I have no idea what this means! When I get a text, I just reply back. Anything else I have no idea what you guys are talking about.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone Security Issue Opens Door to SMS Spoofing
- Thread starter MacRumors
- Start date
- Sort by reaction score
This is rather ridiculous. If any of my friends asked me for my credit card # or social security # in a text message, I wouldn't even reply. Use common sense people.
What about all of those websites where you can send text messages, and you type in the number you want it to be from? It gets received and shows that number that you typed in. No level of security can prevent that from happening. The carriers need to crack down on these kind of web-based text messaging services - Apple should not be the fall guy for it.
Apple has done a stellar job at making their OS (iOS and OS X) safe, secure, and reliable. Could they do a better job? Sure - there is always room for improvement. Do they do a better job than competitors - my opinion is yes, they do.
What Apple cannot do though, is fix stupid.
What about all of those websites where you can send text messages, and you type in the number you want it to be from? It gets received and shows that number that you typed in. No level of security can prevent that from happening. The carriers need to crack down on these kind of web-based text messaging services - Apple should not be the fall guy for it.
Apple has done a stellar job at making their OS (iOS and OS X) safe, secure, and reliable. Could they do a better job? Sure - there is always room for improvement. Do they do a better job than competitors - my opinion is yes, they do.
What Apple cannot do though, is fix stupid.
No, messages via iMessage are not possible to spoof. (at least in any way that is known)
Nope.
But i'm not surprised it didn't come from someone legit.
Pod2g is quite legit in my book.
I'll have SMS turned on again when the phone company pays me for each text sent/received. In the mean time, messages seem unaffected by this, and they're free.
So let's write an article and tell everyone of the issue. Allowing them to find this back door. That's the problem with media. Nothing truly newsworthy for the gen. pop. So we tell them things that can only lead to bigger issues. Unreal... So tired of the media. If theyre not lieing to us they're making us scared.
I WOULD agree if phone companies payed me too, but it would be just "like" Apple in a way. Or phone companies can just drop the whole charging users and make it Free anyway.
I agree, in order to make something free you have to do your own "messaging and be restrictive" for the sake of compatability-ness.....
So, it either (a get an iPhone, and be in the APple universe only with messaging for free.
or (b live with yourself of SMS'ing with an iPhone over your mobile carrier to "anyone" with a non-IOS device. (and pay for it).....
Sadly, there is no "middle ground."
would you really believe such a thing from a jailbreaker?
Show some love for the jailbreak community. Most of us are upstanding citizens who merely want to enhance the quality of life with our iDevices.
I invite you to read the following article:
http://www.forbes.com/sites/andygre...k-private-data-less-often-than-approved-ones/
I'm not sure if this is the same thing but it reminds me of an attack that my friend was the victim of. Some time, months ago, three of his female friends and family members, all who had iPhones, started receiving inappropriately sexual text messages that appeared to come from him. It happened shortly after he texted them while on the bus, all around the same time. He doesn't have an iPhone, but he was using a prepaid flip phone, but the only ones who received any inappropriate texts were iPhone users. I never figured out how they did it.
No it does not happen with iMessage.
It is not actually a problem with the iPhone either. It is the nature of SMS in general and applies to the original sender field as well as the reply-to field on every phone in the world.
----------
Probably not a random attack and the iPhone was a coincidence. They sender would not require the reply-to field to do that. They could just spoof the sender field. It is a much better way to it because it would not matter what phone the receiver had.
Well said.
Kudos for the terrific Avatar
With the explosive growth of the smartphone sector, mobile security is an area that everyone needs to focus on.
With an already robust and well written OS, Apple's in a very good position to continue to increase the security of iOS.
Give me a destination and a source mobile number and I will happily send any SMS message you would like. You can do it too. Just go to spoofcard. The brand of phone is irrelevant.
Good job giving free hits to a crank.
----------
There is nothing apple can do to prevent SMS spoofing. It can be done at the source and the carriers will pass it as is. The best thing you can do to have some sender verification is use iMessage or BBM.
Good job giving free hits to a crank.
----------
Well said.
Kudos for the terrific Avatar
With the explosive growth of the smartphone sector, mobile security is an area that everyone needs to focus on.
With an already robust and well written OS, Apple's in a very good position to continue to increase the security of iOS.
There is nothing apple can do to prevent SMS spoofing. It can be done at the source and the carriers will pass it as is. The best thing you can do to have some sender verification is use iMessage or BBM.
Different sender and reply-to addresses have nothing to do with spoofing. It is simply a feature built-into email and, apparently, SMS.
----------
Don't tell Disney.Kudos for the terrific Avatar
Different sender and reply-to addresses have nothing to do with spoofing. It is simply a feature built-into email and, apparently, SMS.
----------
Don't tell Disney.
With any email client I can look at the header and see if the sender field matches the origin server. That information is not preserved in SMS. (Note: this is the actual sender field, not the reply-to field). SMS is easier to spoof than e-mail and much harder to unwind.
That's true, and a reason my company used to use BlackBerry's.
What I was referring to is the broader category of "security" as in keeping malware and other threats at bay. It's an inevitable problem going forward.
Surprised there is no "Steve would never let this happen" post yet... oh well I'm not complaining
Steve would never have let "Steve would never have let this happen" posts happen.
Last edited:
would you really believe such a thing from a jailbreaker?
Nope.
But i'm not surprised it didn't come from someone legit.
Totally. Because all jailbreakers are criminals.
A good number of them are looking for vulnerabilities such as this so that Apple and iOS users are aware of such flaws. If anything, they should be thanked. If it wasn't for the work of people like this no operating system would be secure.