|
|
|
|
|
|
by xoa
1547 days ago
|
|
|
>iCloud Backup OK so that doesn't support what you said at all. That's an optional feature (that I do not use), and it's not in any way a "backdoor". Unencrypted backups are a front door. Yes, that iCloud Backups aren't E2EE is bad. Arguably worse (and this would be a more productive area for the EU and others to focus on) is that they're the only general wireless option, that's MUCH more of a nasty tie than messaging. iOS should have a standard API for backing up that any service at all (including a server one runs themselves) can implement and then get pointed at. But none of that is a backdoor in the encryption of iMessage and you do the whole space a real disservice by conflating them. |
|
|
It doesn't matter. Everyone you chat with uses it because it's on by default, so all of the iMessages you send and receive are backed up in effectively plaintext to Apple (who turns them over to third parties).
> But none of that is a backdoor in the encryption of iMessage and you do the whole space a real disservice by conflating them.
Unencrypted (or encrypted to the ZK middle service, in this case Apple, being the operator of both iMessage and iCloud Backup) key escrow of end-device secret key material in a system that is advertised as end-to-end encrypted is indeed a backdoor in the end-to-end encryption of that system, as now the secret keys don't exist just on the endpoints - the transit service in the middle has a copy of them, allowing message decryption on a non-endpoint as they transit the middle service.
That is definitionally not end-to-end encrypted. It's end-to-middle-and-end encrypted if the middle device has a usable copy the endpoint secret keys, which Apple does.