Apple responds to SMS issue with iMessage pitch
Last week, Pod2G uncovered a SMS flaw in iOS that lets someone send a spoofed SMS. In this scenario, the SMS would appear to be from a trusted source, but the response would actually be sent to someone else. Engadget reached out to Apple for comment and received a reply that pitches the advantages of iMessage.
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they're directed to an unknown website or address over SMS.
We talked with security expert Seth Bromberger, a principal at NCI Security, who provided a list of steps Apple could take to minimize SMS spoofing. Rather than push the benefits of iMessage, Apple should display the originating number as well as check that the sender's number and the recipient number match.
Subscribe to Newsletter
Software Updatesmore updates
- Apple Remote Desktop updated with Yosemite support
- OS X Yosemite 10.10.2, iOS 8.1.3 updates now available
- Sports Illustrated 120 SPORTS channel comes to Apple TV
- Logic Pro X update brings AirDrop support, new effects, tools, and more
- Parallels Access 2.5 released, adds file manager, computer-to-computer remote access
- The Google Translate iOS app is about to get a lot smarter