Researchers from Johns Hopkins University have recently announced that they have found a flaw in the iMessage encryption method, a fact that ultimately defeats the belief that Apple phones are unhackable. This allowed the team studying the issue to decode encrypted photos and videos that had been sent using Apple’s iMessage app.
The team of specialists that uncovered the flaw was led by science expert Matthew Green of Johns Hopkins University. They discovered a bug that exists within both the iPad and the iPhone encryption protocols which allowed them to view content being sent on Apple’s own message network that was supposed to be sent securely.
The method they applied to uncover the extents of this vulnerability was to make use of software they created in such a way that it would mimic an Apple server. When using this piece of software, they would ultimately be led to a 64-digit key that was required to decrypt the image. Even though 64 digits sounds like it’s a time-consuming process to uncover, it appears that it was doable and not in a horribly huge amount of time. Eventually, the suitable combination of digits and letters was discovered by a code generating machine, and the researchers were able to download the photo.
This discovery comes at a delicate time, to say the least, as American authorities and the Federal Bureau of Investigation are still seeking help in recovering data present on a phone used by one of the perpetrators of the San Bernardino shooting that took place in December 2015 in California.
Furthermore, this is a slight concern – to say the least – which Apple should be worrying itself with. Until now, the iMessage service was considered to be unbreakable and unhackable by outside factors. Because of the way it uses private keys to each encoded message, keys that are sent to Apple’s servers directly and upon which not even Apple has access to, anyone using iMessage was able to do this in a perfectly safe manner.
Or, at least so was believed.
If the researchers who performed the original experiment and study prove to be able to do it again and in a timely manner too – one that would prove that the first time around was not just a lucky shot – the chances are that Apple will have to thoroughly revise their previously believed to be unbreakable iMessage protocol. It appears that security can never be a guaranteed factor and that the tech giant may have to admit they have a few holes to plug still.
Image Source: 1