MacRumors

macrumors bot
Original poster
Apr 12, 2001
54,202
16,024
https://www.macrumors.com/images/macrumorsthreadlogodarkd.png

CrunchGear reports that developer Till Schadde has discovered a security flaw that allows AIM instant messages sent to certain unlocked and jailbroken iPhones to be misrouted to unintended recipients.
Till tested the service by sending an AIM from the OS X desktop using iChat to his iPhone. He then received a reply back from a random recipient. It is clear that this is a Push problem in the message addressing - each iPhone is assigned its own identifier and receives messages from a central server operated by Apple - although this may change.
Schadde reports that AOL is investigating the issue, although he suggests that AOL says that the issue is not the result of anything happening in their systems. Initial indications are that the bug appears to be related to a hack being developed to skirt Apple's blocking of Push Notifications to unlocked iPhones, with the hack possibly somehow causing device identifiers to be mis-assigned through Apple's servers. It is not yet clear how widespread the problem is and to how many devices misrouted messages are being sent.

Article Link: AIM Messages Sent to Unlocked iPhones Routed to Unintended Recipients
 

MacLover4491

macrumors member
Apr 22, 2009
98
0
I would never sign up with at&t because of stuff like this. Im on tmobile with $6tzone plan and 30phone plan with my iphone 3g that i got for $200. haha
 
Comment

Evangelion

macrumors 68040
Jan 10, 2005
3,317
37
How long 'till people start demanding that Apple must fix thi problem that only seems to exist in jailbroken iPhones that are not supported. By Apple? My guess is about 5 seconds.

If you ask me, the jailbreakers should be held responsible for any prolems that exist in their hacked phones.
 
Comment

bigandy

macrumors G3
Apr 30, 2004
8,852
0
Murka
facepalm4e.jpg

That is all.
 
Comment

Airforcekid

macrumors 68000
Sep 29, 2008
1,648
521
United States of America
apple is gay. I would never sign up with at&t because of stuff like this. Im on tmobile with $6tzone plan and 30phone plan with my iphone 3g that i got for $200. haha
Your name and what you said do not match. Besides its your fault for unlocking not Apples not Atts I love how people do something wrong and expect no consequence or someone else to fix it or take the blame.:apple:
 
Comment

SolRayz

macrumors 6502a
Jul 5, 2007
686
0
Ft. Lauderdale
haha I was victim of this. I am surprised that it took this long to garner attention. I was getting so many random messages on my unlocked and jb iphone that I turned off push noti's. It all started when I used the hack that was discussed here sometime ago. I've totally lost interest in push considering the detrimental effects it apparently has on battery life. In my view push is totally not worth it on our older iphones.
 
Comment

kolax

macrumors G3
Mar 20, 2007
9,181
115
Right, so if you aren't using an unlocked iPhone then this isn't an issue...? It is only if you are using an unlocked iPhone that your messages can end up elsewhere?

Or this is screwing up everyone?
 
Comment

MacLover4491

macrumors member
Apr 22, 2009
98
0
I want to know who suppose to pay for the txt messages that went to the wrong phone. 20cents/message hahaha ahhahah.... i would call at&t and give them hell.
 
Comment

WildCowboy

Administrator/Editor
Staff member
Jan 20, 2005
17,717
1,810
Right, so if you aren't using an unlocked iPhone then this isn't an issue...? It is only if you are using an unlocked iPhone that your messages can end up elsewhere?

Or this is screwing up everyone?

It seems to be that if the recipient of your message (no matter how you send it) is using an unlocked phone, your message may instead to go to one or more other people.
 
Comment

admanimal

macrumors 68040
Apr 22, 2005
3,531
2
I would never sign up with at&t because of stuff like this.

What does AT&T even have to do with this?

I want to know who suppose to pay for the txt messages that went to the wrong phone. 20cents/message hahaha ahhahah.... i would call at&t and give them hell.

These aren't SMS messages that you pay 20 cents for, they are AIM messages that are free (using your data plan).
 
Comment

Blue Fox

macrumors 6502a
Apr 13, 2009
509
52
If you ask me, the jailbreakers should be held responsible for any prolems that exist in their hacked phones.

EXACTLY what I was thinking. I can give a rats a$$ about the jailbroken iPhone problems as they're already breaking agreements with Apple & AT&T's Terms and Conditions.

My AIM on my non-jailbroken iPhone works just fine. That's like people illegally pirating software calling up and complaining to that company that their software doesn't work right. Rediculous.
 
Comment

Small White Car

macrumors G4
Aug 29, 2006
10,938
1,273
Washington DC
I would never sign up with at&t because of stuff like this.

This has nothing to do with AT&T.

Keep re-reading the article until it makes sense.

Right, so if you aren't using an unlocked iPhone then this isn't an issue...? It is only if you are using an unlocked iPhone that your messages can end up elsewhere?

Or this is screwing up everyone?

Right, just jailbroken phones. They don't get push messages, so they made up a way to make it work. It seems that this made-up way sometimes identifies your phone incorectly to Apple's servers. Not AOL's fault. Not Apple's fault. Not a problem for non-jailbroken phone.

It's also not a problem for jailbroken phones who are just living without push, which seems to be the best solution for the jailbroken folks.
 
Comment

T-Will

macrumors 65816
Sep 8, 2008
1,029
409
For crying out loud Apple, enable background processes and multitasking and you wouldn't have this issue!
 
Comment

Scooterman1

macrumors 6502a
May 15, 2008
939
12
Houston, Tx
I think this is hilarious!!! If Apple didn't try so hard to keep everyone from getting out from under their strict control, they wouldn't have so much of a problem. But, I'm sure, someone will flame this train of thought. Push, MMS, Tethering, AT&T only service provider, etc..
 
Comment

Blue Fox

macrumors 6502a
Apr 13, 2009
509
52
For crying out loud Apple, enable background processes and multitasking and you wouldn't have this issue!

Stop breaking Apples & AT&T's Terms and Conditions by jailbreaking your phones and you wont have these problems.

Problem Solved.
 
Comment

andiwm2003

macrumors 601
Mar 29, 2004
4,362
420
Boston, MA
what happens if i send a aim and the recipient has a hacked phone? i probably don't know about that.

from the articel it's not clear to me who is affected and under what circumstances.

.........................................Right, just jailbroken phones. They don't get push messages, so they made up a way to make it work. It seems that this made-up way sometimes identifies your phone incorectly to Apple's servers. Not AOL's fault. Not Apple's fault. Not a problem for non-jailbroken phone.
...............................


what if a jailbroken phone identifies itself as my phone? isn't that possible?
 
Comment

Krafty

macrumors 601
Dec 31, 2007
4,430
285
La La Land
It's also not a problem for jailbroken phones who are just living without push, which seems to be the best solution for the jailbroken folks.
Word, I don't need it anyways.
 
Comment

Eraserhead

macrumors G4
Nov 3, 2005
10,433
12,251
UK
For crying out loud Apple, enable background processes and multitasking and you wouldn't have this issue!

But you'd have people whining that their phone batteries lasted less than a couple of days of standby instead.
 
Comment

Henk Poley

macrumors 6502
Sep 22, 2008
336
111
The jailbreak workaround to activate push notifications is by copying the certificate of a working iPhone into the keychain database of a jailbroken iPhone.

Understandably you will receive the push notifications of the other phone. Apple probably relies on the crypto keys being unique for unique phones. Not much use having a secure channel for the notifications if people go handing out their private keys, huh..

[edit] btw, this workaround/hack of copying the certificates is only needed if you do a software SIM unlock. When using correct SIM, or using a normal unlocked iPhone, the phone will generate its own key pair.
 
Comment

Small White Car

macrumors G4
Aug 29, 2006
10,938
1,273
Washington DC
If Apple didn't try so hard to keep everyone from getting out from under their strict control, they wouldn't have so much of a problem.

Uhm, if they gave up control they would have MORE problems like this, not less.

I agree with the idea that Apple should open up a bit more, but the downside of that is more problems like this. Not fewer.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.