Apple responds to SMS issue with iMessage pitch
Last week, Pod2G uncovered a SMS flaw in iOS that lets someone send a spoofed SMS. In this scenario, the SMS would appear to be from a trusted source, but the response would actually be sent to someone else. Engadget reached out to Apple for comment and received a reply that pitches the advantages of iMessage.
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they're directed to an unknown website or address over SMS.
We talked with security expert Seth Bromberger, a principal at NCI Security, who provided a list of steps Apple could take to minimize SMS spoofing. Rather than push the benefits of iMessage, Apple should display the originating number as well as check that the sender's number and the recipient number match.
Subscribe to Newsletter
Software Updatesmore updates
- Dropbox adds support for TouchID
- YouTube for iOS gets updated with full support for iPhone 6 and 6 Plus
- iOS 8.0.1 update now available (Updated -- Don't update!)
- NFL Mobile updated for 2014 Season with new Fantasy Football features, NFL Now integration
- Yahoo Mail improves email inbox searching with new filtering options
- Ember for Mac gains 'hugely-requested' screen recording feature