Hacker News new | ask | show | jobs
by gruez 849 days ago
>The only solution to that right now is for you and your contact to turn on Advanced Data Protection

or don't use icloud backup. Also, confusingly "messages in icloud" is end to end encrypted, and enabling it disables messages for being included in icloud backup.
3 comments
sneak 849 days ago
If everyone you iMessage with has iCloud Backup still enabled (and I guarantee you 100% that they do because it is the default), then you turning yours off does nothing, as all of your conversations remain readable by Apple via the escrowed keys of the other endpoints.

iMessage is not e2ee.

link
tptacek 849 days ago
It does not appear to be the default.
link
sneak 848 days ago
Wanna bet? Perhaps I should make a video.
link
modeless 848 days ago
You absolutely should, I've been wondering if there was a video somewhere showing the defaults during setup.
link
modeless 849 days ago
> "messages in icloud" is end to end encrypted, and enabling it disables messages for being included in icloud backup.

This is misleading at best. Careful reading of Apple's disclosures reveals that the "messages in iCloud" encryption keys are still included in iCloud backups, giving Apple the capability to decrypt your messages on demand for law enforcement or for any other reason of their choosing. The messages may not be in your "iCloud backups", but that's just because they are stored on Apple's "Messages in iCloud" servers instead. Apple still has them and the keys to decrypt them.

https://support.apple.com/guide/security/security-of-icloud-...

> When iCloud Backup is turned on, the backup includes a copy of the Messages in iCloud encryption key so Apple can help the user recover their messages even if they have lost access to iCloud Keychain and their trusted devices.

link
snowwrestler 849 days ago
Just a bit lower on the same page:

> When iCloud Backup is turned on, everything inside it is end-to-end encrypted, including the Messages in iCloud encryption key.

Meaning that Apple does not actually have access to that key, because it is encrypted before being saved to their servers.

link
modeless 848 days ago
This is misleading, again. The paragraph you quoted only applies with optional "Advanced Data Protection". Advanced Data Protection is off by default. In the default state Apple does have access to the Messages in iCloud keys in iCloud Backup, as I said.
link
alphabettsy 848 days ago
Yep.

Table is here: https://support.apple.com/en-us/102651

link
tsunamifury 849 days ago
Nothing is secure that goes to a server. Period.

Apple turned over iMessage conversations between journalists and senators at Trumps request. They encrypt but give away the keys in many jurisdictions.

link
gruez 849 days ago
>Apple turned over iMessage conversations between journalists and senators at Trumps request.

source?

link