Well here is something for you to read, if you are a Chinese Citizen living in China, then these messages can be seen by the Government because iCloud data must be stored in China.
Yeah, ok, try harder than a Reddit thread where supposedly authoritative commenters can’t even spell encrypt.
The idiot pmendes is wrong (if he was correct then no one knowledgeable on the subject would classify that system as E2EE - something more to read about). The encryption keys are not managed in iCloud which you can read yourself:
iCloud backup is an opt in feature - you use it full well knowing it effectively damages the affordance of E2E regardless of locale if ADP is not available.
> The idiot pmendes is wrong (if he was correct then no one knowledgeable on the subject would classify that system as E2EE
What exactly is pmendes wrong about? Are you referring to this comment:
> In iMessage the message contents are in fact end to end encripted. Each device encripts the message using the recipient keys and then sends the message. The problem is that iCloud manages the keys by itself so you have no way of knowing who is the exact owner of the key. Addionaly, on group chats, they don't even need to be a man in the middle. They can just add their key to the list of encription keys for that chat, and receive a copy of each message.
What's wrong there, aside from spelling? The nit I would pick is that in "iCloud manages the keys", I would change "iCloud" to "Apple" or "Apple's IDS".
How, specifically, does iCloud backup damage the affordance of E2E? This doesn't make any sense.
If you have somebody's GPG public key, you can encrypt a file to that public key and then put up the encrypted file on a public FTP site [0], whence they can download and decrypt it. iMessage does nearly exactly that, except that 1) Apple's identity service effectively solved the key distribution problem, 2) the messages are, even though already encrypted, themselves also transmitted by encrypted channels to Apple's servers during transit.
[0] Well, I wouldn't do this if I were at all concerned about the contents because it doesn't allow for forward secrecy.
If you’re going to classify every critical fact as a “nit” then nothing is ever wrong.
IDS vs iCloud is far more than a nit. They’re completely different services. iCloud is run by a 3rd party in China, this is well publicized, whereas IDS is not. So that’s like not a minor detail.
iMessage does not depend on iCloud. You don't need an iCloud account. These are unrelated.
Contact key verification is a more recent addition, and again not dependent on iCloud.
> How, specifically, does iCloud backup damage the affordance of E2E?
Just saying, you can sync your data to whatever encrypted or unencrypted service you want if you choose to. This may diminish the value to the end user of E2EE but it is unrelated.
I'm not the one that brought up iCloud first. Take that up with the original commenter.
I was looking around to see what china has access to after seeing this post... However, people mention their messages can only be visible if icloud backups are enabled? Seems risky to trust either way.
People should read actual documentation and expert or academic writing rather than a bunch of terminally online nerds on Reddit.
I’ve seen nothing credible that the E2E for iMessage and FaceTime isn’t as advertised. If you backup to the cloud you’re electing to disclose your data outside the boundaries of encryption.
Then they should read the leaked government documents from around the world that contradict what Apple says themselves. Failing that, they should at least be able to read the actual code to corroborate its security, but that's not an option either.
> Then they should read the leaked government documents from around the world that contradict what Apple says themselves.
On what specifically?
> they should at least be able to read the actual code to corroborate its security, but that's not an option either.
Why does that matter? You're already trusting Apple hardware. Public access to source code doesn't make security systems safer. I'm not sure what a journalist or even 99% of webshits on this forum would do with trying to audit crypto.
For starters, PRISM and XKeyscore. Both are damning indictments of the state of surveillance a decade ago, and are so damaging that pretty much every FAANG company denies knowledge of their existence. PRISM was about the outreach the US government has with domestic companies, and XKeyscore showed just how far those connections could be abused.
Simply the fact that these leaked documents exist and Apple denying them is a contradiction. Everything else is speculation, but my brain can imagine a lot happening over those past 9 years.
> Why does that matter?
Accountability purposes.
> You're already trusting Apple hardware.
Ideally I don't do that either. I'm not a fan of closed firmware interfaces and if possible, I'd like to audit the code for those as well.
> Public access to source code doesn't make security systems safer.
The majority of networked servers online today beg to differ. Over time the industry actually found that it's much safer to use an open and transparent OS than it is to trust a black-box with UB that may-or-may-not be fixed.
> I'm not sure what a journalist or even 99% of webshits on this forum would do with trying to audit crypto.
This speaks to a lack of either experience or imagination, I can't tell which.
https://www.reddit.com/r/ios/comments/cskufy/imessage_encryp...