| It's well documented that the complete iMessage history (if the "Messages in iCloud" feature is disabled) or the endpoint iMessage sync keys (if "Messages in iCloud" is enabled, the default), are included in the non-e2ee iCloud Backup which is non-e2ee and readable by Apple. Approximately nobody has enabled e2ee for iCloud Backups (and approximately nobody wants to; they'd rather Apple be able to restore their photos and conversations when they've lost their phone and forgotten their password). Each and every night when plugged in every iPhone by default makes sure that Apple receives an Apple-readable copy of all of the photos and iMessages (or iMessage cross-device sync keys) on the device. It's not e2ee if the endpoint device escrows the plaintext. Apple and the FBI can read 99%+ of all iMessages in the world in near-realtime. (This is because, in the usual case, the backup includes the "Messages in iCloud" cross-device endpoint synchronization keys, and Apple of course runs the sync servers that see the encrypted traffic. If you have Messages in iCloud turned off, the backup simply contains all of the iMessages directly, and Apple presumably only gets them once each 24h period when the iCloud Backup runs at night when plugged in and on wifi.) The only case in which iMessage is e2ee is when both iMessage endpoints either have iCloud disabled, or both iMessage endpoints have iCloud Backup disabled, or both iMessage endpoints have iCloud Advanced Data Protection (backup e2ee) enabled. The moment you add an iPhone not so configured to the iMessage groupchat, the whole thing falls apart, because the defaults are to escrow the plaintext in a non-e2ee fashion. |