrected someone's spelling on the internet.

You better get to it, you have a lot of work ahead of you still.

of greater concern than TFA (4, Insightful)

nimbius (983462) | about a year ago | (#45154391)

at no time should we have any expectation of privacy in a SaaS or PaaS environment that is controlled by an american company. the government has numerous laws that require corporations to preserve data for investigation both with and without a warrant provided, which in turn guarantees corporations will engineer systems to ensure they are compliant. Corporations do not exist to pick fights with the government or question legislation until it begins to impact their quarterly earnings, and as most people arent concerned about their privacy its only natural corporations in turn arent either. if snapchat users, gmail users, facebook users and paypal users en-masse boycotted their respective service providers, im certain the message would be clearly sent that spying on customers kills business.

but as customers are clearly powerless to do anything about the spying, and corporations are well aware of this, nothing will change. we need our gmail and our facebook if only because we're without alternative or uncomfortable with the idea of learning something new. You'll eventually need an app that resists snooping, which is hard when apple controls the platform and can simply engineer access to your messages through numerous means such as keylogging.

Re:of greater concern than TFA (0)

Anonymous Coward | about a year ago | (#45154843)

Correction:
at no time should we have any expectation of privacy in a SaaS or PaaS environment that is controlled by a company.

America has exemplified precisely what is fundamentally possible in a SaaS/PaaS/IaaS ecosystem. That does not mean that your are somehow safe just by picking a service in another company. NSA shenanigans should be making people wary of putting data out there haphazardly at *all*, not just within obvious reach of one specific nation's government.

Re:of greater concern than TFA (0)

Anonymous Coward | about a year ago | (#45155241)

at no time should we have any expectation of privacy in a SaaS or PaaS environment that is controlled by an american company.

Re:of greater concern than TFA (0)

Anonymous Coward | about a year ago | (#45155265)

at no time should we have any expectation of privacy in a SaaS or PaaS environment *period*.

At the order of a government agency? (1)

stevegee58 (1179505) | about a year ago | (#45154423)

It seems to me that most of these big, high visibility companies haven't bothered waiting for "orders" from anyone. They've been just rolling over like good little bitches and turning information over based merely on requests.

And.... (1)

roc97007 (608802) | about a year ago | (#45154443)

...absolutely no-one is surprised....

Wrong (2)

globalist (1332141) | about a year ago | (#45154467)

You're reverse-engineering it wrong.

control freaks? (-1, Troll)

phantomfive (622387) | about a year ago | (#45154481)

I don't understand why Apple puts so much effort into preventing people from using their devices in ways they didn't envision.

Re:control freaks? (0)

Anonymous Coward | about a year ago | (#45154607)

What does that have to do with the article at hand?

Really? (1)

Anonymous Coward | about a year ago | (#45154537)

Did these researchers offer any insight as to the religious tendencies of the pope or the defecatory habits of bears in woodland environments?

great! (1)

nblender (741424) | about a year ago | (#45154631)

Now we're closer to an imessage SMS gateway...

Makes sense from a security point of view?! (0)

Anonymous Coward | about a year ago | (#45154807)

The researchers found that while that basic framework makes sense from a security point of view

That basically contradicts everything else the summary says.

1) prior to the research, we didn't know how it works. Even if the system worked well, it wouldn't "make sense from a security point of view," because a security PoV requires that you make estimates about risk and trust. You can't ever trust something you don't understand. That's faith, not trust: two completely different things.

2) they determined that the keys are handled wrong. In other words, the system doesn't work well, and isn't even up to early 1990s standards, much less post-CALEA and post-9/11 standards.

"UPSHOT" (0)

Anonymous Coward | about a year ago | (#45154911)

The upshot of this...

That sounds like spin doctoring, to make the next half of the sentence sound positive:

...Apple has the ability to read users' messages if it so chooses.

Why would you call that an "Upshot" and not a "Downside" or "Drawback"? Up is usually cognitive, subliminal parlance for "good" or "progress", whereas "down" or "back/backwards" implies "bad" or "regression and setback".

Congratulations! Way to promulgate so much BS marketing newspeak and doublethink.

Re:"UPSHOT" (1)

Richy_T (111409) | about a year ago | (#45156351)

And yet it is a word that has a meaning that fits with the way it was used in the sentence. Funny that.

Re:"UPSHOT" (0)

Anonymous Coward | about a year ago | (#45160473)

I suspect the reason he used "upshot" is that he is actually a reasonably literate English speaker

The cold hard fact is the NSA reads them all (1)

WillAffleckUW (858324) | about a year ago | (#45155219)

One illegal unconstitutional agency to rule them all and in the darkness blind them.

Re:The cold hard fact is the NSA reads them all (1)

AHuxley (892839) | about a year ago | (#45158519)

Thanks to Snowden we now know the US brands are helpers too :)

iMessages are Business Records (0)

Anonymous Coward | about a year ago | (#45155227)

There is no expectation of privacy in Business Records, so there is absolutely nothing wrong with what they are doing.

Sincerely,

NSA

This is such a complete non-issue (0)

Anonymous Coward | about a year ago | (#45155307)

All iMessage clients are *Apple-provided, closed-source software*. Who cares if the encryption is secure or not? For all you know, the iMessage client on iOS has a backdoor that can be turned on to log all your chat and upload it directly to law enforcement servers.

So yes, their public-key infrastructure is handled in such a way that if Apple were a bad actor, they could hand you a different key and implement a man-in-the-middle attack to read everything you send. But they don't even need to do that. They can always read anything you type into their app on their phone anyway, REGARDLESS of the public key infrastructure.

Silly attempt to drum up attention by crackshot "researchers" who don't want to acknowledge that their potential-MITM attack is meaningless because only party who could actually be in the middle is the same party that wrote the software that you're trusting in the first place.

Still doing clear-text passwords! (0)

Anonymous Coward | about a year ago | (#45156777)

Apple is still sending passwords in clear-text. They can't seem to get it right.

Naive (0)

Anonymous Coward | about a year ago | (#45157089)

I think it would be pretty naive to assume that any provider of communication technology is not able to decrypt and read messages sent over it's network , unless it's encrypted using 3rd party tools (even then it's just a matter of cost). I don't think it's also reasonable to expect them not to be able to do that, unless they specify in the contract that they won't do that and it's a feature they are selling to convince people to use their technology (in this case it's reasonable to expect that they won't be able to decrypt it, but again, reality will probably be different)... The point is - if you don't want someone to be able to read information you send - don't send it... there is really no other way.

Oh no! (2)

rabtech (223758) | about a year ago | (#45157549)

Google can read your email!

Jabber servers can read your IMs! So can Yahoo! So can AOL!

Oh wait, this is Apple. Nevermind, carry on with the hysterics.

(FYI: No matter what scheme you devise, key management always gets you because if Apple doesn't have the keys, it makes iMessage much, much harder to use. If they do, then someone can snoop the messages. If you use a chain of trust, who ever sits at the top of the chain can be compromised. In an ideal world, people would learn about crypto keys and understand how to manage them, but you'd have to meet face to face to avoid mistaken identities).

Oh really thats not what I heard (1)

openthomas (2759671) | about a year ago | (#45157583)

everyone (0)

Anonymous Coward | about a year ago | (#45157847)

Everyone needs a religion and many people have made Apple just that. Unfortunately, you were worshiping the devil. But even now knowing that, you probably still won't give up your precious iPhone.

To add some more information about the protocol (4, Informative)

rabtech (223758) | about a year ago | (#45158479)

The system appears secure; hacking it requires injecting your own certificate into the trusted roots on the device.

Further, forging messages requires you compromise the private key which is only contained on the device (Apple doesn't know it). The public key is submitted to Apple's push CA which generates a certificate. The public part of your key is what other devices see when they get a copy of your certificate. So far, so good.

The issue is, of course, that Apple controls the CA so in theory if the government ordered them to issue a certificate in your name to the government, the gov could then monitor your communications or forge your identity.

Apple claims not to be able to read iMessages and that appears to be true, and as far as I'm aware not even the Patriot act requires them to issue forged certificates (aka allow the government to impersonate you digitally). So insofar as the law works and is followed, there is no legal authority to compel Apple to issue bunk certificates.

For the curious, when you send a message it contacts Apple and requests the list of public certs for a given URI (telephone number, email address, etc). Apple responds with a list of the public certs issued to each of your registered devices, which the client then uses to send messages encrypted with that public key to each, and also signed with your own private key. The receiver does a similar lookup and uses your public key to validate the signature (proving you sent the message and that it was sent from the correct device even), then uses its own private key to decrypt the message you encrypted with the public key.

I'm not sure how this could be improved. No matter what you do, someone has to be in charge of saying "The certificate for mobile number xxx-yyy-zzzz is ..." and that gives you a chain of trust problem. The alternative is requiring every iMessage user to meet face-to-face to exchange keys before sending any messages.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?