SMS security flaw specific to iOS

The "reply to" field recently discovered to be a security risk for iPhone SMS transmissions has been confirmed to be an issue isolated to iOS.

A couple of weeks ago, hackers discovered a potential disaster of a loophole in the iPhone's texting protocol that could allow devious tech minds to alter the "reply to" field of a message to fool SMS receivers.

Not long after, Apple replied to the claims confirming that the vulnerability exists and promoting iMessage as a more secure, albeit less ubiquitous, method of text chatting via iPhone.

Now mobile security firm AdaptiveMobile says that other mobile platforms need not worry about this iOS oversight.

"We have tested this issue on Android, Windows Mobile, BlackBerry, and Symbian phones," said Cathal McDaid, security consultant at AdaptiveMobile, in a statement to CNET, "and most of them simply ignore the 'reply address' field or display both the 'real' originating address and the reply address as per the specification recommendations.

"The iPhone, so far," he continued, "is the only device which does not comply with these security recommendations."

Securing transmission

The center of this debacle is the apparently useless "reply to" marker in the header of a transmitted text, so why is it there in the first place?

According to McDaid, the idea behind its inclusion is to allow companies to send out texts from no-reply numbers to redirect responses.

In theory, the system can work to the user's benefit as well as the company's. In practice, it's not used so it doesn't matter.

Apple has yet to respond to this issue further than the statement promoting iMessage. As of the time of hacking on August 17th, Apple's next iPhone operating system, iOS 6, contained the same vulnerability as every other version.

Via CNET