Apple’s surprising response to spoofing flaw

August 20, 2012

Apple responded this weekend to reports of a vulnerability in the SMS service of its iOS devices, a flaw which lets hackers spoof their identities via text and send you messages asking for private information.

In a statement sent to media outlets yesterday, Apple said it takes security very seriously, but it directs users to use Apple’s own service iMessage instead of texting. Apple said is able to verify addresses sent through iMessage, which protects against spoofing.

It’s a convenient statement by Apple, which no doubt would like to boost its own service over the more widespread SMS protocol service. But iMessage can only be used between people using an iPhone, iPad, or iPod touch with iOS 5.

In fairness to Apple, the spoofing of SMS is apparently a security risk inherent in texting technology, and can actually happen on any phone, not just iOS devices. It’s just that the hacker who demonstrated the spoof last week did so on iOS devices. In other words, maybe there’s nothing that Apple can do for now to prevent the SMS spoofing, but at least it can direct its users to the safer iMessage service.

Here’s Apple’s statement:

Copyright 2012, VentureBeat

Comments
Show Comments
Most Read Business