Results 1 to 10 of 10
08-18-2012, 01:41 PM #1
Apple responds to the news of the exploit in SMS.
Earlier I broke the news that our friend and iOS hacker pod2g had uncovered a major security flaw in the way the iPhone handles SMS. The exploit basically allows anyone to specify a different “reply-to” phone number when sending you a text message. You can easily imagine various scenarios of how this could be used maliciously.
Today, Apple sent a statement that doesn’t necessarily makes me feel better about the exploit found, but which does insist on the fact that iMessage is more secure than standard text messages.
In a statement sent to Engadget, Apple explains:
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they’re directed to an unknown website or address over SMS.
1. iMessage is safer than SMS.
2. They are not going to do anything about this SMS exploit.
It seems to me that all Apple would have to do is enable the thing in other phones that tells you the original sending number and the reply-to number, but I'm not exactly an SMS expert.
08-18-2012, 01:43 PM #2
But can't you use the SMS exploit on basically any mobile phone?
08-18-2012, 01:47 PM #3
No, that's what I explained in the final paragraph, which consequently is the only one I wrote.
Originally Posted by ToxicJew
08-18-2012, 01:48 PM #4
I'm sorry. I didn't exactly know what you meant. They will catch a lot of flak for this if they don't do anything about it.
08-18-2012, 01:51 PM #5
It's fine, didn't mean to come off as rude. Apple is taking the approach of "Don't be stupid and it won't affect you."
08-18-2012, 01:52 PM #6
Yeah, but they don't take into consideration that people are stupid and will make a big shitfit out of it.
08-18-2012, 02:12 PM #7
So they are going to take care of this like how Activision takes care of wii, not doing anything.
08-18-2012, 02:13 PM #8
08-18-2012, 04:54 PM #9
So how does this SMS exploit would be used?
08-18-2012, 05:12 PM #10
There's another thread on it, TrueCrime, check this section. iOS News.
Tags for this Thread