or Connect
AppleInsider › Forums › Mobile › iPhone › iMessage 'denial-of-service' attack crashes devs' iOS Messages apps
New Posts  All Forums:Forum Nav:

iMessage 'denial-of-service' attack crashes devs' iOS Messages apps

post #1 of 20
Thread Starter 
A recent spate of prank texts sent to a group of iOS developers has revealed a limitation in how Apple handles data sent through its iMessage service, which in some cases can crash the app if the incoming message is too long or contains overly complex characters.

iMessage DoS
Source: The Next Web


As reported to The Next Web, iOS app developers iH8sn0w, well known for his jailbreak tool, and Grant Paul were among those targeted by a type of denial of service (DoS) attack that overwhelmed their respective Messages inboxes with a load of automatically-generated transmissions.

The two devs believe the messages to have been sent one after another from the Messages app on OS X, with a simple AppleScript effecting the barrage that prompts a victim to constantly clear notifications and text.

?What?s happening is a simple flood: Apple doesn?t seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly,? Paul said.

iH8sn0w mocked up a proof-of-concept AppleScript to demonstrate how such an attack may work. If Apple doesn't limit the influx of messages, a user's app will quickly become filled with what amounts to piles of spam.

As vexing as a continuous string of nonsense can be, a real issue arises when extraordinarily long or complex messages are received. This can cause Messages on iOS to crash because it can't process and display the massive amount of data correctly. According to the developers, the app will force itself to close and won't be able to re-open because it can't properly render the text.

While no surefire solution has been found to remedy a crashed Messages app, the publication suggests "playing around with sending a regular message, then locking the phone and activating the message notification until you?re able to time it right to delete the message thread that?s causing the problem." Paul effectively employed this method to delete the offending text and regain control of the app.

It should be noted that if an attacker gets ahold of a user's iMessage handle, the only option may be to disable that account temporarily. If a user's phone number is compromised, iMessage itself might have to be turned off.

The attacker's identity is unknown at this time, but the messages appear to have originated from a Twitter account used to sell UDIDs and provisioning profiles. Disposable email accounts were being used to send the spam, making it difficult to simply block the culprit as they can simply open another and continue the assault.

Apple has yet to issue a response to the recent development.
post #2 of 20
Apple doesn?t seem to limit how fast messages can be sent

 

GREAT, now an update will probably change that for all instances instead of just stopping things like this. I like not being forced to wait to send messages.

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #3 of 20
There could be a limit like .1 seconds, and then a per-minute limit that no legitimate sender would ever exceed. Doesn't mean we'll be forced to wait.

P.S. Finally, some spam in the proper original (computing) sense of the word! It didn't start out meaning "junk mail," or "ads," it meant overloading someone's inbox--cramming it like spam in a can. But the term got away from its denial-of-service meaning somehow. Which doesn't make sense: what does spam in a can have to do with ads or unwanted messages per se? (At least the original meaning has been retained in multiplayer gaming: there, spamming still isn't about unwanted contacts, but about overload.)
post #4 of 20
Quote:
Originally Posted by nagromme View Post

There could be a limit like .1 seconds, and then a per-minute limit that no legitimate sender would ever exceed. Doesn't mean we'll be forced to wait.

P.S. Finally, some spam in the proper original (computing) sense of the word! It didn't start out meaning "junk mail," or "ads," it meant overloading someone's inbox--cramming it like spam in a can. But the term got away from its denial-of-service meaning somehow. Which doesn't make sense: what does spam in a can have to do with ads or unwanted messages per se? (At least the original meaning has been retained in multiplayer gaming: there, spamming still isn't about unwanted contacts, but about overload.)

Please refer to Spam:

 

4.2 Etymology

 

from Wikipedia. It might be different than your definition of the origin of the word. Good read nevertheless.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #5 of 20
And that's not the biggest problem with iMessage. The biggest problem is that you can't block people from sending you iMessages. A girl I know kept receiving harassing iMessages from her ex-boyfriend for months. No way to block his incoming iMessages.
post #6 of 20
Basic fixes really and Apple should have implemented these:

- have a blacklist to block unwanted iMessage users
- limit the number of consecutive messages
- limit message size to 2000 characters or something

It doesn't have to limit reply time at all. It can just limit consecutive messages from the sender to e.g 5 within 5 minutes. This stops harassment. If both users are sending, there is no need to limit anything.
post #7 of 20

I agree there's needs to be a way to block messages from users. 

Mac Mini (Mid 2011) 2.5 GHz Core i5

120 GB SSD/500 GB HD/8 GB RAM

AMD Radeon HD 6630M 256 MB

Reply

Mac Mini (Mid 2011) 2.5 GHz Core i5

120 GB SSD/500 GB HD/8 GB RAM

AMD Radeon HD 6630M 256 MB

Reply
post #8 of 20
Quote:
Originally Posted by Marvin View Post

Basic fixes really and Apple should have implemented these:

- have a blacklist to block unwanted iMessage users
- limit the number of consecutive messages
- limit message size to 2000 characters or something

It doesn't have to limit reply time at all. It can just limit consecutive messages from the sender to e.g 5 within 5 minutes. This stops harassment. If both users are sending, there is no need to limit anything.

5 within 5 minutes is not enough for normal people to have a conversation...Even if you mean without a response. stopping anything over 5 every 5 seconds might help.
post #9 of 20
Quote:
Originally Posted by Wovel View Post

5 within 5 minutes is not enough for normal people to have a conversation...Even if you mean without a response. stopping anything over 5 every 5 seconds might help.

Who sends more than 5 messages without getting a reply? A pain in the ass that's who. Maybe in a situation like if someone is feeding sports results but it still doesn't need to be all that frequent. They can put more info into each message.

It could even just have a prompt if it detects a high frequency of messages.

"iMessage has detected a large number of incoming messages from the recipient. Block User or Allow?" Block User can just put a lock icon on their side of the iMessage window in every conversation they are in and if you wanted to unblock them, you'd just tap it and confirm the unblock.

That way a reply wouldn't be necessary but incoming messages would be put on hold until the recipient allowed the conversation to continue. This would have to be done every time it detected a lot of consecutive incoming messages so there's never a chance of it flooding. It can be a little more than 5 if necessary. Apple will have all the iMessage data and should be able to check what the maximum number of replies are that people typically make in a given time without getting a reply and set the appropriate limits.

Someone might forget they blocked a user so there can perhaps be a push notification after a day to ask if it should be permanent.
post #10 of 20
Quote:
Originally Posted by Tallest Skil View Post

 

GREAT, now an update will probably change that for all instances instead of just stopping things like this. I like not being forced to wait to send messages.

 

Any needed updates would be server side. Catch and delay an fast streams, perhaps even determine if they are dupes and block them. Maybe even disable, after a manual review determines someone is either spamming tons of folks or trying to bork up one party, disable said ID from iMessages possibly at the ID, IP and/or device ID level. 

 

As for stopping such an attack, turn off iMessages. 

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #11 of 20
Originally Posted by Marvin View Post
Who sends more than 5 messages without getting a reply? A pain in the ass that's who. Maybe in a situation like if someone is feeding sports results but it still doesn't need to be all that frequent. They can put more info into each message.

 

I'd ask if you're joking, but I know you too well. What I think you might not know very well is kids these days. Five messages a minute will utterly destroy iMessage adoption. We're talking complete decimation.


Originally Posted by charlituna View Post
Any needed updates would be server side.

 

That's what I mean, yep.


As for stopping such an attack, turn off iMessages. 

 

I like this as the answer.


Edited by Tallest Skil - 3/30/13 at 7:38am

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #12 of 20
Quote:
Originally Posted by scotty321 View Post

And that's not the biggest problem with iMessage. The biggest problem is that you can't block people from sending you iMessages. A girl I know kept receiving harassing iMessages from her ex-boyfriend for months. No way to block his incoming iMessages.

That could be a real problem! Depending on where you live, some places are finally starting to take that sort of thing a little more seriously. After a couple of girls harassed the Steubenville rape victim on social media after the guilty verdict against her attackers, Ohio police went out and arrested them.
post #13 of 20
Quote:
Originally Posted by Tallest Skil View Post

I'd ask if you're joking, but I know you too well. What I think you might not know very well is kids these days. Five messages a minute will utterly destroy iMessage adoption. We're talking complete decimation.

But surely it's not 5 messages in one direction. Conversations are two way. Like I say, if there happens to be a large enough number of one-way 5-comment messages, they can up the number but there has to be a reasonable cap for someone messaging in one direction and they can just have a prompt if an iMessage stream goes outside this to give the recipient control over it. There would be no limits placed on a two way conversation at all.
post #14 of 20
Originally Posted by Marvin View Post
But surely it's not 5 messages in one direction. Conversations are two way. Like I say, if there happens to be a large enough number of one-way 5-comment messages

 

Given the ability to ban specific addresses, I see no reason for a directional (or any other type of) message cap at all. Absolutely there should be no limit on the number of messages sent before waiting for a reply. You really want to be forced to shut up until you receive a reply? I certainly don't.

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #15 of 20

Is there a workaround that you can use with the desktop client or removing the device via your iTunes account?

post #16 of 20
Quote:
Originally Posted by Marvin View Post

Basic fixes really and Apple should have implemented these:

- have a blacklist to block unwanted iMessage users
- limit the number of consecutive messages
- limit message size to 2000 characters or something

have a blacklist to block unwanted messages and phone calls (instead of paying $5-$10/month).

post #17 of 20
Hasn't this been a problem since the first day the SMTP protocol was created? Any goof ball with .net and 5 lines of code can firebomb someone's email box with unlimited emails.
post #18 of 20
Quote:
Originally Posted by Tallest Skil View Post

Given the ability to ban specific addresses, I see no reason for a directional (or any other type of) message cap at all. Absolutely there should be no limit on the number of messages sent before waiting for a reply.

Without it, someone would still be able to bombard another person's phone with messages. Without a cap of some kind, it can make the phone unusable as the article shows. You're right that they could block individual users but iMessages can be sent from multiple accounts.
Quote:
Originally Posted by Tallest Skil View Post

You really want to be forced to shut up until you receive a reply? I certainly don't.

lol.gif The control should be in the hands of the recipient, not the sender. If you are repeatedly texting someone and not getting a reply then they clearly don't want to answer or can't in which case, sending more messages is either harassment or futile until they can use the phone. I don't see the harm in the phone detecting abusive behaviour asking the recipient if the sender is harassing them and allowing them to conveniently ignore the messages and offering the option to block them.
post #19 of 20
Originally Posted by Marvin View Post
I don't see the harm in the phone detecting abusive behaviour asking the recipient if the sender is harassing them and allowing them to conveniently ignore the messages and offering the option to block them.

 

Oh, sure; absolutely.

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #20 of 20
What a coincidence, this just happened to me today through but with regular SMS messaging. I've tried everything, and it still won't let me open the app. I guess I have to do a factory reset now.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › iMessage 'denial-of-service' attack crashes devs' iOS Messages apps