- Apple has started rolling out the iMessage contact key verification feature
- Currently in beta, not ready to use yet
- The principle is to warn users when a spyware is using their iMessage account from another device that they don’t own
Just a few hours ago, Apple released the first beta version of iOS 16.6 for iPhone users. On the menu are mainly security-related improvements and bug fixes. But an additional feature also seems to be included (or almost, we’ll get to that later): Verification of iMessage contact key. At the moment there is no official translation, but the developer at least enlightened us about the principle of this tool that allows Internet users to do this notified when a third party has successfully accessed their iMessage account.
If an intrusion is detected in the Messages app, an alert will appear at the end of the conversation. This indicates that an unknown device may have accessed the chats:
“An unrecognized device may have been added [contact]’s account”
Then the user has an opportunity to verify the integrity of his account by following the steps that have not yet been revealed after touching options.
More information in a future beta?
If we don’t know more as of this writing, it’s because the iMessage contact key verification feature doesn’t seem to be really active. In fact, it appears in the app. Ideas of the iPhone, where most of the privacy settings are stored, but nothing happens when touched.
It is therefore safe to assume that this option is still under development and a final version is expected to be released in a few weeks as part of a future iOS 16.6 beta. In any case, it wouldn’t be the first time Apple released such an incomplete change, as this habit is not uncommon at Apple. In addition, those who download an advanced version of the operating system know: errors are not uncommon.
Better fight against eavesdropping
More specifically, the verification of the iMessage contact key should enable vulnerable target groups to better protect themselves against targeted spyware attacks (eavesdropping). We are thinking in particular of whistleblowers, political opponents of authoritarian regimes, journalists or celebrities, interested parties and other large fortunes such as Jeff Bezos, who are already being eavesdropped on.
In fact, one of the techniques used by hackers is to scan a program like Pegasus, installed on a computer to remotely identify and discreetly take control of their target’s iPhone. Except Cupertino white the list of devices that the victim is using in general and can therefore detect if an unknown source is causing interference. This is where the compromised account warning is issued.
However, keep this in mindNo system is infallible, and that it’s entirely possible that as soon as iMessage Contact Key Verification is released, engineers at NSO Group will start looking for security holes to bypass this new protection. Furthermore, this could not have fully protected the Amazon boss, since the verolage would have taken place via his WhatsApp account – and not via iMessage…
i-nfo.fr – Official App iPhon.fr
i-nfo.fr – Official App iPhon.frBy: Keleops AG