- Student says they were expelled for tricking teacher into making inappropriate TikTok 4 Years Ago
- Space Force uniforms relentlessly mocked, memed Today 10:52 AM
- Man flamed after admitting he called police on Target employee over a toothbrush Today 9:10 AM
- Netflix’s ‘Vivir Dos Veces’ searches for a last chance at first love Today 8:00 AM
- Camila Cabello must do more about her racist history Today 6:00 AM
- Instagram and Facebook are reportedly blocking queer ads Friday 8:58 PM
- Review: Tyler Perry’s ‘A Fall From Grace’ is both nonsensical and utterly predictable Friday 6:48 PM
- Is Hulu censoring the Iran episode of Anthony Bourdain’s ‘Parts Unknown’? Friday 6:05 PM
- Trump admin celebrates Michelle Obama’s birthday by proposing rollback of her signature initiative Friday 4:01 PM
- TSA apologizes after agent grabs indigenous woman’s braids, says ‘giddyup’ Friday 3:28 PM
- Blue Bell ice cream licker pleads guilty Friday 2:54 PM
- 7 fortune-telling sites for when you’re bored Friday 2:21 PM
- Governor bans sex puns on free condom wrappers Friday 2:16 PM
- Is Justin Bieber’s ‘Yummy’ video secretly about Pizzagate? Friday 1:01 PM
- Woah Vicky rips out her hair in botched cultural appropriation attempt Friday 12:30 PM
Flaw in Apple’s iMessage encryption puts your photos, videos at risk
Encryption researchers at Johns Hopkins say they found a flaw in Apple’s iMessage encryption.
That’s the bad news. The good news is, Apple’s latest version of their operating system, iOS 9.3, which will be released today, patches the bug.
The team of John Hopkins researchers notified Apple of the flaw on Nov. 13, 2015, lead researcher Matthew Green told the Daily Dot via email. “Given the number of devices they support,” said Green, “[the patch] was fairly quick.”
“The fix was somewhat involved and affected more than just iMessage, so it took them some time to work out and test,” co-researcher Ian Miers told the Daily Dot via email.
Miers did not have a list of other Apple services effected by the security flaw, but he noted that the encryption protocol for iMessage is used several other places within Apple’s operating system. Miers said Apple wouldn’t comment on what other applications were effected.
Encryption is a mathematical algorithm that scrambles the contents of computer data so that only someone with the correct key can decrypt and read it. It is use to protect banking transactions, instant messages, Web searches, and in many other areas of technology and the Internet.
“Apple works hard to make our software more secure with every release,” Apple said in a statement to the Washington Post, which first reported the researchers’ findings. “We appreciate the team of researchers that identified this bug and brought it to our attention so we could patch the vulnerability. … Security requires constant dedication and we’re grateful to have a community of developers and researchers who help us stay ahead.”
In a statement to the Post, Green invoked the current high-stakes legal battle between Apple and the Federal Bureau of Investigation, which obtained a court order compelling Apple to create specialized software to bypass security measures on the iPhone of San Bernardino shooter Syed Farook.
“Even Apple, with all their skills—and they have terrific cryptographers—wasn’t able to quite get this right,” Green told the Post. “So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.”
Apple, civil-society groups, and the academic encryption community fear that compelling a software company to introduce a “backdoor” into their encryption or to write and develop software that would circumvent security features on the phone undermines the security and privacy of all iPhone users and could set a dangerous legal precedent.
Apple is fighting the court order on the grounds that it relies on a law, the All Writs Act, that does not give the government the authority to require it to write custom software and violates the company’s rights.
The FBI and the Justice Department originally contended the motion only concerns one phone, but judges from different states have said they would use a victory in order to unlock other iPhone’s currently in the court’s possession.
Green said there may be a bug in Apple’s encryption after reading technical details of the encryption process as described in the Apple security guide.
Apple and the FBI will appear in court to argue the iPhone order on Tuesday, March 22.
Once named one of Forbes’ 20 Under 20 and hired as a staff writer for the Daily Dot when he was still a senior in high school, William Turton is a rising tech reporter focusing on information security, hacking culture, and politics. Since leaving the Daily Dot in April 2016, his work has appeared on Gizmodo, the Outline, and Vice News Tonight on HBO.