Apple says 'stick with iMessage' after SMS security hole exposed

Apple says 'stick with iMessage' after SMS security flaw exposed
Texting isn't safe, people.

Apple has issued a statement urging iPhone owners to use only iOS iMessage service after a SMS security flaw was uncovered within iOS.

Late last week a hacker discovered that it was possible to send texts to an iPhone and convince the device and the user that they were from someone else.

The spoofing attack manipulates the 'reply to' address within the header section of the SMS app so the number or contact the user thinks they are replying to could be something different altogether.

Now Apple, after themselves being urged to plug the hole, says iMessage is a safer option as it does what the mobile carriers do not and verifies the address from which the message is sent.

SMS limitations

"Apple takes security very seriously," the statement obtained by Engadget read. "When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks.

"One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they're directed to an unknown website or address over SMS."

Of course, there's one caveat to that. Although iMessage is completely free over Wi-Fi and 3G, it's only available for use between iOS and Mac OS X users.

So, if 50 per cent of your pals are on Android, you're vulnerable to a spoof calamity.

Via: AppleInsider

Chris Smith

A technology journalist, writer and videographer of many magazines and websites including T3, Gadget Magazine and TechRadar.com. He specializes in applications for smartphones, tablets and handheld devices, with bylines also at The Guardian, WIRED, Trusted Reviews and Wareable. Chris is also the podcast host for The Liverpool Way. As well as tech and football, Chris is a pop-punk fan and enjoys the art of wrasslin'.