Posts
Apple appeared to take it on the actual chin this week, along reports coming out that the actual SMS messaging service within all versions of iOS (up to the actual latest iOS 6 beta, version 4) is susceptible to manipulation by brilliant attackers.
What does that mean for your typical, iPhone-toting user? In short, an attacker could edit the actual "reply to" variable found in the actual hidden header of a text message. as well as in doing so, users could be spoofed into thinking they've got an significant text from their bank or other service as well as reply along account details, only to send that information to a number that they never realized was the actual certain recipient.
So, what's been Apple's response to the actual news? Simple: Just don't use SMS texting.
"Apple takes security very seriously. during using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the actual limitations of SMS is that it allows messages to be sent along spoofed addresses to any phone, so we urge customers to be extremely shrewd if they're directed to an unknown website or address over SMS," wrote an Apple representative to Engadget's Tim Stevens.
Stevens goes on to note that there are a number of various services that permit attackers to spoof text messages across any carrier or device, so it's value considering whether you really think you should be tapping links or replying along critical account information as the actual result of a text.
Additionally, regarding the actual ability of messages sent across iOS to be spoofed, the actual issue hasn't been a widespread exploit over the actual past few years. There's no genuine want to raise a important amount of alarm above as well as beyond just remembering to safeguard your information during a text flies in that asks for it.
It's unclear what steps, if any, Apple plans to take within iOS itself in response to the actual (now more public) news.
Read more here
What does that mean for your typical, iPhone-toting user? In short, an attacker could edit the actual "reply to" variable found in the actual hidden header of a text message. as well as in doing so, users could be spoofed into thinking they've got an significant text from their bank or other service as well as reply along account details, only to send that information to a number that they never realized was the actual certain recipient.
So, what's been Apple's response to the actual news? Simple: Just don't use SMS texting.
"Apple takes security very seriously. during using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the actual limitations of SMS is that it allows messages to be sent along spoofed addresses to any phone, so we urge customers to be extremely shrewd if they're directed to an unknown website or address over SMS," wrote an Apple representative to Engadget's Tim Stevens.
Stevens goes on to note that there are a number of various services that permit attackers to spoof text messages across any carrier or device, so it's value considering whether you really think you should be tapping links or replying along critical account information as the actual result of a text.
Additionally, regarding the actual ability of messages sent across iOS to be spoofed, the actual issue hasn't been a widespread exploit over the actual past few years. There's no genuine want to raise a important amount of alarm above as well as beyond just remembering to safeguard your information during a text flies in that asks for it.
It's unclear what steps, if any, Apple plans to take within iOS itself in response to the actual (now more public) news.
Read more here
0 comments:
Post a Comment