Hacker Read

swiley | karma 10155 | avg karma 1.92 · 2021-05-26 11:50:49+00:00

Most modern servers use TLS so it isn't any worse than imessage.

nixgeek | karma 2441 | avg karma 3.96 · 2021-05-26 08:06:12

This is incorrect. iMessage is E2EE, which IRC is not.

swiley | karma 10155 | avg karma 1.92 · 2021-05-26 08:45:00

Even if iMessage is E2EE (I don't think it is) the backups mean the messages end up on Apple's servers unencrypted. Either way Apple is able to access them when subpeonaed.

samtheprogram | karma 924 | avg karma 2.94 · 2021-05-26 15:28:06

It is E2EE, and the backups on Apple's servers are encrypted. However, if you also have iCloud Backup turned on, the encryption key is backed up plain-text [1][2], so the effect ("Apple is able to access them when subpeonaed" sic.) remains the same in those cases, but it can be configured/avoided.

[1]: https://support.apple.com/en-us/HT202303 [2]: https://www.reddit.com/r/apple/comments/8nbgyu/messages_in_i...

reply

swiley | karma 10155 | avg karma 1.92 · 2021-05-26 17:01:50

Do you use imessage in any groups were there isn't at least one member that has iCloud Backup turned off? I don't know a single person with it off.

nixgeek | karma 2441 | avg karma 3.96 · 2021-05-29 19:43:32+00:00

Yes, several, they mostly all work in security and actually read the Platform Security Guide and made a decision the inconveniences were outweighed by the strengths of not storing that key.

Remember also that subpoenas rarely permit “fishing expeditions”, so if they want your iMessages, can convince the judiciary you have potentially committed a crime, your key not being stored and the E2EE nature doesn’t always mean a judge is going to let LE go after Bob, Joe, Bill and everyone you have messaged with and demand Apple hand over all their iMessages (if they have backups enabled).

reply