• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Beware of iMessage On Stolen iDevices

    iMessage is a messaging platform that is unique to iOS.

    iMessage is a new feature that came out with iOS 5 that allows all iDevices to be connected via a text messaging network as long as your connected to an internet connection. With iMessage, all of your devices are linked under one Apple ID and that means that every device linked to that ID can see what's being sent to you if you're using iMessage. This of course, has some security risks on its own, but there's an even worse thing to be aware of. The good news is, it doesn't affect the iPhone's text messaging. This only affects iOS iMessage.

    Using iCloud, you have the ability to remote wipe a stolen iDevice. This means that from a remote location, you can erase the data that's stored on the iDevice that was stolen. Unfortunately, that's all it does. It erases the data. It doesn't delete any settings or configurations and it doesn't remove your Apple ID. This means that your iMessage network continues to include your stolen iDevice. Do you see where I'm going with this now? Yes. A thief will be able to read every incoming and outgoing message that you send associated with the Apple ID of the stolen iMessage device. Pretty scary huh?

    Ars Technica is the Web Site that found and reported on this issue and they asked iOS security expert, Jonathan Zdziarski, why this problem existed. Of course, Apple kept their mouth shut about it, but Jonathan Zdziarski had this to say:
    Quote Originally Posted by Jonathan Zdziarski
    I can only speculate, but I can see this being plausible. Message registers with the subscriber's phone number from the SIM, so let's say you restore the phone, it will still read the phone number from the SIM. I suppose if you change the SIM out after the phone has been configured, the old number might be cached somewhere either on the phone or on Apple's servers with the UDID of the phone.
    The only viable solution to keeping your iMessages secretive to yourself after a stolen iDevice has been the case, is to make a brand new Apple ID and register your iDevice under that new Apple ID. This means that your iMessages will now be sent to the new Apple ID. This or course comes with some prerequisites, for example, you won't be able to use the applications that you installed on the old Apple ID; another being that anyone iMessaging your old Apple ID will continue to go to the thief until you let them know that you made a new Apple ID.

    This problem is of course a massive bug in the way that Apple's iMessage system works. We hope that Apple will respond to Ars Technica's request and fix the issue in a new iOS release that will have a new way of keeping iDevices in touch with each other. One way that I see this as being a viable option is to add a setting cell under iMessage in the Settings application with a master password and having the option to manually add or remove iDevices from the list. This would of course require that before you could add or remove a device that you would have to prove you were the owner by knowing the master password and on top of that, you would have the ability to remove a stolen device until you retrieve it to keep your privacy a number one concern. I can't wait to see how Apple personally answers to this problem and I hope that they come up with a conservative solution for it.

    What are your thoughts about thieves being able to read every incoming and outgoing iMessage sent on your stolen iDevice? Share your thoughts in the comments below and keep it clean please.

    Sources: Ars Technica
    This article was originally published in forum thread: Beware of iMessage On Stolen iDevices started by Anthony Bouchard View original post
    Comments 37 Comments
    1. Jastra's Avatar
      Jastra -
      Quote Originally Posted by scroogelives View Post
      I have a issue where my iPhone 4 won't accept my girl friends iPhone 3GS or my mums iPhone 3GS as iMessage yet others like my boss is accepted makes no difference where any one is just seems to no work!
      They all have to be on ios5 and the number has to be stored as an iPhone under contacts... Not mobile or home.
    1. A3gOwner's Avatar
      A3gOwner -
      Quote Originally Posted by Jastra View Post
      They all have to be on ios5 and the number has to be stored as an iPhone under contacts... Not mobile or home.
      Sorry but the number can be listed as mobile or home or whatever. It does not matter like I said before it has less to do with your phone number than most want to realize.
    1. Tashawn's Avatar
      Tashawn -
      I don't use it anyways.
    1. Raahem's Avatar
      Raahem -
      You could do separate "Receive at" email addresses for your devices

      ie: my iPhone receives at my mobile number, and my hotmail
      my iPad receives at my iCloud email
    1. CCNPJediHacker's Avatar
      CCNPJediHacker -
      Quote Originally Posted by mickspecial View Post
      Good idea, i put my sim in my mates phone to try some things and he was getting my messages, until i turned i message off. iOS 5 is rubbish. Hence returning to 4.3
      Overreaction much?
    1. s0ulp1xel's Avatar
      s0ulp1xel -
      Quote Originally Posted by diemer View Post
      The article mentions not being able to use the applications associated with your old apple id, but that's not true. I have my phone using a different apple id than my appstore apple id (so that my wife's iPad and my phone can share apps, but be able to iMessage eachother). You just simply sign into the app store with that old ID.
      Same here I have a store account and a iCloud account with two DIFFERENT emails.
    1. FonKaizoku's Avatar
      FonKaizoku -
      You can just remote lock it.....
      Then you don't need to remote wipe it in the first place....
      Am I missing something?
      And only idiots don't have a passcode on their iDevice in the first place...
    1. muntaha's Avatar
      muntaha -
      Solution is Simple. Jaikbreak your iDevice. When it gets stolen, Remote Wipe it. when u remote wipe a Jailbroken iDevice, it will never boot up and will get stuck on the Apple Logo
    1. Zokunei's Avatar
      Zokunei -
      Quote Originally Posted by FonKaizoku View Post
      You can just remote lock it.....
      Then you don't need to remote wipe it in the first place....
      Am I missing something?
      And only idiots don't have a passcode on their iDevice in the first place...
      I don't have a passcode because I don't leave my iDevice outside of my pocket or my hand, unless it's charging at home.
    1. Jastra's Avatar
      Jastra -
      Quote Originally Posted by A3gOwner View Post
      Sorry but the number can be listed as mobile or home or whatever. It does not matter like I said before it has less to do with your phone number than most want to realize.
      Hmm?... I was having problems myself and after I stored the numbers under iPhone it started to send messages via iMessage. Guess I had something else going on?
    1. A3gOwner's Avatar
      A3gOwner -
      I have contacts under both mobile and home that are iPhones and they iMessage no problem. So I don't know what your issue was.
    1. Jastra's Avatar
      Jastra -
      Yeah... Who knows? I honestly thought thats what fixed mine.
    1. youngunner-2's Avatar
      youngunner-2 -
      I buy a lot of used iphones and ipods, and have already ran into this a bunch. Texts people send to the person i bought it from at like 3 in the morning going off, etc. Can i remove the appl ID from the phone so that i dont receive said messages?
    1. Cer0's Avatar
      Cer0 -
      Quote Originally Posted by youngunner-2 View Post
      I buy a lot of used iphones and ipods, and have already ran into this a bunch. Texts people send to the person i bought it from at like 3 in the morning going off, etc. Can i remove the appl ID from the phone so that i dont receive said messages?
      Why are you not restoring the device in the first place?
    1. youngunner-2's Avatar
      youngunner-2 -
      Most of them come restored, I'm assuming upon restore their account is automatically loaded on to it. Since I personally don't use iOS 5 or above, I guess my question is: will restoring it remove their apple ID from the phone? Will their phone number not remain on the phone until a new SIM inserted? The OP made it seem as though the person who previously owned the phone must add a new ID to their phone in order for it to replace the old.
    1. Cer0's Avatar
      Cer0 -
      You should always do a clean wipe and restore on your on computer and itunes account.

      No the phone just needs to have a proper restore to wipe it clean. The remote wipe leaves behind settings and configurations is what they are saying is causing the problem.
    1. youngunner-2's Avatar
      youngunner-2 -
      I am reselling the phones, so if I loaded my own information on it then the person I sold it to would have my information and receive my messages, correct?