Feeds

Apple accused over 'secure' iMessage encryption

Infosec wallah questions security of fruity chat service

Top 5 reasons to deploy VMware with Tegile

A security researcher has suggested that Apple's claim that its iMessage app is spook-proof and secure does not stand up to scrutiny.

Cyril Cattiaux, who works at the research firm QuarksLab, made his claims during a speech to the Hack in the Box conference, which were quoted by PC World – the tech news site, rather than the British retailer.

In a detailed blog post, Cattiaux said that the public key cryptography used by Apple in its iMessages made them vulnerable to snooping.

He said: "The weakness is in the key infrastructure, as it is controlled by Apple. They can change a key any time they want, thus read the content of our iMessages."

However, there is no suggestion that Apple wilfully misled its customers and it has not been accused of actually reading fanbois' iMessages.

In June, Apple released the following statement which discussed the security of iMessage:

Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.

Apple's iMessage is a text-messaging service which allows fanbois to send free messages over Wi-Fi. ®

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.