Daniel Eran Dilger in San Francisco
Random header image... Refresh for more!

Is Apple’s MobileMe Secure?

MobileMe security
Daniel Eran Dilger
A recent article presenting how MobileMe works was been roundly criticized by at least three different bloggers. While the original article did not primarily address MobileMe security, the statements made about MobileMe’s security do warrant some additional detail and clarification. In contrast, much of the criticism was wildly overstated to the point of actually misinforming users about the actual state of MobileMe and email security. Here’s a look at what’s involved.

Inside MobileMe: Web 3 and Web Client-Server apps
MobileMe’s Web App Data Transactions are not SSL Encrypted.

I enjoy reading John Gruber’s excellent Mac resource, the Daring Fireball. It initially stated, “[Inside MobileMe: Web 3 and Web Client-Server apps] reports that the MobileMe web apps supposedly do use SSL, even though you don’t see ‘https:’ URLs or the ‘secure’ lock icon in your web browser.” However, the referenced article did not ever state or even suggest that MobileMe’s web apps use SSL or other forms of encryption when accessing the web apps for email and other services, outside of login and account settings. Gruber corrected the remark after being notified of this.

For the record: Apple’s MobileMe desktop email can be secured via encrypted SMTP and IMAP; Apple presents details on how to ensure this is set up, as users may not have this enabled by default. Address Book and iCal sync on Mac OS X is secured automatically when it transacts with Apple’s server cloud. Windows apps use the same security when syncing their data via Outlook through iTunes for Windows. The iPhone and iPod touch also support encrypted email and all push messages are also secured via encryption.

However, the MobileMe web apps are only secured by SSL through the initial login authentication session and again only when users access their account information to do things such as change their password, update their billing information, or order additional services. Outside of that, all email, calendar, and contact data that is exchanged between the web client and the cloud is not encrypted, and can be sniffed by anyone with access to the network (below, click to enlarge).

MobileMe Security

What Unencrypted Web Apps Mean for Users.

This means that as you send email, read emails, create new calendar items, view calendar events, and view contacts, that data is being sent in the clear across the Internet between the web browser and the cloud. This does not mean that if you access your email, anyone who might be sniffing traffic could intercept your account information, your login, your credit card information, or change your password. They also could not access anything you did not access yourself, so creating an email does not automatically allow them to read through your contacts, for example.

MobileMe’s limited SSL protection on its web apps presents a real (albeit unlikely to be widely exploited) security hole. However, it is important to note that Microsoft and Yahoo provide the same, limited level of SSL protection for their web services as Apple does; both Yahoo Mail and Microsoft’s Live Hotmail send data in the clear after the initial login. Google has just started offering SSL protection by default for Gmail (below, click to enlarge).

A followup article recommended that Apple should use the same IPSec-type of security for its MobileMe web services as it does for desktop sync. Other critics have noted that because Apple charges $8.25 per month for MobileMe, it should provide a better level of security than Microsoft or Yahoo and at least match Google. At the same time, it is important to recognize that adding SSL encryption does not automatically or even fully secure email.

Google Yahoo Hotmail security

Apple’s secret “Back to My Mac” push behind IPv6

SSL is Not a Panacea.

Blogger Jens Alfke, who works for Google, also took the MobileMe article to task. Alfke wrote that Apple’s MobileMe apps not only do not perform data encryption, but also leave open the potential for rogue hackers to perform DNS forgery or phishing attacks that SSL could help prevent, or at least flag as a problem for the user when they occur.

For example, a user trying to access webmail at me.com could hypothetically be redirected to a fake me.com by a bad DNS server, Alfke wrote. With SSL in place through the entire transaction, the user should at least be warned that the impostor me.com site did not match its known certificate. Without SSL, MobileMe web apps could therefore theoretically fall prey to a man in the middle attack, where all transactions were passed through a malicious user’s third party control for tampering or viewing. Additionally, Alfke theorized that the web apps themselves could be replaced entirely by a fake site that pretended to be MobileMe in an Invasion of the Body Snatchers scenario.

There are two problems with these scenarios. Alfke’s assumption that MobileMe’s “unauthenticated JSON exchange” could be easy to exploit, allowing redirect via bad DNS, is based in conjecture not fact. In response to his posting, Andrew Jaquith of the Yankee Group pointed out “there are lots of ways for two parties keep rotating secrets on both sides of the wire without disclosing them. See, for example, RFC 1938. I don’t know exactly what Apple is doing with JSON, but dismissing it just because it isn’t encrypted doesn’t prove anything.”

Jaquith also described why SSL is not good for “verifying that software is ‘genuine’ or that a website is what you expect,” as Alfke claimed in dismissing Apple’s security architecture for its MobileMe web services. Jaquith presented a scenario that would result in “a supposedly sniff-resistant [SSL] session that is still nonetheless 100% hosed.”

Re: MobileMe Webmail Security — There Is None — Thought Palace

Security through False Assurity.

On top of that, even in cases where SSL could identify that something bad was happening, the only protection SSL really provides is to throw up a warning about security certificates that most non-technical users browsing at Starbucks would likely just click through to dismiss before happily giving away their credit card info, thinking they are safe because they are interacting with the “SSL” icon on for a website.

When Apple transitioned from .Mac to MobileMe, users were presented with a SSL warning related to mac.com being redirected to me.com, and nobody seemed to even notice. SSL warnings are similarly not going to secure users who do not understand the security issues involved when they are sent to me.info or me.192168.com, or redirected by a malicious DNS to a server pretending to be me.com but failing the SSL check.

Therefore, the benefits of adding SSL were greatly overstated by some critics, who also failed to even consider its drawbacks and limitations. If Apple simply added SSL, it certainly would, as stated in the original article, provide a “false sense of security that distracts from real security threats.” At the same time, the original article also understated the value SSL would provide web browser users. Adding SSL security throughout MobileMe’s web apps, particularly those that deal with private data, would likely provide benefits that overshadow the added overhead. Despite that, it would not “secure” email for users, as described below.

Never Cry Poppycock.

While the original article was not purporting to be a tome on security, another response to it claimed special expertise in security. However, the author not only greatly overstated his case, but also resorted to unprofessional language in demeaning and dismissing the whole of an article just because he took issues with a minor portion of it.

Rich Mogull’s “MobileMe Web Interface Insecure, But Other Apps Get It Right,” published by Tidbits, provided some interesting comments on the subject, but began with an unnecessarily arrogantly overstatement of criticism that misstated the point and the context of the article in order to attack it as “patently false” “technobabble” “poppycock” and so on.

Mogull didn’t contact the author of the original article prior to writing about what he claimed was so wildly inaccurate. In addition, his own presentation is flawed and overstated in ways that are far more misinforming than any disputed details in the original article.

TidBITS Safe Computing: MobileMe Web Interface Insecure, But Other Apps Get It Right

Consider the Context.

Mogull jumped upon a quote taken out of context, which was actually talking about how MobileMe and other JavaScript apps manage security related to JSON transactions. The context of the quote was the potential threat posed by sending self-executable JSON as opposed to simple XML data:

“Being able to inject executable code into a system from malicious sources is a primary security problem. For that reason, web apps that transmit data using JSON have to authenticate with the server and regularly perform security handshakes to ensure that the data being sent back and forth is indeed coming from and going to a trusted source.”

Mogull not only ignored that context, but only linked to the second page of the article, where the quote appeared without its immediate context. This enabled him to present that the comments on how JSON is secured were entirely about “why SSL was unnecessary,” which was not the point of the text at all.

Quibble vs Patently False.

The article presented that there was “unnecessary panic among web users who have equated their browser’s SSL lock icon with web security;” that is accurate. While SSL encryption provides an additional layer of security, is not infallible. SSL security requires faith in fallible architectures that have regularly published vulnerabilities. Suggesting that SSL would be a panacea for webmail is false for a number of reasons: SSL can be spoofed; the browser only presents a cryptic warning when that happens, which many users would not know how to handle if it were being spoofed; and the larger fact that even SSL-secured web email is not really secure.

The original article also correctly pointed out that SSL could provide a “false sense of security that distracts from real security threats.” Users who think that SSL web-based email is secure and therefore appropriate for sending confidential information are in for a rude awakening. Email is not secure, and carefully securing part of the email transmission is like only locking three doors of your car. It’s better to understand that thieves can take anything in your car rather than to lock three doors and assume that you can leave valuables on your seat that cannot be taken.

Mogull is arguing that Apple hasn’t provided a functional lock on the driver side door of its webmail service, ignoring the fact that Internet email has no locks on the tailgate or the rear doors at all. This is penny wise and pound foolish security, and can be judged as the “patently false technobabble poppycock” that he quickly used to dismiss an article that was only touching on one aspect of security in a larger piece that was really addressing how MobileMe works as a service and the future potential it holds out.

Mogull’s reply was entirely about security, but it delivers the wrong message. It’s not just easy to quibble about some of Mogull’s details; his primary argument that the original piece was ridiculously wrong is just false, primarily because he overstates it in such an over the top, arrogant way.

SSL is Not Evil.

Having said that, the original article did understate the value SSL can add in securing webmail. SSL is useful in protecting users at the point where they will be most vulnerable when checking webmail, as they are more likely to be at a public terminal or perhaps using unsecured public WiFi when using the web rather than desktop clients (which are secure using encrypted transmissions) or an iPhone (similarly secured).

SSL web apps would provide MobileMe users a similar level of security; Apple currently does not present this throughout the entire webmail session, only when the user authenticates and if they enter account details to change their password or order new services, as noted previously. With SSL, webmail addressed to other MobileMe users, as well as access to one’s own contacts and calendar would be very secure. Email to other domains would continue to be exposed, unencrypted, as it crosses the open Internet.

Sending email is like sending a postcard: anyone intercepting the postcard on its way to the post box, from there through the mail system, or on the way to the recipients mailbox will be able to read what’s written on it. Encrypted email is more like a letter written in code inside of a security envelope: it would be far more difficult to view its contents. However, SSL email only provides security for part of the trip; it’s like carefully guarding your postcard until you drop it in the mailbox. This will prevent casual eavesdroppers from seeing what you’ve written, but won’t protect you from having your postcard read from that point on, because it is wide open throughout the rest of the trip.

In addition, when using a public computer or improperly secured WiFi network, the SSL security provided to a webmail user can’t be trusted. A public PC is just as likely to have a spyware keylogger installed (if not more so) than a malicious hacker listening in on the transmission remotely. Your emails could therefore be spied upon before they were sent through the secure SSL pipe to the cloud. Similarly, using an unsecured WiFi connection opens a user to security issues that far outweigh having your email transactions possibly sniffed.

Additionally, across the industry there are few webmail providers who deliver greater security that Apple’s MobileMe. Google just recently added SSL, while Microsoft and Yahoo provide similar security to Apple’s web interface in MobileMe: SSL encrypted authentication and account protection (you can’t change your password in the clear on MobileMe, only in an SSL session).

Doth Protest Too Much, Methinks.

So while SSL isn’t worthless, it does not present the bulletproof panacea that Mogull suggests it would in his over the top, excessively arrogant, one-sided attack piece. While the original article’s understatement of the benefit that SSL could bring to Apple’s MobileMe webmail could rightly be criticized, it did not say that the existing webmail service was secure. Instead, it said email was not secure and shouldn’t be trusted, and that SSL could provide webmail users with a false sense of security.

Mogull presented this in a mocking, simplified paraphrase as, “we think SSL would bog down performance without providing security.” He then concedes that he has overstated his own arguement by agreeing that SSL would have a limited impact on securing users, saying, “While there’s a reasonable, if small, risk someone might sniff your connection when you are out in public, the odds of a redirection attack are extremely low.”

Mogull could have presented his last paragraph by itself, essentially warning users that MobileMe’s web interface exposes them to unlikely but theoretically possible dangers, and explain that Apple’s expanded use of SSL could help secure its webmail service from some of these kinds of attacks. Instead, the solution he demands would only provide limited benefits to users while providing that suggestion that webmail is more secure that it really is in practice. This is far worse of a problem than acknowledging that email is simply not secure and should not be treated as such.


Did you like this article? Let me know. Comment here, in the Forum, or email me with your ideas.

Like reading RoughlyDrafted? Share articles with your friends, link from your blog, and subscribe to my podcast (oh wait, I have to fix that first). It’s also cool to submit my articles to Digg, Reddit, or Slashdot where more people will see them. Consider making a small donation supporting this site. Thanks!

20 comments

1 blacktalonz { 08.22.08 at 12:59 am }

This is like watching two girls fight and like all cat fights no one cares who wins, it is just fun watching :-)

2 q { 08.22.08 at 2:27 am }

“However, it is important to note that Microsoft and Yahoo provide the same, limited level of SSL protection for their web services as Apple does; both Yahoo Mail and Microsoft’s Live Hotmail send data in the clear after the initial login. Google has just started offering SSL protection by default for Gmail (below, click to enlarge).”

1. Yahoo, MS and Gmail are free. – Mobileme isn’t free.

2. Web.de – a German free-mailer – is also free and is offering SSL

3. I thought Apple likes to be better then the other players. But from the security point of view Apple is less then average.

4. Why don’t you find in general something about security in an apple-commercial? Apple doesn’t care about it, because the typical Apple-User also doesn’t care about security? There is no security?

5. Apple = security by obscurity!?
Why doesn’t speak Apple about security things? Why do I have to find out myself how mobileme works form a security standpoint?

4. iDisk or OnlineBackup – Where is the encryption?

Gigabank: AES (Advanced Encryption Standard)
https://www.gigabank.de/de/gigabank/blog/glossar/aes-verschlusselung/

JungleDisk:
“Your Date is encrypted at all times”
“Your data is encrypted using a personal key known only to you. No one else can access your data”
“Jungle Disk with Amazon S3 is the only online storage service where the application is de-coupled from the storage and you “own” your own data. When you use Jungle Disk, your files are stored on Amazon.com’s servers using S3, an open web-service based API. They never touch our servers, and we have no idea what (or how much) data you are storing. Access to your data on S3 is restricted at all times by your AWS Secret Key which is never sent to us or any other user. You can choose a custom encryption key so that all of your data is encrypted before it leaves your computer, and stays encrypted while stored. To further re-enforce the idea that you are in control of your data, we have made available open source code that can be used to browse and download your data without even using Jungle Disk.

This alone is something you won’t find from any other online backup provider. Jungle Disk’s unique model means that the software and service will keep functioning, even if Jungle Disk, Inc. were to go away.”
http://www.jungledisk.com/

5. Why can’t I use encryption in iChat, when (OTR, GPR)
I’am using a Jabber-Account?

6. Why is Apple using the proprietary Oscar-Protocoll instead of XMPP (Jabber) for mobileme? But iChat Server = Jabber.

Mobileme is a Joke and won’t use it. But it is a sad thing because I and many other people are thinking in a way: If Apple is doing so bad with mobileme from a security standpoint -> how is Apple doing with e.g. OSX?

Since some months Apple is on the way to achieve a bad reputation. Apple = insecure? In this way users (not fanboys) are thinking in some german bulletin boards, also because Apple needs to much time for patching.

Example:

“Team (CERT), privately notified all affected vendors, including Apple, by May 8; Apple was specifically notified on May 5. They then waited two months until July 8 to publicly notify the rest of the Internet community.

By July 8, guess who was the only OS vendor to not have patched their DNS? If you guessed “Apple,” you’re sadly correct. To add to the frustration, inquires by quite a few Apple customers only brought the standard PR boilerplate.”
http://www.macworld.com/article/134793/2008/07/apple_dns.html

3 solipsism { 08.22.08 at 2:31 am }

— I, for one, would prefer to have the extra layer of protection when reading my mail.

— Is the MobileMe syncing of Mac preferences sent encrypted?

— Apple will probably introduce FairPlay for MM which allows for proprietary encryption. Of course, you can send mail to people with MM accounts. :D

4 q { 08.22.08 at 2:42 am }

“Apple will probably introduce FairPlay for MM which allows for proprietary encryption. Of course, you can send mail to people with MM accounts.”

????
There is S/MIME and PGP/GnuPG for E-Mail-Encryption and Signing.

5 danieleran { 08.22.08 at 2:42 am }

q: Hotmail isn’t free if you want more than web access (such as basic IMAP so you can read it from a real email program or a mobile). A partial collection of MS and Yahoo services with some of the functionality of MobileMe would cost you and deliver less, without adding any security.

As for “less than average,” well, there is no equivalent service that compares to MobileMe right now, so that’s hard to calculate. There are a few things that compare to parts of it.

If you want encryption on your iDisk, you simply create an encrypted disk image with the level of encryption you want. Or several of them.

As for iChat encryption, MobileMe handles that itself. If you want to use an external Jabber server, you’d need to set up SSL encryption on that server. You can. How would Apple be able to do this for you?

And you’re asking why Apple partnered with AOL before anyone was using Jabber? And you’re also upset Apple offers Jabber Server with OS X Server?

You seem to have lots of uninformed anger that is simply misplaced. If the best example of security issues you can come up with is being slow to patch a DNS flaw that didn’t affect anyone, perhaps you need to look up better examples of why you are so intently interested in not using Apple’s products. There are no other platforms to choose from that do not have open vulnerabilities.

I’d suggest exercise and maybe drinking more water.

6 solipsism { 08.22.08 at 2:45 am }

@ q,

It was not to be taken seriously.

7 q { 08.22.08 at 2:56 am }

“Hotmail isn’t free if you want more than web access”
So and this is an excuse for mobileme? There are other EMail-Services in the world with SSL.

“As for iChat encryption, MobileMe handles that itself. If you want to use an external Jabber server, you’d need to set up SSL encryption on that server. You can. How would Apple be able to do this for you?”

How do I use OTR or GPG-Encryption in iChat? It isn’t possiblle!!!

“And you’re asking why Apple partnered with AOL before anyone was using Jabber?”

OK, but now it would be nice using Jabber instead the Oscar-Protocoll. Apple would give a big push to Jabber and they would be independent. In Jabber you can use also transports.
.mac -> mobileme != oscar -> xmpp

“And you’re also upset Apple offers Jabber Server with OS X Server?”
No, it is a good thing!!!

“DNS flaw”
It was just an example. In general Apple needs a lot of time for patching.

I am using a Mac!!!

What about file vault?
http://events.ccc.de/congress/2006/Fahrplan/events/1642.en.html
“On 31 July, 2008, Brian Krebs posts on his Washington Post blog, that Charles Edge, an American researcher from Georgia, found a security hole in FileVault and had to withdraw from a speech about it at the Black Hat Security conference.”
http://en.wikipedia.org/wiki/FileVault

8 Silver_Surfer1931 { 08.22.08 at 8:02 am }

Daniel:
Good article. As always, you cleared up a lot of the misconception–for me, at least. I read those articles you cited yesterday prior to your written response. When I read those articles, I said to myself, maybe Daniel should response to this mess. Lo and behold! Here I am reading your response…damn, you’re good.

Keep up the great work that you do. Your knowledge is especially helpful to non-techies like me.

9 brett_x { 08.22.08 at 10:02 am }

Good article. However, it’s a bit strange to see you defend your own article without being open about that point. It’s a bit like Dan Lyons talking about FSJ as though he’s a different person. I think you might get some flack about that from the other bloggers.

10 John Muir { 08.22.08 at 10:56 am }

Brett’s right. This should probably be in Prince’s pen and up at AppleInsider where these bloggers found the article in the first place.

As for the SSL lock icon: could a better placebo have ever been conceived? Absolutely every non-techie thinks it means 100% secure, “because it’s a lock!” Best of all, the warning panels browsers present whenever they detect trouble are as instantly dismissed as Vista UAC popups. Gah!

That episode of the Simpsons was right. All Homer really needed was a toy to keep pressing confirm! :P

11 danieleran { 08.22.08 at 3:15 pm }

“Should” is a big word.

There are various reasons for posting it here instead, with the loose wording.

12 John Muir { 08.22.08 at 3:17 pm }

Someday we must get to the bottom of this alter-ego thing. ;)

13 webheads { 08.22.08 at 3:34 pm }

Great Article Daniel. I have respected your articles for a long time now and often reference them when considering computer questions.

I have a question for you. A great deal is being said lately about security on the Mac, it’s as though people want to create a belief that Macs have security problems just so they can criticize Apple. But I have been online with a Mac for almost 12 years now and I have yet to encounter a security problem either with a virus or my email being compromised or with malware. However, 2 years ago I used my sister-in-law’s windows laptop to surf the web and in under an hour I had such bad security issues and malware downloads that the Hard Drive became so slow and bogged down it had to be completely erased. If security is such a big issue, and apple is so bad at implementing security on their products and simply doesn’t care about security, then why is it that I am having no troubles with security on my Mac, online or otherwise? Some like to say it’s just because Macs are not as popular, but you have dispelled that myth here before.

Can you provide some real world documentation of where Mac computers have been hacked or security has been breeched due to security flaws in Apple’s products? Maybe some situations where a person’s or company’s finances have been compromised and the thieves have made off scott free with all the money? Something like that. I need to see some real world evidence that security is an issue on the Mac before I can start getting worried about it. I have seen a few phishing emails before but nothing that I wasn’t too stupid to ignore. I guess what I’m asking is are they any great security loop holes out there for the Mac that are currently being exploited that can really do some damage that we should all be worried about? I’m not sure, maybe there is? Is there a great and terrible phishing email out there that is making millions off of unsuspecting Mac users and laughing all the way to the bank? Or is all this fuss really for nothing? I mean it’s great to create security systems before security loopholes are found by the hackers but at the same time I don’t see any real world evidence of security exploits on the Mac and therefore I don’t see the justification for the recent rash of Apple security bashing. The world will end in 1 million years, is anyone worried if their affairs are in order? The Mac maybe could have security concerns, but until it does, should I worry about it?

Thanks
Webheads

14 How secure is MobileMe? | Stan's List { 08.24.08 at 12:54 am }

[...] RoughlyDrafted does a critic of several articles, with links back, on the level of MobileMe security, if any. The security is varied and depending on what area, whether desktop or web. What does this mean with email, calendar, data and web access? A good read. [...]

15 The Scred Blog » Apple’s lax security with MobileMe { 08.27.08 at 8:22 am }

[...] MobileMe’s webmail and Apple’s iDisk are not encrypted. Discussion of this available here and [...]

16 Google’s Android Market Guarantees Problems for Users — RoughlyDrafted Magazine { 08.29.08 at 3:48 am }

[...] Is Apple’s MobileMe Secure? [...]

17 Why Google’s GMail SSL Doesn’t Really Protect Users From Spoofing — RoughlyDrafted Magazine { 09.05.08 at 2:13 pm }

[...] Is Apple’s MobileMe Secure? MobileMe identity crisis. That’s not to say Apple hasn’t delivered its own unnecessary warnings. Users of .Mac received a similar error message from Mail at the transition to MobileMe. The warning complains of an invalid security certificate because of a host name mismatch. While not worded in the same high fear panic of Chrome, Apple does warn that this could put ”your confidential information at risk.“ [...]

18 Is MobileMe Secure Enough for Your Data? | The iPhone Blog { 09.05.08 at 3:55 pm }

[...] the web went wild. Daniel Eran Dilger, took the crown off to retort them all over at Roughly Drafted: For the record: Apple’s MobileMe desktop email can be secured via encrypted SMTP and IMAP; Apple [...]

19 Is MobileMe Secure Enough for Your Data? | iPhone The Solution 3G { 09.05.08 at 5:06 pm }

[...] the web went wild. Daniel Eran Dilger, took the crown off to retort them all over at Roughly Drafted: For the record: Apple’s MobileMe desktop email can be secured via encrypted SMTP and IMAP; Apple [...]

20 Is MobileMe Secure Enough for Your Data? at iFonePlanet.com { 09.23.08 at 3:42 pm }

[...] the web went wild. Daniel Eran Dilger, took the crown off to retort them all over at Roughly Drafted: For the record: Apple’s MobileMe desktop email can be secured via encrypted SMTP and IMAP; Apple [...]

You must log in to post a comment.