Yesterday we highlighted a report from an independent security researcher out of the UK who discovered a security flaw in Apple’s SMS app wherein a user can send a spoofed text message to someone else. In other words, a message sent from what appears to be a trusted friend could really have originated from a malicious source.
Engadget yesterday got in touch with Apple regarding the matter and elicited the following response.
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they’re directed to an unknown website or address over SMS.
So translation? Use iMessage folks!
Sat, Aug 18, 2012
News