[modeless]

It's not strange in the slightest. Apple deserves criticism until they fix this. They're going around claiming "end-to-end" and people don't understand that they are constantly handing over people's decrypted messages to law enforcement. It's misleading at best; I call it fraud. It's not as though Apple is merely failing to prevent a third party from breaking their end-to-end encryption here. Apple does it itself! iMessage and iCloud are not separate companies operating independently. The right hand knows what the left is doing!

This is not a UX issue or an engineering issue. Apple already built end-to-end encryption for sensitive data types that is still recoverable from backups even if you lose all your devices and forget your iCloud account password. They do it the same way Google does, and they already use it by default for important stuff you don't want to lose like passwords stored in Keychain and health data and a bunch of other stuff too. Literally all they need to do is store the iMessage encryption keys in this system by default. They continuously choose not to, and the reason is reported by Reuters to be a secret compromise agreement with the FBI. https://web.archive.org/web/20200121123026/https://www.reute...

[xoa]

>It's not strange in the slightest.

It very much is strange.

>Apple deserves criticism until they fix this.

There's nothing to fix, or rather they already "fixed" it by offering an E2EE iCloud backup option to go along with local backups. As I said I think backups should simply be fully under owner control, but as it stands there is absolutely no need to backup without full key control should people wish. And even before that there was no need to use iCloud Backup. I never have. But that has tradeoffs, and it's perfectly reasonable people may choose to make different ones.

>They're going around claiming "end-to-end"

Correctly. By your twisted definition, there is no such thing as E2EE for any transport in existence because the ends might then do something you don't approve of with the data they own. HTTPS? Not E2EE. SSH? Not E2EE. WireGuard? Not E2EE. Which is completely ludicrous and a total perversion of the specific, important role E2EE plays.

>They already built end-to-end encryption for sensitive data types that is still recoverable from backups even if you lose all your devices and forget your iCloud account password

No, if you use their full E2EE options, any of them, and you lose all your devices, your password, and recovery key (including any backups you've chosen to make on your own), you are hosed for any of the data that is E2EE protected. Like, by definition? Because otherwise it wouldn't be E2EE! The fallback when ADP is not turned on and someone is using iCloud Backups is that Apple does have the keys, that's the point.

There is literally no way around this, it's just definitional. If Apple has, somewhere in the stack, the keys then it can be compelled (or choose) to share them or share access to the data, but they can also help the owner recover if all else is lost. If the owner has exclusive access to all keys then the owner has exclusive responsibility. You can certainly have the opinion that Apple should make that latter the default of only choice. I certainly have the opinion they should offer more choice period. But that's still all orthogonal to the transport mechanism. You can have ultra locked down encrypted devices, and then go to a plain vanilla HTTP website or use telnet for administration and any MITM can see what you're doing. There could be a rootkit on your system that's grabbing everything right out of memory. That doesn't mean random MITMs can see what you're doing either if the transport is E2EE. All of these are important components of the overall security picture, but they're all different ones.

>is reported by Reuters to be a secret compromise agreement with the FBI

Read your own articles you link. That's a 2020 piece on Apple dropping old plans for owner key control of all private iCloud data. But specifically following the outcry there two years later Apple introduced "advanced data protection" that does precisely what that article is complaining they didn't earlier [0]. It got lots of coverage at the time. They explicitly cover how data is stored afterwards [1]. So people can turn that on. The Reuters piece is obsolete.

----

0: https://www.apple.com/newsroom/2022/12/apple-advances-user-s...

1: https://support.apple.com/en-us/102651

[modeless]

> There's nothing to fix

The default. They need to fix the default.

> By your twisted definition, there is no such thing as E2EE for any transport in existence

What a ridiculous misunderstanding of my position. iMessage and iCloud are inseparable parts of the whole of iOS, all from the same company, and their default configuration is not end-to-end encrypted. My position is that it is fraudulent to treat them as if they were separate to claim "end-to-end" encryption in only part when it's broken by the other part by default. Plenty of other systems are legitimately made of multiple parts by different companies and can claim end-to-end individually when their defaults are appropriate, even if they aren't when combined together by users in non-default configurations. There is no contradiction here, it's quite unambiguous.

> No, if you use their full E2EE options, any of them, and you lose all your devices, your password, and recovery key (including any backups you've chosen to make on your own), you are hosed for any of the data that is E2EE protected.

This is false. Apple and Google both now have a system that uses your phone passcode (distinct from your account password and practically impossible to forget as it is so short and you practice entering it literally every day) as the key to unlock your encrypted backups. They use secure elements in the datacenter to protect the weak passcode from brute force attacks, even from themselves.

> The Reuters piece is obsolete.

The Reuters piece is as relevant as ever until Apple changes the default for iOS so that Apple can't read the vast majority of all iMessages.

[xoa]

>The default. They need to fix the default.

No, they do not. That you don't give a shit about people losing data is a value tradeoff you believe in, but you've got a lot of work to argue it's an objective universal.

>What a ridiculous misunderstanding of my position.

It's amazing how you can say this with a virtual straight face, then immediately go on to directly argue that yep, that's your position.

>iMessage and iCloud are inseparable parts of the whole of iOS

They literally are not. Local syncing of iDevices predates iCloud backups even existing as a feature. You do not need to use iCloud Backups or data syncing. I never have. But if this logic applies, then it applies to everything! You can sync Safari browsing history, state etc too. Apps can sync data as well. So that must mean HTTPS is somehow no longer E2EE either. Unless you turn it off. Then magically it becomes E2EE? Be consistent.

>and their default configuration

This is a goalpost shift and stupid.

>My position is that it is fraudulent to treat them as if they were separate to claim "end-to-end" encryption in only part when it's broken by the other part by default

Because somehow you don't understand what E2EE even is. E2EE in communications solves one, specific and very important problem, which is data in flight. iMessage, HTTPS, or whatever else being E2EE, is a meaningful and significant difference then SMS or HTTP. It changes which potential actors can access that data, and how. End point security is an entire different problem with different sets of tradeoffs.

You're just objectively wrong and muddling an important distinction. Also, if you actually think it's "fraudulent" then by all means, sue them for false advertising, or contact your local authorities in charge of that. Good luck!

>This is false

Nope, it's correct, but there's a bit of a pattern here.

>Apple and Google both now have a system that uses your phone passcode (distinct from your account password and practically impossible to forget as it is so short and you practice entering it literally every day)

My phone password is 21 characters long and I almost never enter it because of Face ID. I'm starting to wonder if you actually own and use iDevices at all or if you're just regurgitating stuff you've read on the web? Even for people just using PINs, the vast super majority make heavy use of biometrics to the extent that Apple forces people to unlock once every few weeks just to try to help make sure they remember. But people forget anyway. Older people or those with other forms of memory loss forget a lot of simple stuff, including their own phone numbers, all the time. People have accidents. One of my cousins just got hit by a car while riding his bike and suffered a bad concussion followed by a long period of amnesia. At Apple's scale they absolutely need to, and should, care about such things.

You just said it was wrong that if someone loses their passwords (and PINs are just a kind of password, "something you know"), they are hosed on the data because... uh... people don't forget! Wild.

>The Reuters piece is as relevant as ever

Nope, it was specifically about there not being an option, at all.

[modeless]

> You do not need to use iCloud Backups

You do if you want cloud backups (as most people do), because Apple prohibits you from doing it any other way. You can't uninstall the iCloud backup software, you can't replace it, and you can't buy an iOS device without it. It's literally inseparable from iOS by Apple's design, and iMessage is too in exactly the same way.

> So that must mean HTTPS is somehow no longer E2EE either

Safari doesn't backup the contents of your HTTPS connections to Apple, nor even the URLs for the vast majority (only top level page navigations are stored in history). The analogous situation would be if Safari would relay all the content of every HTTPS connection to Apple servers along with the keys to decrypt it. Maybe you would defend such a system as "end-to-end encrypted", but you would be in a very small minority.

> My phone password is

... completely irrelevant. Who cares? You're not seriously arguing that 21 character phone unlock passcodes are typical? We're talking about defaults here.

> I almost never enter it because of Face ID

I was wrong. I thought that you had to enter the passcode at least once daily, but it's actually at least once weekly. However my point stands. It's extremely unlikely for the vast majority of people to forget their passcode, which is distinct from their account password, which is almost invariably very short, and which they practice entering at least weekly.

As for the edge cases you mention, every system has edge cases. The non-E2EE account recovery case has edge cases too. It requires navigating Apple's support process and proving your identity via whatever means they request which not everyone will be able to do successfully. Also it's vulnerable to social engineering attacks on the support reps. No system is perfect. If the forgetting issues were so bad, then Apple wouldn't by default encrypt Keychain passwords with true E2EE. Losing those is actually super inconvenient too, but Apple has no problem with E2EE there. That's because law enforcement cares more about reading your messages than logging into your Reddit account (or they can just go to Reddit directly).

> PINs are just a kind of password

A very special kind of password which is by design much easier to remember and practiced more often. They are very different in practice, don't pretend there's no relevant difference.

> I'm starting to wonder if you actually own and use iDevices at all

I owned and loved the OG iPhone and many other generations too. Although my current phone is Android, I still use iPhones and iPads casually from time to time.

Look, I could continue all day, but long experience has taught me that it's pointless to argue with someone so clearly stuck in the reality distortion field. I believe I've made my points clearly for any other reader of this thread. I won't be responding further.