After repeated complaints, Apple has finally decided to address the iPhone SMS security vulnerability, based on a recent report published by CNET News. Much to customers’ disillusionment, the IT giant is trying to blame the technology for the reported spoofing attacks.
The vulnerability of the iPhone SMS security has been dealt with on many occasions and yet, the company ignored all these discussions. This weekend, however, Apple released a message trying to provide an explanation for the spoofing attacks that bother iPhone users.
Hackers have taken a closer look at the iPhone SMS systems and concluded that iOS is not secure enough. According to them, text headers are wrongfully used by the iPhone program; thus, allowing ill-intentioned people to manipulate the “reply-to” number and take the identity of another iPhone user. The worst is yet to come: the majority of these persons pretend to be financial institutions so they can obtain information about people’s bank accounts.
Customers were all hoping Apple would find a method to reinforce its iOS system and prevent spoofing attacks from taking place in the future. Unfortunately, their message was rather disappointing because they suggested people to use iMessage instead of SMS in order to avoid similar attacks. In the end, they advised people to pay attention when sending messages to unknown persons, especially unknown websites and addresses.
Experts, on the other hand, claim there are several solutions that Apple could use to protect its customers. In their opinion, spoofing attacks are possible because the text header contains both the originating number of a text and the reply-to text. Should developers decide to make the two elements a little less visible, the data of the iPhone users would be better protected from hackers’ attacks.
Meanwhile, it is always better to prevent than to cure, so experts recommend people to be vigilant about text messages. Using SMS for banking should definitely be avoided until iOS becomes more secure.