Researchers allege that despite Apple's assertions to the contrary, it can actually eavesdrop on its users' iMessages.
Two researchers from QuarksLab claim in their blog, that although there is end-to-end encryption as Apple claims, because Apple controls the key infrastructure of its iMessaging service, it can change a key at any time and, therefore, read the content of its users' iMessages.
QuarksLab is a security company that offers services such as reverse engineering, malware analysis and penetration testing.
The researchers, identified only as Pod2g and GG, presented their findings at the Hack-in-the-Box security conference in Kuala Lumpur earlier in the month.
Apple's denial
Following the revelations of National Security Agency snooping earlier in the year, Apple released a statement in which it assured there are certain types of information it does not retain or supply to law enforcement or other groups.
"Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data. Similarly, we do not store data related to customers' location, Map searches or Siri requests in any identifiable form," the statement read.
Apple said it can provide some metadata, such as who sent a message to whom, on what date, and suchlike, but not the actual content of the message.
How they did it
The researchers noted that all communications to Apple's servers are made through a secure SSL tunnel, meaning the traffic is indeed encrypted. However, when they attempted to add a certificate to perform a man-in-the-middle attack, they discovered they could do so easily, meaning there is no certificate pinning.
Certificate pinning is the process by which a particular host is associated with a specific certificate. By doing this, should a browser or other client come across a certificate for a host that is not the one it is expecting, it can reject it and alert the user to the problem.
According to the researchers, this means anyone capable of adding a certificate and able to proxify the communications can get a user's AppleID and password and, therefore, be able to access their iCloud accounts and backups, or buy apps and suchlike.
Storm in a teacup?
The researchers say that if Apple made the key infrastructure more open and public, and encrypted messages with a key that it doesn't control, it would change all of this, and greatly enhance security. In the meantime, they say iMessage privacy is good enough for most users, and perhaps highly sensitive information shouldn't be sent via IM in any case.
Ian Farquhar, a security researcher, says although creating a protocol that is outside Apple's control isn't child's play, there is no technical reason why it can't be done. "They'd have had to use an outside certificate authority to issue the PKI keys, including the process of burning them into the processors, but it's technically doable."
He says though, there are two points to bear in mind. "Even if the protocol was designed entirely to prevent Apple's access, the implementation of it would still be written and entirely controlled by Apple, right down to the base hardware, as Apple designs its own processors.
"How could anyone be certain that Apple had not subverted the protocol in their implementation, either deliberately or accidentally? This is a classic information assurance challenge."
Information assurance is an issue that worries all cryptographers, not to mention the information and communications security agencies, adds Farquhar.
He stresses he is not saying Apple has in fact back-doored its hardware and software, merely that it is a possibility that should be considered when looking at iMessage security as a whole.
Any IM can do it
Simon Campbell-Young, MD of Phoenix Software, says from what he can gather, any IM company or brand would have access to the data being transferred across their server from one recipient to another for obvious security reasons.
"As far as I'm aware, all information that is transferred across the instant messenger's servers can be monitored by the company who hosts it to be able to track the chats according to the stipulated law. For example, should someone be conspiring to commit a crime or distributing sensitive information and authorities are notified, they can request the information from the IM company on the chats, along with the metadata revealing who the data was sent to, where it was sent from and the exact time it was sent.
"The fact that Apple has access to your messages does not necessarily mean they read the messages," he notes. "As they said in their statement, if they are subpoenaed by government or if a user is being investigated for a crime, Apple will then be able to provide the necessary information to the government, such as the metadata."
Market sensitivity
Farquhar asks if, in fact, Apple did have the ability to snoop on its users' messages, why would it make sense for the company?
"The reality is that many countries have laws, and others have practices, where a company which cannot provide access to telecommunications may find itself locked out of markets. An example of this is the RICA Act in SA, the US CALEA Act, and many others. These can cause issues - right up to denying market access - to telecommunications and equipment products which don't facilitate lawful interception."
He cited an example, in which BlackBerry caved in to the Indian government's demands for access to its consumer messaging services. The company issued this statement: "The lawful access capability now available to BlackBerry's carrier partners meets the standard required by the government of India for all consumer messaging services offered in the Indian marketplace. We also wish to underscore, once again, that this enablement of lawful access does not extend to BlackBerry Enterprise Server."
Apple is extremely sensitive to market access, and reasonably so, explains Farquhar. "Its business directly depends on selling iPhones."
He mentions the instance in which Apple implemented the Russian GLONASS standard - "Russian GPS" - because the Russian government imposed a 25% import tariff on any device which implemented GPS without implementing GLONASS as well.
"Consequently, Apple introduced GLONASS in the iPhone 4S. This was a non-trivial engineered investment, but they did it to avoid paying the tariff on imported iPhones into Russia. This demonstrates their sensitivity to market access."
This begs the question why Apple would implement a protocol which made iMessages impossible to intercept, if that could see their products banned from certain markets, he points out.
"Again, I need to be clear and state that I am not saying Apple is handing out iMessage traffic to any government which demanded it," concludes Farquhar. "What I am saying is that it wouldn't be in their interest not to at least have a theoretical capability to do so."
However, Apple is sticking to its guns, and denying any such vulnerability exists.
Following the researchers releasing their findings, Apple spokesperson Trudy Miller told the Washington Post that "iMessage is not architected to allow Apple to read messages". She said the research discussed "theoretical vulnerabilities" that would require the re-engineering of the iMessage system in order to exploit it - something the company insists it has no intention of doing.
Share