A solution for Apple would be to store public keys locally in a protected database within iOS, as then the keys could be compared, Cattiaux said. As part of their presentation, the researchers released an application, "MITM Protect," for jailbroken devices that allows for such a comparison.
Trusting someone to manage keys on your behalf is no more secure than trusting them with plain, unencrypted text, Marlinspike said. "iMessage isn't really 'end-to-end' encryption in the sense that phrase intends to convey."
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk