Apple has an application that users messages lets to encrypt, and in the description referred to the U.s. secret service, NSA, banned from the App Store. Now that reference is removed, the app is still approved.
When developer Martijn Koopman the encryption app submitted to the iOS App Store, be Apple the app because of the reference to the NSA, it appears from the email that Merchant from Apple got. “We have concluded that the metadata of the application contains information that is not relevant to the content of the application and the functionality,” writes Apple in the mail.
In the description of the app, it wrote ” Merchant: “are you shocked by the revelations about the NSA and other secret services?” By the reference to the NSA, the application is still approved, says Koopman. “I have the text modified and sent back,” said Merchant. “Then he was again rejected, because there is still a reference to the NSA in the screenshots was.” Now that reference is gone, the application is approved. Apple was a Friday afternoon not be reached for comment on the matter.
The app, Secutext, let users through WhatsApp, iMessage and other messaging services encrypted messages to send. This is the message through the app with a 256bit-aes key made unreadable, after that he through the regular channels is sent. The recipient must click on the link in the message to the app in Secutext to open and read.
The app to the first 25 received messages are free; after that, through an in-app purchase of 99 cents to be paid to unlimited text messages to receive. Merchant think after about an Android version. “I still have no idea how this is effective, but if after the NSA revelations there is a market for shows, then I want it to develop.”
In the safety of the application is to make a side note. The application uses no public-key cryptography, but a shared key. Shared keys must be on a monitored channel to be sent to the secret to keep; something that public key cryptography does not have. In the app is a part of the key, however, is included in the message itself; the rest is static and sits in the app. Because the shared key is partly in plaintext is sent, an attacker can full key find out when the rest of the key know, for example, by the application to reverse-engineer. Even the developer itself can messages of users in theory be able to decrypt.
Apple is known for its reluctant admissions in the Apple Store. So at the end of november a application with images of Black Pete’s blocked, because that would be offensive would be. Also a news app from the website TabletGuid was excluded, because the site is not only about the iPad but also on competing tablets wrote. Also, Apple is very critical of apps with sexual imagery.
