[an error occurred while processing the directive]
RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Apple iMessage

Product
Developers: Apple
Branches: Internet services

Content

Main article: Messengers (Instant Messenger, IM)

2020: The vulnerability connected with a binding to the phone number

New York The class action against the companies Apple and T-Mobile for vulnerability in iMessage was submitted to district court of the Southern federal district and FaceTime. It became known on July 7, 2020. The problem was that long time Apple services became attached to numbers mobile phones therefore at reuse data of the subscriber number were available to strangers.

iMessage

According to the statement of claim, vulnerability was detected in iMessage in 2011. Then information that stolen iPhones received messages in iMessage addressed to these owners began to appear. The problem remained, despite all measures undertaken by owners – change of number of an account and Apple ID and remote cleaning of iPhone of contents using tools of security iCloud.

According to claimants, the problem was in how Apple processed identifiers of devices – the protocol providing delivery of messages in iMessage to the necessary users.

File:Aquote1.png
Speaking specifically when the user of iPhone ceased to use the SIM card, and the telecom operator like T-Mobile reused the phone number connected with this SIM card, the previous owner connected with this number SIM cards still received in iMessage and FaceTime on the iPhone the messages intending to the new owner of this number, said in the statement of claim.
File:Aquote2.png

How widespread was a problem, it is unknown. The version of IOS 12 released in 2018 eliminated vulnerability as began to request two-factor authentication for certain services iCloud.

Claimants demand compensation of legal costs and the damage caused as a result of the misleading actions from Apple and T-Mobile, false advertizing, intended false representation and unfair enrichment[1]

2016: Data storage of users of iMessage

Apple positions the iMessage messenger as a confidential method of communication with friends and colleagues, however the application is not so private as users believe. The company not only stores information with whom and when users communicate, but also can transfer these data on a request of police.

According to the document which was in the fall of 2016 at disposal of the edition The Intercept, Apple writes the phone numbers entered by the owner iPhone, time and date and also the IP address which can be used for position fix of the user. Every time when the user enters the phone number, the application sends a request for the server of Apple with the purpose to check whether the message recipient has an account in service. At this moment the company has an opportunity to see whom the user tries to contact, regardless of that, the receiver has an account or not. Moreover, Apple can provide this information to law enforcement agencies on the basis of the corresponding order [2].

"In the presence of the order we provide to law enforcement agencies the information required if it is available at our disposal. As in iMessage end-to-end enciphering is implemented, we have no access to contents of messages. In certain cases we can provide data of magazines of the server which are generated when the user starts certain applications on the device", - commented in Apple.

You watch also (messengers)




The systems of instant messages with users of the website


Local



Notes