+ Reply
Page 1 of 2 12 LastLast
Results 1 to 20 of 38

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Beware of iMessage On Stolen iDevices

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
...
  1. #1
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,813
    Thanks
    198
    Thanked 983 Times in 724 Posts

    Default Beware of iMessage On Stolen iDevices

    iMessage is a messaging platform that is unique to iOS.

    iMessage is a new feature that came out with iOS 5 that allows all iDevices to be connected via a text messaging network as long as your connected to an internet connection. With iMessage, all of your devices are linked under one Apple ID and that means that every device linked to that ID can see what's being sent to you if you're using iMessage. This of course, has some security risks on its own, but there's an even worse thing to be aware of. The good news is, it doesn't affect the iPhone's text messaging. This only affects iOS iMessage.

    Using iCloud, you have the ability to remote wipe a stolen iDevice. This means that from a remote location, you can erase the data that's stored on the iDevice that was stolen. Unfortunately, that's all it does. It erases the data. It doesn't delete any settings or configurations and it doesn't remove your Apple ID. This means that your iMessage network continues to include your stolen iDevice. Do you see where I'm going with this now? Yes. A thief will be able to read every incoming and outgoing message that you send associated with the Apple ID of the stolen iMessage device. Pretty scary huh?

    Ars Technica is the Web Site that found and reported on this issue and they asked iOS security expert, Jonathan Zdziarski, why this problem existed. Of course, Apple kept their mouth shut about it, but Jonathan Zdziarski had this to say:
    Quote Originally Posted by Jonathan Zdziarski
    I can only speculate, but I can see this being plausible. Message registers with the subscriber's phone number from the SIM, so let's say you restore the phone, it will still read the phone number from the SIM. I suppose if you change the SIM out after the phone has been configured, the old number might be cached somewhere either on the phone or on Apple's servers with the UDID of the phone.
    The only viable solution to keeping your iMessages secretive to yourself after a stolen iDevice has been the case, is to make a brand new Apple ID and register your iDevice under that new Apple ID. This means that your iMessages will now be sent to the new Apple ID. This or course comes with some prerequisites, for example, you won't be able to use the applications that you installed on the old Apple ID; another being that anyone iMessaging your old Apple ID will continue to go to the thief until you let them know that you made a new Apple ID.

    This problem is of course a massive bug in the way that Apple's iMessage system works. We hope that Apple will respond to Ars Technica's request and fix the issue in a new iOS release that will have a new way of keeping iDevices in touch with each other. One way that I see this as being a viable option is to add a setting cell under iMessage in the Settings application with a master password and having the option to manually add or remove iDevices from the list. This would of course require that before you could add or remove a device that you would have to prove you were the owner by knowing the master password and on top of that, you would have the ability to remove a stolen device until you retrieve it to keep your privacy a number one concern. I can't wait to see how Apple personally answers to this problem and I hope that they come up with a conservative solution for it.

    What are your thoughts about thieves being able to read every incoming and outgoing iMessage sent on your stolen iDevice? Share your thoughts in the comments below and keep it clean please.

    Sources: Ars Technica

  2. #2
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    Just log into appleid.apple.com and remove the phone number for that phone and enter a new one, change your password too. That'll stop all of this. It's not really a security risk more common sense. iMessage uses email addresses associated with the device id not the phone number do some quick changes to your appleid and you should be good to go.
    Last edited by -JailbreakeR-; 12-14-2011 at 04:35 PM.

  3. #3
    Go Wings Zokunei's Avatar
    Join Date
    Jun 2010
    Location
    Michigan
    Posts
    6,399
    Thanks
    153
    Thanked 469 Times in 381 Posts

    Or they could just add your Apple ID to the remote wipe.

  4. #4
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,813
    Thanks
    198
    Thanked 983 Times in 724 Posts

    Quote Originally Posted by -JailbreakeR- View Post
    Just log into appleid.apple.com and remove the phone number for that phone and enter a new one, change your password too. That'll stop all of this. It's not really a security risk more common sense.
    iPod touches and iPads don't have phone numbers. They also use iMessage.

  5. #5
    iPhoneaholic
    Join Date
    Oct 2008
    Posts
    316
    Thanks
    1
    Thanked 32 Times in 21 Posts

    That was my first thought as well.

    Of course, the remote wipe should be able to wipe all settings, including the Apple ID from the phone. As for tack my phone and such, it should still be able to use the IMEI number to find it, so no big deal there.

  6. #6
    iPhone? More like MyPhone
    Join Date
    Dec 2011
    Posts
    131
    Thanks
    0
    Thanked 15 Times in 15 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    iPod touches and iPads don't have phone numbers. They also use iMessage.
    Sorry hit send before I was done. I edited my original post. Like I said its the email and device id not the phone number. Changing the phone number will stop it on the iPhone end.

  7. #7
    My iPhone is a Part of Me
    Join Date
    Dec 2010
    Posts
    762
    Thanks
    0
    Thanked 8 Times in 8 Posts

    I would never remote wipe my iPod any way. I wouldn't expect it to be connected to the Internet if it was stolen.

  8. #8
    What's Jailbreak?
    Join Date
    Feb 2008
    Posts
    7
    Thanks
    0
    Thanked 3 Times in 1 Post
    The article mentions not being able to use the applications associated with your old apple id, but that's not true. I have my phone using a different apple id than my appstore apple id (so that my wife's iPad and my phone can share apps, but be able to iMessage eachother). You just simply sign into the app store with that old ID.

  9. #9
    iPhoneaholic
    Join Date
    Jul 2009
    Posts
    343
    Thanks
    57
    Thanked 61 Times in 37 Posts

    So what happens if you change your ApplieID password after losing your phone?

  10. #10
    iPhone? More like MyPhone Stealth1029's Avatar
    Join Date
    Jul 2007
    Location
    Miami, FL
    Posts
    275
    Thanks
    3
    Thanked 43 Times in 23 Posts

    Actually, I've already had this happen to me, luckily it wasn't due to the phone being stolen. My friend's iPhone was running on a tethered jailbreak, and it ran out of battery, with no computers around at the moment (And on his birthday, no less). To help him out, I let him swap SIMs with my phone for a few minutes, so he could to take care of any messages with immediate importance. We swapped back, and the day proceeded as normal; however, the next day, I started noticing iMessage messages from an unknown number, and replies which appeared to be coming from my end. After some investigation, I found the cause: in the iMessage settings, I found both our numbers. The problem was easy to fix, though. All I had to do was toggle the iMessage settings off, then on again. Also worth noting: Facetime seems to suffer from this issue too, as I was receiving his calls. Definitely a big issue. Scary how if someone is given just a minute or two with your SIM card, they'll instantly possess the ability to intercept all your iMessages...
    Last edited by Stealth1029; 12-15-2011 at 04:38 AM. Reason: Clarification.

  11. #11
    What's Jailbreak?
    Join Date
    Sep 2009
    Posts
    26
    Thanks
    1
    Thanked 1 Time in 1 Post
    Quote Originally Posted by -JailbreakeR- View Post
    Just log into appleid.apple.com and remove the phone number for that phone and enter a new one, change your password too. That'll stop all of this. It's not really a security risk more common sense. iMessage uses email addresses associated with the device id not the phone number do some quick changes to your appleid and you should be good to go.
    Good idea, i put my sim in my mates phone to try some things and he was getting my messages, until i turned i message off. iOS 5 is rubbish. Hence returning to 4.3

  12. #12
    Green Apple
    Join Date
    Oct 2010
    Location
    Palmdale, Ca.
    Posts
    77
    Thanks
    3
    Thanked 25 Times in 13 Posts

    Just changed the password and it will solve the problem.

  13. #13
    Green Apple
    Join Date
    Nov 2007
    Posts
    70
    Thanks
    3
    Thanked 3 Times in 3 Posts

    Quote Originally Posted by Stealth1029 View Post
    Actually, I've already had this happen to me, luckily it wasn't due to the phone being stolen. My friend's iPhone was running on a tethered jailbreak, and it ran out of battery, with no computers around at the moment (And on his birthday, no less). To help him out, I let him swap SIMs with my phone for a few minutes, so he could to take care of any messages with immediate importance. We swapped back, and the day proceeded as normal; however, the next day, I started noticing iMessage messages from an unknown number, and replies which appeared to be coming from my end. After some investigation, I found the cause: in the iMessage settings, I found both our numbers. The problem was easy to fix, though. All I had to do was toggle the iMessage settings off, then on again. Also worth noting: Facetime seems to suffer from this issue too, as I was receiving his calls. Definitely a big issue. Scary how if someone is given just a minute or two with your SIM card, they'll instantly possess the ability to intercept all your iMessages...
    Fixed*

    Sorry, I had to. Wouldnt want everyone getting the wrong idea.

  14. #14
    iPhone? More like MyPhone
    Join Date
    Dec 2007
    Posts
    276
    Thanks
    26
    Thanked 14 Times in 14 Posts

    Anybody know why iMessage either works on my iPad or my iPhone and not together on both like it was supposed to? Anybody else having this problem?

  15. #15
    iPhone? More like MyPhone blueblaze4444's Avatar
    Join Date
    Jan 2010
    Location
    Southern California
    Posts
    133
    Thanks
    4
    Thanked 8 Times in 6 Posts

    And for the love of God, if you have a passcode on your device, then what are the likes that a thief would be able to get through it without restoring it anyways?

  16. #16
    What's Jailbreak?
    Join Date
    Jun 2010
    Posts
    20
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by blueblaze4444 View Post
    And for the love of God, if you have a passcode on your device, then what are the likes that a thief would be able to get through it without restoring it anyways?
    I was thinking the same thing. If your device is locked then everything will be erased when they try to restore it.

  17. #17
    iPhoneaholic scroogelives's Avatar
    Join Date
    Aug 2008
    Posts
    392
    Thanks
    27
    Thanked 15 Times in 14 Posts

    Quote Originally Posted by trevorrawson View Post
    Anybody know why iMessage either works on my iPad or my iPhone and not together on both like it was supposed to? Anybody else having this problem?
    I have a issue where my iPhone 4 won't accept my girl friends iPhone 3GS or my mums iPhone 3GS as iMessage yet others like my boss is accepted makes no difference where any one is just seems to no work!

  18. #18
    iPhone Underground A3gOwner's Avatar
    Join Date
    Jun 2009
    Location
    Underground
    Posts
    1,172
    Thanks
    2
    Thanked 117 Times in 110 Posts

    Quote Originally Posted by scroogelives View Post
    I have a issue where my iPhone 4 won't accept my girl friends iPhone 3GS or my mums iPhone 3GS as iMessage yet others like my boss is accepted makes no difference where any one is just seems to no work!
    Are they all on ios5 or higher?

  19. #19
    My iPhone is a Part of Me
    Join Date
    Sep 2007
    Posts
    850
    Thanks
    9
    Thanked 51 Times in 47 Posts

    or the thief can login your account (he now has our imessage account) and change the password. thus he'll log you out.

  20. #20
    "The Truth" metaserph's Avatar
    Join Date
    Feb 2009
    Location
    Houston, Texas U.S.A.
    Posts
    4,680
    Thanks
    12,440
    Thanked 9,122 Times in 2,709 Posts

    Mental note: do NOT lose your iPhone.
    @Metaserph
    "You can only attain Peace through spreading Love to create Unity and earn the Respect of others" - Complex Simplicity

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts