Ironic Security Hole In iPhone Encryption Found By Researchers In Apple iMessage App
The bug in question is limited to Apple's iMessage platform and doesn't really have any bearing on the FBI's case. However, it's notable for all iPhone owners because until Apple patches the vulnerability, a determined attacker could theoretically intercept and decrypt photos and videos sent as secure messages.
"Even Apple, with all their skills — and they have terrific cryptographers — wasn’t able to quite get this right," Matthew D.Green, a computer science professor at Johns Hopkins University who led the team, told The Washington Post. "So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right."
Count Green among those who support Apple's position in not wanting to help the FBI by building what would essentially be a backdoor into the iPhone. As far as Green is concerned, forcing Apple to weaken its security doesn't make sense, especially when vulnerabilities in iOS that can exploited already exist.
Apple is aware of the bug in iMessage and appreciates that Green and his team brought it to the company's attention.
"Security requires constant dedication and we're grateful to have a community of developers and reseachers who help us stay ahead," Apple said.
Apple had addressed part of the vulnerability when it released iOS 9, but there are still ways that a savvy hacker could exploit the bug. If you're running an iOS device, look for an iOS 9.3 update sometime today that purports to fully patch the security hole.