[kelnos]

I kinda agree with you, but I think there's also a reasonable argument to be made around the idea that a user might be super pissed off that Apple made the default be not secure against state actors.

Also, how many people actually care all that much about their message history? I know I do (and I have 1GB of SMS/MMS/RCS message history dating back to 2010 that I back up to GDrive nightly), but it seems to me that most people don't care about their message history that much?

[dwaite]

The nice thing is that there is now an advertised set of features to protect against state actors in the form of Advanced Data Protection, Lockdown mode and (soon) iMessage Contact Key Verification.

These all have significant usability impacts; I think Apple still has the correct defaults.

Finally, my understanding is that recovery keys are escrowed in a HSM separate from cloud hosting, and releasing an escrowed key is an audited event. My concern is mostly about actors accessing my data or surveilling me without transparency, as that gives no chance for accountability.

[kemayo]

I'll grant that what people really care about is their backed up photos, and there's nothing stopping Apple from having separate security strategies there.

That said, I suspect that there's more people out there who're going to lose their text history with their dead parent and be distraught over that, than who're going to be actively upset that the state can subpoena their messages.