[dgcupps]

That is true of any end-to-end solution. If you back up your private keys, anyone who has access to your backup would be able to access the encrypted messages. Remember, you can turn off iCloud backup if you're worried about Apple accessing your keys.

Ultimately, it's false to equate iMessage's encryption scheme, which is end-to-end, to an encryption scheme that requires a server to relay decrypted data.

[modeless]

> That is true of any end-to-end solution.

Utterly false. Real end-to-end encryption would encrypt the backup with a key that is not available to the backup service (e.g. derived from a passphrase not sent to the server).

Of course this system has better usability, which is why Apple does it. But it's still a farce to call a system where Apple has the ability to decrypt the majority of messages "end-to-end" encrypted. The fact that it's through the backup servers instead of the iMessage servers makes no difference.

What's more, it's possible to do better without sacrificing usability. For several years Android has been end-to-end encrypting backups using the user's lock screen passcode, with protection against brute force attacks provided by hardware secure elements. https://security.googleblog.com/2018/10/google-and-android-h...

[Dylan16807]

> The fact that it's through the backup servers instead of the iMessage servers makes no difference.

It makes a big difference. If I print out the texts I receive, it doesn't change whether the texting program is end-to-end encrypted. The same goes for backups. An unencrypted system-level backup doesn't mean that the program being backed up is failing at security.

It's bad that Apple doesn't let you encrypt your backups properly, but it's a separate issue.

[modeless]

What if the texting program has a built in feature to print the texts you receive and mail a copy to the company that wrote the program, and it nags you to enable this feature all the time, and most of your friends have it enabled? Because that's a lot closer to the scenario here.

> An unencrypted system-level backup doesn't mean that the program being backed up is failing at security.

iOS programs can choose how their data is backed up. iMessage isn't just getting its data stolen by iCloud accidentally. These backups are a feature of iMessage as much as iCloud. And besides, iCloud is made by the same company, it's not a separate entity.

[Dylan16807]

iMessage itself bugs you to enable backups?

> iOS programs choose how their data is backed up.

Well desktop apps don't. Would you say that no desktop app that saves its key can ever qualify as end-to-end encrypted?

> And besides, iCloud is made by the same company, it's not a separate entity.

I'm not convinced that's relevant to whether the encryption is end-to-end or not.

[modeless]

> Would you say that no desktop app that saves its key can ever qualify as end-to-end encrypted?

I would say that no app can qualify as end-to-end encrypted if a large fraction of users send their data to the maker of the app in a form that can be decrypted by the maker of the app, regardless of the reason.

[Dylan16807]

If iMessage was made by a third party and worked exactly the same then you'd have no objection to calling it end-to-end encrypted?

[diebeforei485]

Turning off iCloud backup is not a genuine choice, because it means you lose everything if you lose or break your phone (there is no other way to back up your phone except iCloud backup, Apple does not allow third-party phone backup services).

[dwaite]

You can do local encrypted backups to a Mac, either via to iTunes (<10.15) or Finder (10.15).