Apple Statement Regarding SMS Spoofing Flaw

iOS is the most secure operating system among all the smartphones, we have already seen many malwares popping up the Android devices but none of such malware is found for iOS. The main reason behind this amazing security is the Apple’s closely followed security system and the helps of the developers which make the community alerted with even small security flaws get noticed by the eyes of developers.

Yesterday, we posted that main guy behind the Absinthe Jailbreak tool, Pod2g has discovered a security hole in iOS messaging app which can be used for spoofing. The problem is very simple; any user can change the “reply-to” number deceiving the users. So, this can be used for various purposes. Moreover, Pod2g also said that this security flaw is present since the release of 1st generation iPhone 2G. Well, Apple has responded to this news and one of Apple’s representative told Engadget that:

Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they’re directed to an unknown website or address over SMS.

So, from this statement, it is crystal clear that iMessage is much more secure as compared to the simple messaging app and the reason behind it is also very simple, because Apple itself verifies all addresses for iMessage. And the message “reply-to” is the responsibility of the network carrier. Moreover, this SMS exploit can be used in any Smartphone regardless of Manufacturer, OS and even the mobile carrier.

What to do in a situation like this? Avoid opening any links from the unknown sender via the messages app. This is will surely keep you away from such kind of malwares.  What do you want to say about Apple’s statement?

If you found this post useful, don't forget to click the +1 button =>

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Find us on Google+