I feel sort of bad writing about this, since to illustrate my point, and to satisfy my own curiosity, I engaged in what I would call an invasion of someone’s privacy. A very light invasion of privacy, but an invasion nonetheless. That said, I think it brings up a fairly interesting issue that individuals need to think about, and Apple should probably provide some guidance on.
One of the most exciting features of iOS5 for me is iMessage. It’s certainly not the coolest feature, but I’m excited about it for the reasons Techcrunch cited on the day iOS5 was released. Since iMessage can spot whether someone you are messaging is also using an iDevice, it can route the message outside the telco’s SMS network, saving you the somewhat ridiculous fees incurred for sending SMS messages. This is a significant threat to the relatively easy money carriers are generating through activity which isn’t really that data intensive. It’s nice to see the cozy control the carriers have exercised over short messaging being disrupted by a free service suddenly available to tens of millions of users around the world.
But the implementation of iMessage brings up a privacy issue which I’m not sure has been widely discussed. If you have an iPhone, your phone number is automatically associated with your device on the iMessage system. So what happens is, if two iPhones are using the iMessage app, Apple knows. Even if you message your buddy at his phone number, the message gets routed via Apple and the Internet to your buddy’s phone. Each party saves the SMS fees. You’ll know you are outside the carrier’s network and using Apple’s system if you see the word “iMessage” in the input box of the application, instead of “Text Message” or “Message”. Message bubbles and the “Send” button will also be blue, instead of the usual green.
But it goes further. iDevices not associated with a phone number can also participate in conversations through iMessage. You do this by associating the device with your Apple ID. Optionally, you can also do this with your iPhone. This can come in handy for a few reasons. For example, you could associate you wifi only iPad and your phone, and if you receive an iMessage on your phone, you’ll also get it on your iPad. You can also associate multiple email addresses with your Apple ID, effectively making yourself available on any iDevice on the iMessage network on any email address you’ve ever been known by.
Here’s the thing though: Almost any messaging system that incorporates the immediacy of the phone is permission based. Blackberry users can’t send each other BBM messages unless they’ve sent each other their PINs. Twitter users can’t send each other DMs unless they are following one another. People can’t send you a text unless they have your phone number. Now, you didn’t always give the sender your phone number, but unsolicited text messages are pretty rare given the control that the carriers exercise over the system and the cost involved. And a text sent to someone you don’t know very well is far more intrusive than an email especially given that you may be incurring fees for them as a result.
You might think there’s no difference between an iMessage and a text message. But one big difference is this: If I wanted to send a text message to someone I didn’t know (say, a famous person, or a CEO), I couldn’t, because I don’t know their cell number. I can send them an email, but that’s far less intrusive and easier to ignore. With iMessage, I can actually confirm whether an email address is associated with an Apple ID, and a particular iPhone, iPad or iPod Touch. I can just type an email address into the “To:” field. If the text in the input changes to “iMessage” and the “Send” button turns blue, I can send that person a message.
To be clear, you can still turn on iMessage on your iPhone without associating it with an Apple ID. But you will lose some of the nifty functionality such as receiving texts simultaneously on multiple devices, or the clever account sharing tricks described in this article over at Lifehacker. The thing about email addresses is that they are pretty easy to guess. And while your main email address isn’t necessarily your Apple ID, for convenience, many people will choose this to be the case. As a result, it’s possible that many people are opening themselves up to a pile of unsolicited messages.
To test this theory, I started going through my contact list. I have a friend who has used a VOIP service as his main line for years. He has a universal number service that rings all of his phones and he NEVER shares his cell number, so nobody can send him text messages unless he specifically shares his number with you. To my knowledge, he rarely, if ever, does that. So I typed his email address into the “To:” field, and sure enough, the input text changed to “iMessage” and the “Send” button turned blue. Now I can text him, even though he specifically doesn’t want me to. As far as I know, so can anyone else. I tested this with a few other email addresses of friends and colleagues too.
But then I thought, “hey, what if I can guess other people’s Apple IDs”? Not the nicest thing to do, but I started to think of some public figures who are known to be iPhone users. I read that Apple co-founder Steve Wozniak likes to be first in line at his local Apple store when a new product comes out. Now, I’m not going to publish his email address, but he has a pretty public profile and is known to answer emails on his blog. His email wasn’t hard to guess. I typed it into the “To:” field and watched in amazement as the “Send” button turned blue. I now had a direct line to Steve Wozniak’s phone. I have nothing to say to Woz, but I find it kind of shocking that I could reach him so easily and so personally if I wanted to. And I’m pretty sure that if I cared enough, and spent enough time, I could guess more than a few Apple IDs of public figures.
Now, there’s a way around this of course, but I’m pretty surprised that the system isn’t permission based to begin with. This strikes me as a massive trust hole for fishers, spammers and hackers to exploit. But for the record, this is what you (and Woz!) might want to do:
- Turn off iMessage altogether. If you already pay for unlimited texting, and aren’t really all that fussed about how much of a rip off texting plans are, just turn off iMessage. Texting will work as before and people won’t be able to get to you unless they have your phone number
- Turn off your Apple ID on your iPhone. You can use iMessage, but other people will only find you if they have your phone number. If you’re texting to another iPhone, it won’t count against your texting plan. You won’t be able to get you phone’s texts on multiple devices, but that shouldn’t bother many people, as before iOS5, you didn’t even have this option
- Set up a specific Apple ID for this purpose, and don’t share it with anyone.
- Set up a specific email (or multiple emails for multiple people) to use on your phone that you only share with trusted contacts (such as [email protected]).
And don’t bother Steve Wozniak or any other public figures. I don’t think they’d appreciate it or think it was funny in any way.