If you happen to be an iPhone user or smartphone enthusiast in general, then the news which we brought you yesterday regarding a flaw in Apple’s iOS mobile operating system that allows text messages to be spoofed might’ve has caused you a little bit of concern. Regardless of what aspect of the system you are using, it is always a good idea to be vigilant with any incoming communications, especially those that may look like they are attempting to mislead or deceive with malicious intent.
If you missed it and have no idea what all of the fuss is about, French security researcher Pod2g yesterday published his findings relating to an SMS flaw that he found in iOS, presumably while looking for vulnerabilities that could be used for the production of a jailbreak. The system bug basically allows text messages to be spoofed and lets individuals send messages with an altered reply path in the hope of deceiving the recipient of the text message.
The reported bug in the system has apparently been there since the initial introduction of the iPhone, with Pod2g calling on Apple to fix it before the first public release of iOS 6. As you might imagine from a company who prides themselves on having one of the most secure mobile operating systems on the market, Apple was quick respond to Engadget’s questioning in relation to the findings, with a representative of the iPhone makers having this to say:
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they’re directed to an unknown website or address over SMS.
It seems to me that in response to the issue, Apple is officially saying that they are aware of the fiasco but intend to not do anything about it due to it being an actual issue with SMS protocols rather than their own firmware. Additionally, although they are effectively taking the opportunity to tell us that their own iMessage service is entirely secure, it’s a good suggestion to make use of Apple’s own messaging platform whenever possible.