One of the recent popular topics in the Internet is the legal battle between Apple versus the FBI regarding encryption. The US Justice Department is trying to force Apple into creating software that would allow FBI agents to get access to the iPhone used by one of the shooters during the San Bernardino attacks.
If you’re following the news, you’ll know that Apple isn’t giving in to these requests and instead, is insisting that such software backdoors would threaten the security of their customers.
While this is still an on-going issue, a group of researchers from Johns Hopkins University recently found a bug involving Apple’s iMessage platform. This security flaw allows a malicious and skilled attacker to decrypt all photos and videos sent as encrypted instant messages.
The research was led by Professor Michael Green, a computer scientist at Johns Hopkins University. It took several months but the team was finally able to intercept iMessages by writing software to mimic an Apple server. With that, they targeted and were successful in obtaining a photo stored within the Apple iCloud server as well as the 64-digit key required to decrypt the photo.
Professor Green and his team have notified Apple about the security flaw and the results of their tests. The company has quickly responded to the information and have thanked the research team for alerting them about the iMessage security flaw.
“Apple works hard to make our software more secure with every release,”…“We appreciate the team of researchers that identified this bug and brought it to our attention so we could patch the vulnerability … Security requires constant dedication and we’re grateful to have a community of developers and researchers who help us stay ahead.”
Apple will be releasing the following updates – iOS 9.3 and OS X 10.11.4 later today during the Apple live event to address and patch this security flaw. If you own an iOS device, make sure that you install the updates ASAP.
To learn more about this story, check out this article by The Washington Post.
What do you guys think about this recently revealed iMessage security flaw? Have you already upgraded to iOS 9.3 and/or OS X 10.11.4? Please share your thoughts by leaving a comment below.
[image source: flickr.com/photos/mattbuchanan]