End-to-End Encryption Failure: 1 Billion iPhone Users at Risk of Leaked Private Messages
Despite Apple’s efforts to provide end-to-end encryption, a serious security weakness puts one billion iPhone owners at danger of having their private messages revealed. With that, the FBI has outlined a potential flaw discovered in Apple’s iCloud backups that might lead to the leakage of user messages.
Related: How to Protect Your Identity by Using Next-Level Security Over Your Credit Report
Table of Contents
End-to-End Encryption for iMessages by Apple has a flaw.
According to The The Sun, weak security areas in Apple’s advanced iPhone technology make it possible for hackers and unwelcome observers to read iMessages users’ messages. As a result of the issue, which is referred to as a failure in the end-to-end encryption process, an estimated one billion users could be affected.
According to the Forbes report, Apple is adopting end-to-end encryption for its exclusive iMessage service to prevent hackers from intercepting or reading communications. However, there may be a weakness in the way Apple permits customers to back up their data using iCloud.
The FBI has issued a warning about a vulnerability discovered in iCloud backups.
This applies to encryption keys used in iMessages. With that, the FBI compiled and published a document earlier this week explaining the flaws they discovered as a result of the iCloud backups.
If users want to enable iCloud backup, the encryption keys will be sent together with the lawful access content return, according to the paper. It was also suggested that if their victim enabled Messages in iCloud, hackers might access iMessages from iCloud returns.
What makes Pegasus so dangerous?
Following a significant security breach that allowed iPhones to be hacked even without the user’s knowledge, the Cupertino behemoth issued an emergency software upgrade earlier this year. To elaborate, a harmful virus known as Pegasus could stare at users, listen to their calls, and even send messages using the iPhone’s camera.
The NSO Group, an Israeli IT business, was the first to design Pegasus. Pegasus is also well-known for attempting to target both Apple and Android devices while evading detection by antivirus software.
Related: iPhone 13 Pro and 13 Pro Max expert review
A Cybersecurity Expert Offers His Opinions
Pegasus has been there since 2016, but a new release in July of this year reintroduced it to the public eye. Forbes cybersecurity expert Zak Doffman warned of the dangers of using iMessage, stating he can “no longer advocate iMessage” as an Apple user’s daily communicator.
Doffman responded to the recent hack by stating that the harsh reality is that Apple’s iCloud strategy must be changed immediately. This is to avoid retaining encryption keys and backing up end-to-end encrypted data until the protection persists or users have been notified that their privacy is being jeopardized. Furthermore, according to Doffman, the update is now “important.”