The transport is secure, but if an attacker has already found their way into the device, they can intercept notifications/iMessages and remove it automatically anyway, so yes it's a bit or concern. But at that point, anything will be concerning, not only iMessage.
Send all the notifications at once without warning, and the real recipient will probably see it before the attacker programs his malware to hide this specific notification.
iMessage has no concept of a "verified user account" (iMessage for Business is separate), so there's zero indication this message is genuinely from Apple, except an email address that can possibly be faked. It's strange Apple hasn't built-in visible confirmation that this specific Threat Notifications sender is legitimate.
> iMessage has no concept of a "verified user account" (iMessage for Business is separate), so there's zero indication this message is genuinely from Apple
Looking at that screenshot, now I'm interested in how you can sign imessages with certificates. Even being able to have a certificate and look at the fingerprint, is much better than the current state of affairs where you just have to trust apple didn't swap out the keys.
An important caveat. If the messages are backed up to iCloud then they are not en encrypted. Apple may encrypt iCloud backups, but they hold the key and can turn the data over to the law enforcement.
Syncing messages across your devices is very much different than backing up your iPhone to iCloud.
The above should be pretty well known by now, but unfortunately isn’t the case.
If someone wants to dispute my comment, please cite supporting evidence.
You are correct. I was confused because since the “Messages for iCloud” was introduced, the backup itself won’t include plaintext message data if that feature is enabled (unlike before). However, this is where I stand corrected: it seems they store a copy of the Messages for iCloud encryption key in your iCloud Backup, if you have enabled iCloud Backup, which effectively defeats that encryption. The solution seems to be keep message sync on and backups off.
“For Messages in iCloud, if you have iCloud Backup turned on, your backup includes a copy of the key protecting your messages. This ensures you can recover your messages if you lose access to your Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn't stored by Apple.”[1]
iMessage does not have a mechanism to verify the devices associated with the destination account is actually theirs. It is feasible to assume an attacker/Apple/NSA could register an additional device key associated with your iMessage ID and snoop all future messages sent to that user from that moment on, even if they are not able to decrypt past messages. (This is true even if you assume iMessage client binary does what Apple says it does and is not tampered with/backdoored).
because the KSA hack was supposedly an iMessage zero door? And others allegedly don't even need to be clicked/opened.
Also imagine another bug that allows someone to spoof the 'from' or hell even send a message that looks similar, basic phishing.
Like: This is apple. Click this link to secure your account you are being hacked (literally). Seems like a bad precedent. But I guess there isn't a great way to securely communicate. Maybe just say google the official apple 1800 number and enter this secret number pad code.
That article is seven years old and in no way reflects current reality. In fact it has never reflected my own experience or that of anyone I know, where iMessage spam has been near enough to non-existent.
And even if there were a spam problem, the risk is mostly on the upside anyway. It would only be an issue if iMessage got a reputation for flooding people with admonishments to take security seriously, purportedly from Apple.
Meanwhile apple has added iMessage apps[1], that you can add to your iMessage and there recently were a few iMessage exploits including a zero-click one[2].
> That article is seven years old and in no way reflects current reality. In fact it has never reflected my own experience or that of anyone I know, where iMessage spam has been near enough to non-existent.
Your anecdotal lived experience is not representative of the entire population.
I personally have encountered at least a dozen spam iMessages (not SMS) in the past year, and several friends of mine have described the same experience. I googled iMessage spam and this was on the second page, just from last year: https://thisrupt.co/lifestyle/imessage-spam-not-thai-chana/ Feel free to research yourself to discover that it is in fact a widespread issue for many people, if not as widespread as it once was since the "Unknown sender" tab was introduced.
Regardless, SMS spam remains an issue, and on iOS, many users may not know the difference, as they're in the same app.
> And even if there were a spam problem, the risk is mostly on the upside anyway. It would only be an issue if iMessage got a reputation for flooding people with admonishments to take security seriously, purportedly from Apple.
You're missing the point. iMessage spam (though it does exist as I've shown above) is not the problem. The problem is iMessage doesn't have a good way to "verify" that messages that purport to be from Apple or anyone else truly are from a known and trusted sender. This deficiency is what enables iMessage spam, and creates the same potential for abuse with this new feature.
> Your anecdotal lived experience is not representative of the entire population.
Of course. That goes without saying. But neither you nor this person you cherry picked from a Google search is representative either. (And it's noteworthy that you had to drill down into Google search results in order to find a useful citation. That alone is evidence of iMessage spam not being a broadly pervasive issue.)
> You're missing the point. iMessage spam (though it does exist as I've shown above)
Huh? I never said it didn't exist.
> is not the problem.
Huh? I never said it was the problem.
> The problem is iMessage doesn't have a good way to "verify" that messages that purport to be from Apple or anyone else truly are from a known and trusted sender.
Yes thank you. this was the concern i was trying - seems like failed - to express.
There was even an article on HN a couple days ago about a money transfer service phishing scam whose initial message looks very similar to this message from Apple.
I think a LOT of people will fall for phishing with cold messages that look like this
That does nothing to verify authenticity within iMessage itself, creating the opportunity for abuse and impersonation I outlined in my other comment in this thread. A simple solution to this problem would be a "verified" indicator for users to know that the iMessage did in fact originate from Apple, without them having to first know that such a support document exists.
Some of these scam messages, being tailored to individuals and not necessarily sent in bulk, do in fact come from technically valid Apple IDs that have been created for the purpose by the scammer. So they would show your little verified indicator just fine, so it doesn’t help.
And they did post the solution in the document. It’s an out of band verification. Pretty tried and true solution.
