In light of the recent (and ongoing) reports that the National Security Agency is forcing or coercing tech companies into allowing access to users' data, Apple has repeatedly said that iMessage is immune to this, and that the company is unable to read your messages. Now security researchers have shown that's just not the case.
It should be mentioned first, though, that there's no evidence Apple has been reading your messages, and since they promote the service as private and confidential, it's in their best interest to keep it that way. After all, if it got out that Apple was peeping on your conversations, people would ditch iMessage in a hurry.
Still, Apple has insisted not only that it would never do such a thing, but because of iMessage's end-to-end encryption, it's not even possible. And it's true that this type of encryption, combining several cryptographic keys in a highly secure fashion, is the sort of thing even the NSA might find troublesome to crack.
The catch, according to security researchers at QuarksLab, is that a critical part of the security infrastructure — namely, the server that takes requests for encryption "keys" and issues them — is controlled by Apple. And it is possible for this server to send known keys instead of the random ones it usually does.
This diagram illustrates how a "man in the middle" attack would occur; hacker "Evil" would need access to several things that are difficult to acquire for him — but which Apple already has.
It's a version of the well-known "man in the middle" type attack, in which the attacker places himself between the sender and recipient. If the traffic goes through him, and he can break or bypass its encryption, he can read and modify the traffic's content to his heart's content without either side suspecting a thing.
So when Apple says it can't read your messages, it's like saying it doesn't have a key to your front door — but it does happen to run the locksmith. If they wanted to — or more likely, were compelled to by a government order — they could cut a key that would work just fine.
But would they? We know the NSA has pressured other secure services into installing a back door or decrypting certain communications on demand, and there's no reason to think they haven't shown up at Apple's doorstep asking for the same thing. Because such requests are top secret, the company wouldn't be able to tell us if that was happening.
Apple disputed the findings, issuing a statement to All Things D saying that iMessage was "not architected" to allow this, and that it would have to "re-engineer" the system to do so. NBC News contacted the company for further technical details, but an Apple representative only state they "don't have anything to add" to their existing comments.
If you trust Apple, you can carry on as before, knowing that your messages are safe from malicious hackers, and that Apple will almost certainly not look at your messages for any reason short of a court order. But if you don't trust Apple, you can "over-encrypt" your messages, essentially putting them in code yourself before giving them to iMessage to encode — like putting a lock on your lock.
The researchers also made an app for OS X called iMITMProtect, which will monitor iMessage cryptographic keys and alert you if one has been changed for no good reason; it's not available for download yet, but we'll update this story with a link when it is.
QuarksLab stressed that no foul play is evident, and that this appears to be merely a type of vulnerability that Apple decided to gloss over in their claim that they cannot read your messages. "The privacy of iMessage is good enough for the average user," they conclude, although if you are sending highly sensitive data, you might consider doing it face to face instead.
Via Ars Technica
Devin Coldewey is a contributing writer for NBC News Digital. His personal website is coldewey.cc.
First published October 18 2013, 2:04 PM