Never miss an update Follow AppleInsider
Friday, August 17, 2012, 11:28 am
Hacker discovers iPhone SMS spoofing issue, asks Apple to fix for iOS 6
An independent security researcher in the UK has publicized an iPhone SMS spoofing issue that he hopes Apple will address in iOS 6.According to a blog posting by "pod2g" the way iOS handles SMS messages supports transmission of optional, advanced features in the SMS specification's User Data Header, including a "reply to" address.
Not all phones support these features, and "most carriers don't check this part of the message, which means one can write whatever he wants in this section," the hacker writes. This would apparently limit the audience of SMS spoofing largely to iPhone users.
Because the iPhone only displays the "reply to" address of incoming SMS messages, there's no way for users to verify the identity of the depicted sender, or to determine if it has been sent from someone other than the displayed phone number (unless the message is delivered via Apple's iMessage, which is both encrypted and unaffected by the SMS flaw because it is not an SMS).
In describing the SMS issue, Pod2g says "I consider [the flaw] to be severe, while it does not involve code execution."
A malicious user could send "spoofed" SMS messages that appear to come from another source (which is routinely done with email spam, as the standard email specification does not authenticate parties in header data either), falsely appearing to come from a friend or trusted source (such as a bank) for example.
The hacker asks Apple to address this issue before releasing iOS 6, noting that this behavior is still present in the latest, fourth developer beta of iOS 6.
On Topic: iPhone
- Leaked schematics reveal what case makers expect Apple's low-cost iPhone & 'iPhone 5S' will look like
- High resolution images claim to show 'iPhone 5S' and iPhone 5 display assemblies side-by-side
- Briefly: Sprint LTE service expands to 22 more areas
- Inside iOS 7: Apple's Weather app gets animated
- Case intended for Apple's low-cost iPhone shows thicker, rounded design
Previous Comments View All
I would not say this is severe at all. So what if they send a text saying "I'm your bank, send me your pin" because the reply isn't going to them. You always know who your replying to... Seems like an issue the carriers need to verify if they really don't want someone to specify another reply-to address, iOS seems to be behaving according to the standard.
SMS spoofing is an issue that predates iPhone, and there's really nothing Apple can do about it since it is caused by exactly the same constraints that allow E-mail spoofing: trusting all relays between the sender and the receiver. Without cryptographic public-key signatures, which are unfeasible in the case of SMSes due to their short maximum size, there is no way for the receiver to authenticate the sender.
I would not say this is severe at all. So what if they send a text saying "I'm your bank, send me your pin" because the reply isn't going to them. You always know who your replying to... Seems like an issue the carriers need to verify if they really don't want someone to specify another reply-to address, iOS seems to be behaving according to the standard.
Of course. But reality doesn't get as many headlines as "Major new security flaw affects only iPhones".
2 jailbreak apps already let you spoof text messages. SpoofTexting and SpoofCard both in Cydia.
Of course. But reality doesn't get as many headlines as "Major new security flaw affects only iPhones".
Exactly.
So what if they send a text saying "I'm your bank, send me your pin" because the reply isn't going to them. You always know who your replying to...
Exactly! This is NOT a security issue at all.
SMS spoofing is an issue that predates iPhone, and there's really nothing Apple can do about it since it is caused by exactly the same constraints that allow E-mail spoofing: trusting all relays between the sender and the receiver. Without cryptographic public-key signatures, which are unfeasible in the case of SMSes due to their short maximum size, there is no way for the receiver to authenticate the sender.
Apple could indicate when the sender is authenticated (e.g., show a little lock icon or something when it's able to use iMessage to send the message). But it already uses a different color, so maybe that's just an education issue. Still, it might be a worthwhile marketing issue to make the security of iMessage more obvious.
Probably shouldn't click on links in a SMS even though I don't think you can hide the URI in a txt the way you can in an HTML email.
Good to know that they can be spoofed though.
If one was living some secret incognito lifestyle, it could be a concern that an enemy might try to trick you to going to a certain location at a certain time, but that doesn't seem like a widespread security issue.
Besides, what legitimate bank (or any other business) is going to TEXT message you for sensitive information? Really? Oh..I suppose next you're going to tell me I shouldn't shove my hand into a spinning fan!
Latest Apple Headlines
-
Apple patent chief departs amid major ongoing IP lawsuits
~59 minutes ago -
Apple TV update adds HBO Go, WatchESPN & more channels
~2 hours ago -
Leaked schematics reveal what case makers expect Apple's low-cost iPhone & 'iPhone 5S' will look like
~3 hours ago -
Apple wins $30 million iPad contract from LA school district
~4 hours ago -
Inside iOS 7: iBeacons enhance apps' location awareness via Bluetooth LE
~6 hours ago - more...
Want to write for AppleInsider? Submit your application now!
| Model | White | Black | |
|---|---|---|---|
| iPad mini (WiFi only) | |||
| 16GB WiFi |  |
$329.00 | $329.00 |
| 32GB WiFi | |
$429.00 | $429.00 |
| 64GB WiFi | |
$529.00 | $529.00 |
| iPad mini (WiFi + 4G) | |||
 |
 |
 |
|
| 16GB 4G White | $459.00 | $459.00 | $459.00 |
| 32GB 4G White | $559.00 | $539.99 | $559.00 |
| 64GB 4G White | $659.00 | $659.00 | $629.99 |
| 16GB 4G Black | $459.00 | $459.00 | $459.00 |
| 32GB 4G Black | $559.00 | $539.99 | $539.99 |
| 64GB 4G Black | $659.00 | $659.00 | $629.99 |
Lowest Prices Anywhere!
| Model | Price | You Save |
|---|---|---|
| 11"1.3GHz/4GB/128GB | $964.18* | $34.82 |
| 11" 1.3GHz/8GB/128GB | $1,061.18* | $37.82 |
| 11" 1.3GHz/8GB/256GB | $1,255.18* | $43.82 |
| 11"1.7GHz/8GB/128GB | $1,206.68* | $42.32 |
| 11"1.7GHz/8GB/256GB | $1,400.68* | $48.32 |
| 11" 1.7GHz/8GB/512GB | $1,691.68* | $57.32 |
| 13" 1.3GHz/4GB/128GB | $1,061.18* | $37.82 |
| 13" 1.3GHz/4GB/256GB | $1,255.18* | $43.82 |
| 13" 1.3GHz/8GB/256GB | $1,352.18* | $46.82 |
| 13" 1.3GHz/8GB/512GB | $1,643.18* | $46.82 |
| 13" 1.7GHz/8GB/256GB | $1,497.00* | $52.00 |
| 13" 1.7GHz/8GB/512GB | $1,788.68* | $60.32 |
* price with Promo Code:
APPLEINSIDER01
|
||
| Click for even more configurations | ||
Another hacker getting fame exploiting the media's love of Apple for getting page hits.
If his interest was just in seeing it fixed he would have quietly told Apple.