Report: iOS 9.3 Fixes iMessage Encryption Bug

...

If you needed a reason to upgrade to a more current version of iOS, here's one: a group of Johns Hopkins University researchers found a bug that allows an attacker to decrypt photos and videos sent via iMessage on older versions of iOS.

Apple devices running a version of iOS 8 or earlier are most at risk. Apple partially patched the problem with last year's release of iOS 9, a modified exploit could be developed for more up-to-date gadgets. So upgrading to iOS 9.3 when it arrives is a must.

As reported by The Washington Post, researchers wrote software to mimic an Apple server, intercepted files, then "brute forced" their way past an encrypted 64-bit key to nab photos and videos sent via iMessage.

"Apple works hard to make our software more secure with every release. We appreciate the team of researchers that identified this bug and brought it to our attention so we could patch the vulnerability," Apple said in a statement. "Security improvements in iOS 9.0 blocked external attackers from performing the message intercept necessary to perform the attack identified in this report. Further targeted protections have been added in the beta version of iOS 9.3 and will be included in the public release for all users. Security requires constant dedication and we're grateful to have a community of developers and researchers who help us stay ahead."

Apple is expected to release iOS 9.3 at its "Loop You In" event this afternoon. Green urged all iDevice owners to update to iOS 9.3 as soon as possible.

According to the Post, this bug likely would not have been much help to the FBI in its bid to unlock the phone of the San Bernardino shooter. For one thing, Green's team was "focused on intercepting data in transit between devices," the newspaper said, while the feds want to crack a physical phone. But the main point they want to drive home is that cracking Apple's encryption is not impossible.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    O'Reilly: Patrolling the Dark Net

    Download In this O'Reilly report, authors Greg Fell and Mike Barlow explore both the benign and malevolent activities of the dark net, and the dark web, to explain:- The surprising origin of the dark net- How criminals use the dark net to steal and store vital information- How you can patrol this not-so-secret domain to detect and thwart intruders
  • 5300c769af79e

    Report: Galaxy Note 6 Will Feature USB Type-C

    According to the latest exclusive from SamMobile, the Galaxy Note 6 from Samsung will in fact feature USB Type-C — no ifs, ands, or buts about it.It was previously reported from the Wall Street Journal that the Galaxy S7 would feature a Type-C port, but as you can see, that did not happen.
  • 5300c769af79e

    Watch LeEco's Entrance Into the US Market This Morning at 10AM Pacific

    This morning, LeEco, formerly known as LeTV, is bringing its brand to the US.To do so, the company will be showcasing its strategy for a worldwide connected ecosystem, complete with connected devices, cars, TVs, and even bikes.
  • 5300c769af79e

    Nylas Aims To Prevent IT Pros From Giving Up On Email

    There may be better ways to manage projects than email triage, but email isn't past saving.It also offers Nylas Cloud, a set of APIs for integrating apps with existing email providers and account data.