In between the news of access of private user data by NSA and PRISM, there comes one more news, which will make you to think twice before using the Apple’s iMessage service. Despite Apple’s claim that the company itself can’t decrypt the text messages sent between iMesssage users, Quarkslab (a penetration testing and reverse engineering security firm in Paris) challenged that company is lying.
According to the Cyril Cattiaux of Quarkslab, not only government and spying agencies violating the privacy, but also the company itself doing it. Moreover, he is the developer of iOS Jailbreak software. QuarksLab released the statement in a white paper presented Thursday at the Hack in the Box conference at Kuala Lampur, Malaysia. He also pointed that Apple can read any iMessage if they required to do so by government order.
The security firms explains the decryption process by comparing the door locking – the communication between iMessage users is heavily encrypted, but it’s like locking your house’s door and mailing a key to everyone in the phonebook, which is in the commonsense door is locked but the house is not secure.
Update: One of Apple spokeswoman, Trudy Muller said in a statement to All Things Digital:
“iMessage is not designed to allow Apple to read messages and the research of theoretical vulnerabilities upheld by Quarkslab would require Apple to completely re-engineer the iMessage system to exploit it, and the company has no plans and intentions to do so.”
Despite the statement by Apple, just think, what if the government orders the company to reveal the messages from any iMessage account?