Apple's response to iPhone SMS security loophole: 'Use iMessage'

Posted By TelecomTV One , 21 August 2012 | 1 Comments | 0 people rated this an average of 3/5

(0)
Tags: Apple sms iPhone iMessage

Claims iMessage safer than conventional messaging tools. By Jason Ankeny.

Apple has co-opted and inverted the conventional telco position - that carrier-delivered services are more reliable and secure than “best effort” OTT services - after a French hacker identified an iOS loophole enabling scammers to spoof identities with SMS.

Apple claims its iMessage service verifies addresses and SMS does not.

FierceMobileContent Apple's response to iPhone SMS security loophole: 'Use iMessage', TelecomTV content partner.

please sign in to rate this article

1 comments (Add Yours) - click here to sign in

(1) 21 August 2012 16:09:51 by Kevin Holley The original binary SMS will contain the original sender address and the reply-to address (the latter being in the User Data Header). The 3GPP specification 23.040, which explains the coding, calls for implementations to consider the security issues and advise the recipient that the reply-to address is different from the sender address. Of course iMessage verifies addresses, but SMS does too. The sender of an SMS from a handset cannot even insert their own address as it is picked up securely by the mobile network. The best way to handle this issue is for the receiving phone to include all the data. Has anyone looked at how other smartphones handle this type of SMS?

(1) 21 August 2012 16:09:51 by Kevin Holley

The original binary SMS will contain the original sender address and the reply-to address (the latter being in the User Data Header). The 3GPP specification 23.040, which explains the coding, calls for implementations to consider the security issues and advise the recipient that the reply-to address is different from the sender address. Of course iMessage verifies addresses, but SMS does too. The sender of an SMS from a handset cannot even insert their own address as it is picked up securely by the mobile network. The best way to handle this issue is for the receiving phone to include all the data. Has anyone looked at how other smartphones handle this type of SMS?

» TelecomTV One	» Latest Videos	» Viewing TelecomTV Now
» Search	» Latest Events	» Register
» Channels	» Tag Cloud	» Sign out
» Video Playlists	» NewsDesk	» Sign in

» Cerillion	» Microsoft
» Green Planet	» Qosmos
» HP	» TIA

Related Articles

Apple's response to iPhone SMS security loophole: 'Use iMessage'

1 comments (Add Yours) - click here to sign in