iPhone Tested for SMS Vulnerability by Security Solutions Company

— August 27, 2012

Mobile network security solutions company AdaptiveMobile investigated claims of  iPhone SMS vulnerability which could allow scammers to “spoof” the sender of a text message, allowing them to pose as a known friend or contact in order to send out false and potentially dangerous SMS messages. After investigating, AdaptiveMobile argues that the source of the problem is the handset, not the network.

“Device manufacturers, like all members of the mobile ecosystem, should aim to take security seriously and ensure their devices comply with a wide range of standards and technical recommendations,” says Cathal McDaid, security consultant at AdaptiveMobile. “For SMS to remain a trusted, clean channel, companies need to be vigilant that their products both properly conform to standards and don’t inadvertently expose flaws that can compromise their customers.”

The activity was first revealed in “pod2g’s iOS blog” and it misuses an optional “reply address” field within the SMS protocol upper-layers. If misused, the iPhone SMS client displays a different address or phone number as the sending address from the actual originating address. This could be used to show recipients that text messages are from someone familiar, which the blogger explained could result in potentially-damaging manipulation, such as the creation of false evidence or the unintentional surrender of private information to phishing scammers. This, the blogger said, is cause to be suspicious of any SMS message received on an iOS device.

“We know conclusively that this is not a network problem because the 3GPP specification – which outlines how modern mobile phones  and networks operate today – discusses the  security implications of this field  in all phones and gives recommendations on how to avoid malicious use of this,” continues McDaid. “We have tested this issue on Android, Windows Mobile, BlackBerry and Symbian phones and most of them simply ignore the ‘reply address’ field or display both the ‘real’ originating address and the reply address as per the specification recommendations. The iPhone, so far, is the only device which does not comply with these security recommendations.”

Apple has responded to these claims, acknowledging the weakness without indicating a forthcoming remedy to the issue. According to AdaptiveMobile, Apple did suggest that users switch to using iMessage as their messaging solution, but did not offer a patch or solution to repair the breach in security itself.

“Historically, the ‘reply address’ field was introduced to allow users to reply to texts which were ‘broadcast’ from information agencies or marketing firms, for example. These broadcast systems may not be capable of receiving messages, so this system allows for more interaction,” continues McDaid. “However, while most handsets now ignore this quirk, with the remainder treating the field correctly, Apple has left a significant vulnerability in its handsets which could allow consumers to be fooled and hand over personal details to hackers and criminals. This reinforces the importance of handset manufacturers, operators and security providers collaborating and helping to keep SMS as a secure, reliable and trusted channel.”


comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

Current rating: 0 (0 ratings)



Must See


IoT 2020: How Inter-Connected Devices Will Impact the Enterprise

In realizing the vision of the IoT, we are in uncharted territory. It's happening so fast in so many separate pieces that managing and leveraging has escaped a majority of enterprises. This report provides a snapshot of the evolution of the IoT and examines what's to come to help you prepare for the impact—from the onslaught of technology and its unprecedented risk, to attaining the extraordinary value of innovative information.