Hacker News new | ask | show | jobs
by nullc 1411 days ago
I wonder how many people are murdered each year due to communications platforms that haven't implemented end to end encryption for private user communications, since all these large platforms are easily infiltrated by agents of homicidal regimes.
2 comments
sneak 1411 days ago
Apple has access to the plaintext of pretty much every iMessage and the vast, vast majority of iOS users' photo libraries.

They are required to turn over data to the US federal authorities without a warrant (under FAA702), and they do this over 30,000 times per year per their own transparency report.

The mind reels. Can you imagine how much this is used for blackmail, extortion, coercion, parallel construction, etc?

link
zip1234 1411 days ago
Is iMessage not end to end encrypted? Facebook Messenger has end to end encryption. How does Apple not?
link
sneak 1411 days ago
iMessage's "end to end encryption" has a key escrow backdoor which sends your endpoint keys to Apple and is maintained for the FBI. It's more like "end-to-end-and-Apple encrypted".

It's "end to end encrypted" but then the device's private iMessage syncing keys ("Messages in iCloud") are included in an iCloud Backup, which is not end-to-end encrypted, backdooring the crypto. This means that Apple can decrypt the iMessages as they transit Apple's servers in realtime, using the device private keys you backed up (without e2e) the previous evening.

Even if you turn off the non-e2e iCloud Backup backdoor, your iMessages will still get compromised because it's on by default and all of the other people you iMessage with haven't turned it off.

https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...

iCloud Photos isn't end to end encrypted at all. It syncs every photo you take to Apple servers effectively unencrypted. Apple can see all of them, and so can the US government (without a warrant). Turning off iCloud is indeed an effective mitigation for this, which keeps your photos on-device.

link
radicaldreamer 1411 days ago
Twitter or Facebook is one thing, but imagine the iCloud hacks (not the ones which exfiltrated porn, some apparently single actors using home connections) but those from nation states targeting individuals.

I'm sure the death toll is large and the harassment tool even higher.

link