You Can Also Spy On Someone’s iPhone If You Kidnap Them And Lock Them In Your Basement

Yesterday, Gizmodo ran a story about a supposed bug in iOS, specifically related to iMessage. The title: The Apple Bug That Let Us Spy on a Total Stranger’s iPhone. Essentially, Gizmodo got ahold of an iPhone that was receiving iMessages not intended for that phone. The fact that some of these messages were quasi-sexual in nature and that the phone belonged to a teenage boy made the story more salacious. But here’s the thing, fear mongering aside, this “bug” is something that is so convoluted that it’s almost not worth even addressing. Almost.

Here’s what happened: a kid was having trouble with his iPhone. His mother took that iPhone to an Apple Store. When there, an Apple Store employee screwed up. Rather than following protocol and using a test SIM to debug the phone (Apple has test SIMs in their stores for this exact purpose), he oddly used his own SIM. This essentially turned the kid’s phone into the retail employee’s phone. The employee probably thought this was fine since it would only be temporary while he fixed the phone. The problem — which one has to assume he didn’t realize — is that even after you take the SIM out of the phone, the pairing leaves behind an imprint of that SIM. In this case, the iMessage account.

iMessage has made a lot of headlines in the past few months as it’s Apple’s brilliant way of helping to destroy the rip-off that is SMS. One key element of iMessage is the ability to pin an Apple account to the service alongside your phone number. This needs to happen in order for users to take full advantage of iMessage. Because of this connection, Apple can automatically figure out whether to use standard SMS or iMessage within the iMessages app. And iMessages has a bonus: the ability to work with many devices at once, ensuring your messages stay in sync.

These upsides — trying to make something that’s somewhat complicated as user-friendly as possible — lead to a downside like this. If you happen to be swapping SIM cards, you might transfer your iMessage credentials over to this other phone. But let’s be honest, how many people are going to do that? In the U.S., most people have no idea what a SIM card even is. And if they do, it doesn’t matter since most iPhones are locked. In other countries, SIMs are obviously popular, but this issue would involve you swapping SIMs with someone with an unlocked phone (and not wanting to set up your own iMessages account when you swap back).

But none of that is even what happened here. In this case, an Apple retail employee simply made a mistake. Reached for comment, an Apple spokesperson acknowledged this:

“This was an extremely rare situation that occurred when a retail employee did not follow the correct service procedure and used their personal SIM to help a customer who did not have a working SIM. This resulted in a temporary situation that has since been resolved by the employee.”

The bigger issue here is if your phone is stolen. Ars Technica actually addressed this about a month ago. This is still an edge case (as the vast majority of phones aren’t stolen), but Apple should come up with a way to remotely disable iMessages on a per-device basis. The way to do it right now seems to be to disable your Apple account, which is unfortunate (see: update). Of course, having your phone stolen in the first place is unfortunate. And unless it’s remote-wiped immediately (which rarely happens), any crook can get access to things likely much worse than your iMessages. This is a downside of life and scumbags.

Speaking of scumbags, it sure was nice of Gizmodo to run several of this Apple retail employee’s private messages and images along with the name that everyone knows him by. Part two of this story will probably involve kidnapping him, locking him in a basement, and liveblogging his emails — which were not secured because Apple doesn’t have a security feature to auto-lock and wipe phones when someone is hit over the head by a two-by-four.

Update: Apple has pointed out the following things that can be done if your device is stolen to ensure the problems above don’t occur:

Remote Wipe and then call your carrier/de-activate your SIM (de-register must be within 24 hours after Remote Wipe)

or

Activate a replacement phone with a replacement SIM using your same phone number

or

Change your Apple ID password (only works if you use an Apple ID with iMessage)

[photo: flickr/anonymous9000]