Every single iMessage to and from this man’s iPhone — his friends call him Wiz — has been sent to us by accident. We know about his job, his intimate life and address. Apple, you might want to fix this.
The story is simple: a friend’s son had some trouble with his iPhone 4. Being an awesome mum, our friend took it into the Apple Store when her kid was at school. School. Not college or university, but I’m-under-18 school. When she got it back, her kid’s phone was in perfect working order — but it had also become a portal into another man’s private life. No matter how many times we’ve reset the phone and entered our friend’s information, every incoming and outgoing iMessage meant for Wiz shows up on her child’s phone. His phone had become her son’s phone — and there was an iMessage bevy of stuff you wouldn’t want your child to see.
The problem of iMessages winding up on the wrong screens isn’t new — we mentioned it back in December. At the time, the worry was that iPhone thieves could pry into your private communications. But that’s not what’s going on here — this is like a wiretap we didn’t ask for — and Wiz has no idea we’re looped in on the whole thing. He texts throughout the day like usual, oblivious to the snooping. Now we see just how big of a deal this obscure “bug” is: Your entire personal life could be flung open, and you’d never know.
Take our word for it — we’ve gotten to know Wiz pretty well.
You probably underestimate how much of yourself you casually pour into texts each day. We know enough about this guy to stalk him, blackmail him, and harass him, using nothing more than what We’ve picked up. Based on only a handful of chitchat breadcrumbs and some Google work, we pinned down Wiz’s home address, his Facebook profile, email address, personal information about friends, where he exercises and — drumroll — the Apple store where he works. Yep! This Apple bug screwed an Apple employee — at the same store where our pal took her phone.
In all likelihood, Wiz’s messages are being broadcast to a phone he’s unaware of because he swapped his SIM card in while repairing our friend’s phone — permanently tethering his textual life to a phone that isn’t his. The theory that iMessages are dead-bolted to SIM cards, rather than just being something you sign into a la Gmail, was bandied around by Ars Technica more than a month ago.
It’s impossible that Apple isn’t aware of this problem.
But as long as it’s the problem of thieves and their victims, maybe it’s not high enough on the shit list to correct.
But again, no wrongdoing was committed here — no lost phone or pilfered login. Just a routine trip to the Genius Bar that’s turned us into unwitting eavesdroppers. Hopefully this will be enough to give Apple the message. Please fix this, guys.
bron
Thursday, February 2, 2012 at 10:09 AMThe question i’d be asking is this – was your friends son’s sim swapped into his phone at any point? Is he getting an eyeful of your friend’s son’s life? Her communications with him? His friends?
Tell her to get her butt back to that store and get it sorted – if necessary with a replacement phone.
Bloody ridiculous.
Another reason to NEVER get a damn iPhone (or is that iSnooponyourPhone
DarkAura
Thursday, February 2, 2012 at 1:59 PMI didn’t even think about this aspect of the issue, Poor kid if its happening.
Roland
Thursday, February 2, 2012 at 10:20 AMpoor bastard…
RooBoy
Thursday, February 2, 2012 at 10:22 AMso he’s a not so genius then…
Banana
Thursday, February 2, 2012 at 12:56 PMzing..
Jonathan
Thursday, February 2, 2012 at 10:24 AMAnd if it’s happened to him once, then how many other times did he do the exact same thing as part of his job to someone else’s phone, and they are also getting the same intimate view into his life!? I feel sorry for the guy. Has anyone told the guy?
Antonia
Thursday, February 2, 2012 at 10:28 AMWhen Symantec made its bs claim about 5 mil android handsets being infected with malware the Apple users said ‘see I told you android was bad’.
GizFail
Thursday, February 2, 2012 at 10:30 AMlol iFail
Sarah
Thursday, February 2, 2012 at 10:37 AMAll he needs to do is change is Apple password ( Wiz) The iphone will need to be reauthorised. Which is what happened when I changed mine, I am assuming then you would know what his Apple ID is ( it’s in the IMessage centre ) send the user an email and tell him.
Tony
Thursday, February 2, 2012 at 11:49 AMAccording to the Ars Technica article that this article links to, in some cases even changing your apple ID password doesn’t fix things :/
Jacky Sit
Thursday, February 2, 2012 at 10:58 AMI had this exact issue when I helped unlock my friend’s iPhone 4S, we asked another friend for his microSIM to check if the phone was unlocked yet (he was leaving the country so wasn’t about to go buy himself one). The following day he kept receiving all inbound AND outbound messages. We solved the issue by doing a complete factory reset on the phone. It hasn’t received any messages to date. But how many people are willing to do that to their phone if it wasn’t new? Apple definitely needs to fix this bug!
Chris
Thursday, February 2, 2012 at 11:08 AMI found the same thing on the day of IOS5 release. I junked my 3 iPhones that day and moved to a Galaxy s2. To the apple fan boys who go on about Android and viruses, give me a virus any day over this. The sheer arrogance of Apple is mind blowing.
Kris
Thursday, February 2, 2012 at 11:22 AM“Nothing bad happens to iPhones” – any fanboy
Are you seriously that bloody ignorant?
Nick
Thursday, February 2, 2012 at 2:01 PMAre you seriously fake quoting?
Kris
Thursday, February 2, 2012 at 3:04 PMNo, I’m generalizing EVERY single quote I have heard fanboys use to try and boost their shitty egos. This is the basic gist of it all.
Nick
Thursday, February 2, 2012 at 5:59 PMMate, I understand where you’re coming from but honestly the majority of Giz commenters are anti-Apple. Nobody here is defending Apple that hard.
Jay
Thursday, February 2, 2012 at 11:22 AMSo get “your friend” to take the bloody iPhone back to the Apple store and get the freakin’ Geniuses to fix it. How freakin’ hard can that be???
P.S. `roid ragers – you make me laugh. It’s a BUG. Shit happens!
RooBoy
Thursday, February 2, 2012 at 1:01 PM‘road ragers! LOL I’m putting that on a T-shirt! :-D
RooBoy
Thursday, February 2, 2012 at 1:02 PMdamn.. ok I meant roi.. oh never mind
Emanance
Thursday, February 2, 2012 at 11:23 AMSo much for the ‘safe’ sms that the bank sends you when you do a bank transfer!
Rico Suave
Thursday, February 2, 2012 at 12:43 PMBanks dont use imessage
qbngeek
Thursday, February 2, 2012 at 11:31 AMSo if you have found out so much information about him, have you bothered to contact him and let him know?? Or are you having too much perverse pleasure in snooping into his private life?? Did your friend bother to take the phone back and advise them there was an issue, that would have been the first thing I did, rather than posting this guys pics and messages on a well read site.
Gabriel
Thursday, February 2, 2012 at 11:58 AMShit all will be done about it until awareness is more widespread though
ShadesofGra
Thursday, February 2, 2012 at 12:11 PMThis issue says more about the carrier than about the device being used. I strongly suggest that you check your facts before making any claims as to who might be responsible for the breach.
Also, if you’re going to publish this kind of article you need to be very sure about the legal implications, not just concerning the source of the breach, but also concerning the telecommunication act as regards the interception of information. Freedom of information wont cover you if you get charged with unauthorized interception of personal information.
If you ever find that you are receiving information that is not intended for you, you should contact your telelcommunications provider immediately and advise them of the situation. Otherwise you run the risk of criminal charges.
moggyx
Thursday, February 2, 2012 at 12:23 PMDear ShadesofGra,
Before launching into your fanboy defense. It would have been wise to read the first sentence of the story and notice the word “iMessage” before launching into your tirade of hate to Giz.
This story and the fault at hand has nothing to do with the carrier, as iMessages are transferred through data, they are not SMS’s. So ” I strongly suggest that you check your facts before making any claims as to who might be responsible for the breach”….
Love
moggyx
ShadesofGra
Friday, February 3, 2012 at 12:30 PMHi Mogs, you gave me a good laugh by suggesting that iMessages are sent through data and not SMS. The humour is in what you haven’t said, rather than what you have. I don’t disagree that iMessages are sent through data, but your inference that there is no carrier of that data, along with the inference that SMS are not sent through data, make you look rather amatureish to anyone with a background in telecomunication systems.
Furthermore, your description of my own comments, “fanboy defence” and “tirade”, paint a somewhat black and white picture – as if you need to demonize me in order to make your point, where in fact the issues involved are many shades of grey. There really is no need to react so violently to my comments, unless of course you have something to hide..
Apollo
Friday, February 3, 2012 at 7:45 PMHi Shades,
Im an engineer for Optus currently working in Sydney. There are a number of aspects of iMessage which use data to communicate rather than traditional 2G SMS based functionality. So while you are accurate to some degree, you need to acknowledge that he is right to the same degree also.
To further explain how this works, you can get a basic understanding on http://www.apple.com/ios/features.html. Look under iMessage.
Apollo.
Apollo
Friday, February 3, 2012 at 7:48 PMI do also agree the fanboy bullshit is getting old. :)
Dan
Thursday, February 2, 2012 at 2:14 PMAnd also, provided the details of the article are correct, there’s no “interception” of data going on at all. For data to be intercepted, there has to be a conscious decision to retrieve or otherwise gain knowledge of the data. It has to be a willful act.
However, in this case, the data is being mis-broadcast. It is arriving on the phone without the actions (or consent) of the owner.
Compare it to this scenario: If I broke into Apple’s HQ and stole the blueprints for the iPhone 5, I would be guilty of theft. If, however, Apple were to mail them to me, my possession of them would not be illegal in any way.
Ash
Thursday, February 2, 2012 at 4:18 PMOne might successfully argue that the act of positing it on Giz and continued viewing of the information, presuming they haven’t informed the chap constitutes interception.
Either way its a pretty funny bug.
From a tech standpoint it wouldn’t be that hard a problem to solve. no doubt Apple has already got a fix in the works (or in an unreleased firmware update if its really been known about for so long). Not to mention cost wise its probably cheaper to roll out the fix than to watch the story blow up even bigger…
ShadesofGra
Friday, February 3, 2012 at 12:56 PMActually, interception of data does not necessarily begin with a willful act.
Let’s take your example:
If Apple were to mail you the blueprints of the iPhone5 – by accident – your receiving of such sensitive information does not constitute criminal action. If you were to keep such information and not take steps to return or destroy it you could be found to be voilating the rights of Apple Inc.
It’s not about what you have no control over, but rather about what you are aware of and can control. This is why there are questions concerning the legality of JA and Wikileaks.
moggyx
Friday, February 3, 2012 at 3:44 PMNothing to hide here….
I’ll accept that the use of terms “tirade” and fanboy” are simply a little bit of a troll and you replied, so success!!! But I wouldn’t go so far as to consider my coment “violent” or that i attempted to “demonize” you.
As for me implying that there is no carrier, I don’t think I implied any such thing. I was more hinting at the fact that SMS is a carrier policed tech (as any temporary storage of undelivered messages is maintained with the carrier), whereas with mobile, the carrier is not much more than a proxy as iMessage data, authentication, etc… all resides with good old Apple.
I’m pretty sure anyone, even without a background in telecommunications, realised you made a mistake. iMessage is not purely bound to carrier data connections and can be used over wifi, so I guess pointing blame at the carriers was unfounded and the giz article was well founded. Sure, it seemingly uses links an IMEI or apple id to a ICC-ID, but no carrier control exists on this link… hence they play no role in it. You can also use iMessage on an iPod…
You still back your statement the carrier is more to blame than the device? Are you one of those people who blame ISP’s for piracy also?
ShadesofGra
Friday, February 3, 2012 at 6:32 PMLolz, success!!! (Good to see you can be trolled too :P )
Michael
Thursday, February 2, 2012 at 12:42 PM“You know about tech, this is happening, what should I do?” – mother
“Leave it with me, I will write about it and not actually give you the advice to take the phone back and inform the staff member in question.” – Sam
Really, just really. Is this where Gizmodo has gone? The Gizmodo I one knew would make calls, and actually enquire as to why this is happening before posting such tripe and speculation. There isn’t even a “We took it back and Apple didn’t know what was wrong with it” line. Looks like Gizmodo is hoping that someone at Apple will read the post and act on it. Then again, maybe they don’t want to make their glorious Apple look any worse.
MDolley
Thursday, February 2, 2012 at 12:52 PMIt’s a definitely a concern and something that Apple should be looking in to but… I get the impression from the article that it only happens when you swap sim cards with somebody?
If you are letting somebody put their sim in your phone you probably know that person or that person works at a carrier/reseller/Apple Store.
While I’m not defending Apple, I don’t think you can compare this with third parties stealing data via malicious apps.
Dandy
Thursday, February 2, 2012 at 2:18 PMDidn’t you read the article? It was from the apple store, the “Genius’” obviously put the wrong sim card in or something during repair. So it is an issue that apple might even swap a sim card, therefore would be someone you don’t know.
Barry
Thursday, February 2, 2012 at 2:32 PMThere are legitimate circumstances where this problem can arise. I gave my old iPhone 4 to my 7 year old daughter without a sim to effectively use it as an iPod Touch. It connects to our home wifi. My daughter now receives all of my iMessages.
Occassionaly I have to intercept her phone before she sees it and clean it up. No amount of resetting it seems to be having any affect.
MDolley
Thursday, February 2, 2012 at 4:03 PMYou make a good point – I didn’t think of the implications for the second hand market.
Lee
Thursday, February 2, 2012 at 2:29 PMSo what about when you get a replacement iPhone?
They remove your SIM and then put your old phone in a box while it is deleting itself.
Will these old handsets receive my iMessages??
Kroo
Thursday, February 2, 2012 at 4:29 PMThis is not a bug. Obviously the “genius” didn’t reset the network settings after using another sim in the phone. Hence, the iMessage user id stuck with that phone. User fault not os bug. When testing jailbroken phones I usually have to use another sim card to check that an unlock has worked. I ALWAYS makes sure I reset the settings in case any sms’s transferred across. Lazy Apple employee, simple as that.
BCK
Thursday, February 2, 2012 at 6:58 PMBolted to sim cards?? thats bulllshit!!!
Just last week i had an ex brother in law of mine (that i have once shared my itunes password with) call me freaking out that he went camping, and as soon as the phone was back in reception he had a flood of well over 100 imessages from both myself and my new girl!
*My sim has NEVER been in his phone.
* I made the update to iOS5 2 months before he did.
*The iphone i was using no longer had a sim card in it at the time all of this happened.
WHAT THE HELL IS GOING ON.
InformedGamer
Friday, February 3, 2012 at 9:11 AMSomething similar happened to me.
I’ve never swapped sims or phone, both were brand new (Day 0 when the iphone 4 launched). Somehow, my dad sent a picture of my dog in the pool in our backyard to me and my sister, however both messages showed up from a random phone number.
I called the number and it turned out to be some kid from Perth (we’re in Sydney).
Somehow, Vodafail had managed to stuff up so that we receive messages from my father from a number belonging to a kid in Perth.
Called them up and it was fixed within a day, was quite funny.
Daz
Saturday, February 4, 2012 at 2:34 AMMaybe it’s an ifeature the GOVT made them put into it so BIG BROTHER can invade your iprivacy anytime he wants without you having a iclue.
The scary thing is how many iphones are actually doing it, and how would you know if it is ?
George
Saturday, April 21, 2012 at 1:04 PMApple is no better or worse than microsoft. They all work with the CIA to allow the psychopaths to spy on you. Every piece of software is now one big pile of f*cken spyware. Oblivious psychopaths…