Hacker News new | ask | show | jobs
by deeter72 1806 days ago
Why would Google even attempt to spy on those patterns? it serves no purpose and how do you justify employee time spent for such useless things? Not to mention apple proxies all requests through their servers rendering such analysis utterly useless to begin with.
3 comments
tgragnato 1806 days ago
On one occasion the traffic to google cloud is systematically not proxied: every time one sends an attachment in iMessage, the file (or the media) is encrypted on device and sent to gcs-{eu,us,asia}-00002(?).content-storage-upload.googleapis.com, received from gcs-{eu,us,asia}-00002(?).content-storage-download.googleapis.com

This should be pretty visible to Google, the rest of the traffic is handled better.

link
spookthesunset 1806 days ago
How do both parties determine the keys used during a conversation?

Are they making heavy use of public key cryptography? If so how? When I send a message to you, do I encrypt it using your public key? What about group messages? Does each conversation get its own key pair?

Also it’s interesting they decided to directly hit up google cloud… you’d think they would wrap it so at minimum they could tweak the underlying infrastructure without requiring every client to update.

link
tgragnato 1806 days ago
> How do both parties determine the keys used during a conversation?

They don’t: public key cryptography is not initially used.

The sender generates a random AES-256 key, applies it in CTR mode and uploads the encrypted blob to GCS.

Every receiving device gets a message with the key, the URI, and the SHA-1 of the blob. These messages are encrypted as usual and sent via APNS (<n>-courier.push.apple.com:5223)

> you’d think they would wrap it so at minimum they could tweak the underlying infrastructure without requiring every client to update

Apple does this: two other endpoints are *.blobstore.apple.com and the Chinese Guizhou-Cloud Big Data.

In my logs blobstore is used less than 1% of the time.

link
zaphirplane 1806 days ago
So the bucket is open to the world to write
link
tgragnato 1806 days ago
No? https://cloud.google.com/storage/docs/access-control

It just means Google may provide access to metadata outside of Apple’s control. Those metadata could be useful to do classification of anomalies on the basis of pattern of life analysis, or similar.

link
swiley 1806 days ago
>Why would Google even attempt to spy

What?

link
bubersson 1806 days ago
You underestimate the amount of Google employees spending time on useless things.
link