Johns Hopkins University Researchers Find Flaw in Apple's iMessage
Ellie Froilan | | Mar 22, 2016 04:28 AM EDT |
(Photo : Reuters) Johns Hopkins University notified Apple about their findings on the vulnerability of iMessage from encryption.
A team of security researchers from Johns Hopkins University revealed that they have discovered a way to decode encrypted photos or videos sent using Apple’s iMessage.
Led by science expert Matthew Green, the team discovered a bug in the iPad and iPhone maker's encryption protocols which allowed skilled cyberattackers to compromise iMessage sessions and decrypt content which users believed were sent securely to participants in a conversation. The researchers have developed software which mimicked an Apple server, leading to the discovery of a 64-digit key to decrypt the image. They were able to keep guessing until they hit a combination of digits and letters that would let them download the photo.
Like Us on Facebook
The discovery comes after a broader national discussion about encryption on smartphones and iPhones in particular. The FBI is seeking help to recover data on a phone used by one of the perpetrators of the December 2015 shooting in San Bernardino, California.
iMessage has been an encrypted messaging protocol ever since it was created. When a user sends an iMessage, the device opens a secure connection with Apple’s servers. Messages are encrypted on the phone using a private key, sent to Apple’s servers, and delivered to the recipient. The recipient’s phone then decrypts the message. Meaning, Apple does not have the key to decrypt these messages.
Apple has been notified of the researcher's findings. The Cupertino-based tech giant also mentioned that it partially fixed the problem last fall when it released its iOS 9 and it will fully address the problem through security improvements in its latest operating system iOS 9.3.
“Apple works hard to make our software more secure with every release. We appreciate the team of researchers that identified this bug and brought it to our attention so we could patch the vulnerability. Security requires constant dedication and we’re grateful to have a community of developers and researchers who help us stay ahead,” the company said in a statement.
If these researchers can hack the Apple’s messaging app, it proves once again that encryption can never be perfect at all. There will always be security holes and hackers to find them, and big software makers like Apple will play catch-up to fix these holes. It is always recommended to download and install patches for various devices.
Tagsapple, iOS 9.3, iMessage, Johns Hopkins University, iMessage encryption
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?