Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

AIM Messages Sent to Unlocked iPhones Routed to Unintended Recipients

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,198
38,989


CrunchGear reports that developer Till Schadde has discovered a security flaw that allows AIM instant messages sent to certain unlocked and jailbroken iPhones to be misrouted to unintended recipients.
Till tested the service by sending an AIM from the OS X desktop using iChat to his iPhone. He then received a reply back from a random recipient. It is clear that this is a Push problem in the message addressing - each iPhone is assigned its own identifier and receives messages from a central server operated by Apple - although this may change.
Click to expand...
Schadde reports that AOL is investigating the issue, although he suggests that AOL says that the issue is not the result of anything happening in their systems. Initial indications are that the bug appears to be related to a hack being developed to skirt Apple's blocking of Push Notifications to unlocked iPhones, with the hack possibly somehow causing device identifiers to be mis-assigned through Apple's servers. It is not yet clear how widespread the problem is and to how many devices misrouted messages are being sent.

Article Link: AIM Messages Sent to Unlocked iPhones Routed to Unintended Recipients
 
Article Link
https://www.macrumors.com/2009/07/21/aim-messages-sent-to-unlocked-iphones-routed-to-unintended-recipients/
I would never sign up with at&t because of stuff like this. Im on tmobile with $6tzone plan and 30phone plan with my iphone 3g that i got for $200. haha
 
How long 'till people start demanding that Apple must fix thi problem that only seems to exist in jailbroken iPhones that are not supported. By Apple? My guess is about 5 seconds.

If you ask me, the jailbreakers should be held responsible for any prolems that exist in their hacked phones.
 
facepalm4e.jpg

That is all.
 
MacLover4491 said:
apple is gay. I would never sign up with at&t because of stuff like this. Im on tmobile with $6tzone plan and 30phone plan with my iphone 3g that i got for $200. haha
Click to expand...
Your name and what you said do not match. Besides its your fault for unlocking not Apples not Atts I love how people do something wrong and expect no consequence or someone else to fix it or take the blame.:apple:
 
haha I was victim of this. I am surprised that it took this long to garner attention. I was getting so many random messages on my unlocked and jb iphone that I turned off push noti's. It all started when I used the hack that was discussed here sometime ago. I've totally lost interest in push considering the detrimental effects it apparently has on battery life. In my view push is totally not worth it on our older iphones.
 
Right, so if you aren't using an unlocked iPhone then this isn't an issue...? It is only if you are using an unlocked iPhone that your messages can end up elsewhere?

Or this is screwing up everyone?
 
I want to know who suppose to pay for the txt messages that went to the wrong phone. 20cents/message hahaha ahhahah.... i would call at&t and give them hell.
 
Kilamite said:
Right, so if you aren't using an unlocked iPhone then this isn't an issue...? It is only if you are using an unlocked iPhone that your messages can end up elsewhere?

Or this is screwing up everyone?
Click to expand...

It seems to be that if the recipient of your message (no matter how you send it) is using an unlocked phone, your message may instead to go to one or more other people.
 
MacLover4491 said:
I would never sign up with at&t because of stuff like this.
Click to expand...

What does AT&T even have to do with this?

MacLover4491 said:
I want to know who suppose to pay for the txt messages that went to the wrong phone. 20cents/message hahaha ahhahah.... i would call at&t and give them hell.
Click to expand...

These aren't SMS messages that you pay 20 cents for, they are AIM messages that are free (using your data plan).
 
Evangelion said:
If you ask me, the jailbreakers should be held responsible for any prolems that exist in their hacked phones.
Click to expand...

EXACTLY what I was thinking. I can give a rats a$$ about the jailbroken iPhone problems as they're already breaking agreements with Apple & AT&T's Terms and Conditions.

My AIM on my non-jailbroken iPhone works just fine. That's like people illegally pirating software calling up and complaining to that company that their software doesn't work right. Rediculous.
 
MacLover4491 said:
I would never sign up with at&t because of stuff like this.
Click to expand...

This has nothing to do with AT&T.

Keep re-reading the article until it makes sense.

Kilamite said:
Right, so if you aren't using an unlocked iPhone then this isn't an issue...? It is only if you are using an unlocked iPhone that your messages can end up elsewhere?

Or this is screwing up everyone?
Click to expand...

Right, just jailbroken phones. They don't get push messages, so they made up a way to make it work. It seems that this made-up way sometimes identifies your phone incorectly to Apple's servers. Not AOL's fault. Not Apple's fault. Not a problem for non-jailbroken phone.

It's also not a problem for jailbroken phones who are just living without push, which seems to be the best solution for the jailbroken folks.
 
For crying out loud Apple, enable background processes and multitasking and you wouldn't have this issue!
 
I think this is hilarious!!! If Apple didn't try so hard to keep everyone from getting out from under their strict control, they wouldn't have so much of a problem. But, I'm sure, someone will flame this train of thought. Push, MMS, Tethering, AT&T only service provider, etc..
 
T-Will said:
For crying out loud Apple, enable background processes and multitasking and you wouldn't have this issue!
Click to expand...

Stop breaking Apples & AT&T's Terms and Conditions by jailbreaking your phones and you wont have these problems.

Problem Solved.
 
what happens if i send a aim and the recipient has a hacked phone? i probably don't know about that.

from the articel it's not clear to me who is affected and under what circumstances.

Small White Car said:
.........................................Right, just jailbroken phones. They don't get push messages, so they made up a way to make it work. It seems that this made-up way sometimes identifies your phone incorectly to Apple's servers. Not AOL's fault. Not Apple's fault. Not a problem for non-jailbroken phone.
...............................
Click to expand...


what if a jailbroken phone identifies itself as my phone? isn't that possible?
 
T-Will said:
For crying out loud Apple, enable background processes and multitasking and you wouldn't have this issue!
Click to expand...

But you'd have people whining that their phone batteries lasted less than a couple of days of standby instead.
 
The jailbreak workaround to activate push notifications is by copying the certificate of a working iPhone into the keychain database of a jailbroken iPhone.

Understandably you will receive the push notifications of the other phone. Apple probably relies on the crypto keys being unique for unique phones. Not much use having a secure channel for the notifications if people go handing out their private keys, huh..

[edit] btw, this workaround/hack of copying the certificates is only needed if you do a software SIM unlock. When using correct SIM, or using a normal unlocked iPhone, the phone will generate its own key pair.
 
Scooterman1 said:
If Apple didn't try so hard to keep everyone from getting out from under their strict control, they wouldn't have so much of a problem.
Click to expand...

Uhm, if they gave up control they would have MORE problems like this, not less.

I agree with the idea that Apple should open up a bit more, but the downside of that is more problems like this. Not fewer.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back