Originally Posted by nagromme
Are other smartphones immune from this SMS issue? Is it iPhone-specific? (Some statements imply that this is not an iPhone issue at all, just a carrier issue.)
Hi Nagromme, if you're asking if there is an iPhone specific problem on AppleInsider your answer is almost always going to come back a little dogmatically as"'No, the iPhone has no flaws and is BETTER!" :p Reading some of these responses that seems to be the direction they are headed and they are wrong in this case.
If my analogy below confuses you, heres a link to more info: http://www.informationweek.com/security/mobile/android-and-blackberry-safer-than-ios-fo/240006075
Remember 'caller id' on those old fashioned wall phones? When you called someone from your home phone, if they had caller id, it would automatically tell them it was you calling. You had no input. Your carrier had the technology to recognize it was your hardware. That is the equivalent of 'from' in an SMS message. It is not impossible, but it is very difficult to spoof- and in an SMS text would usually require knowledge of your victims carrier and access to their carriers' SMSC servers to hack. It would open the hackers up to substantial criminal penalty. Any phone, whether android or Apple even using iMessage, would be prone to this attack. This type of attack isn't common because it is generally traceable and hard to execute. Those sites listed above do not work in the US or Canada. Feel free to try them if you wish. Some use the 'reply to' method (even though it says 'from' on their site) and hope your user has an iPhone- in which case they will work. Some offer Android apps for you to download in order for them to work. Your victims (if using Android phones) would need to have that software installed too which renders the attack pretty much useless.
Back to our 'caller id' example. Imagine if you called someone and your carrier, instead of using the information from your hardware, gave you a message 'please enter your phone number identifying who you are' and you now had to key in your phone number. Imagine it used the number you yourself keyed in to identify you to whomever you were calling... Not rocket science here. You could type in any number you wanted and that is whom it would tell your recipient was calling. If you looked up Apple's or IBM's corporate phone numbers you could type that in and it would tell your recipient that Apple (or IBM, or whomever) was calling. Very easy to do. No hacking required. That is the equivalent of 'reply to' spoofing.
'Reply To' *is* built into the SMS protocol and is quite useful. AT&T can send you a promotional SMS message. Some phones would tell you that the message is FROM: AT&T and that you should REPLY TO: ATTPROMO or something like that. No problem. The poor choice Apple made (and I cringe to say that on this site) is that they use the 'Reply To' field that your sender has control of to tell you that is who the message is FROM. So I can send you a bogus malicious message that you might not normally fall for, but when you look at the FROM field and see that it is 'FROM: facebook.com' you will decide it is safe and fall for it.
With that, the 'vulnerability' is way overblown. People can't hack your information or take over your phone with it. They can only fool you into trusting them. As long as you don't trust anybody sending you texts requiring dubious action on your part- there is no vulnerability.
Apple unfortunately doesn't like to admit error. They issued a pretty brilliant response as usual, but its a little bit of misdirection. Their statement is that the 'Reply To' field is built into SMS and is there on all phones- which is an absolutely true statement. They then say if you use iMessage you will not be prone to the attack- which is also an absolutely true statement. What they leave out is that the flaw in the iPhone was due to their less than optimal choice of using the 'Reply To' field in the header to tell you that that is where the text came 'From' and that they will (hopefully) correct their mistake in future versions. Any Android phone that has software that chooses to use the 'Reply To' field as the 'From' indicator would be prone to the same spoofing, but I guess that was one area they chose not to copy Apple. :p
For the record I was a long time Apple user and loved my iPhone until Apple kept insisting that I wanted a puny 3.5" screen. They were dead wrong and 'forced' me to switch to my giant screen Android phone. My 'dirty secret' is that I actually think both phones are great so I'm a little out of place on either an Apple or Android site. If Apple bumps up the screen size a little more and introduces usable mainstream widgets instead of the stone age 'icon grids' I'll be back in line for the iPhone 6 =) ( as long as Android hasn't implemented a feature that cooks for me and cleans my house ) Hooray competition!
Edited by Frood - 8/23/12 at 4:16pm