Wednesday, June 26, 2013

Can Apple Read Your iMessages?

Apple:

There are certain categories of information which we do not provide to law enforcement or any other group because we choose not to retain it.

For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.

Matthew Green:

All you need to do is run the following simple experiment: First, lose your iPhone. Now change your password using Apple’s iForgot service (this requires you to answer some simple security questions or provide a recovery email). Now go to an Apple store and shell out a fortune buying a new phone.

If you can recover your recent iMessages onto a new iPhone -- as I was able to do in an Apple store this afternoon -- then Apple isn’t protecting your iMessages with your password or with a device key. Too bad.

This seems to be confirmed by this Ask Different answer and Hacker News. In other words, the end-to-end encryption is beside the point if iCloud backups are involved. Apple’s privacy statement seems to be strictly true but misleading.

Update (2013-10-19): Dan Goodin:

Ultimately, the QuarksLab researchers said that such man-in-the-middle exploits against the iMessage infrastructure require so much effort that they could probably be carried out only by three-letter agencies, and even then only under limited circumstances. But they went on to say there's no technical measure stopping Apple employees, working under a secret court order or otherwise, from performing the same kind of attack and making it completely transparent to the parties exchanging iMessages. Unlike third-party attacks, these insider exploits would require no tampering of end-user devices.

12 Comments RSS · Twitter

"In other words, the end-to-end encryption is beside the point if iCloud backups are involved. Apple’s privacy statement seems to be strictly true but misleading."

When I first read this, my thought was to be dubious that there was an exploit only if iCloud backups are involved. Really? But I had no good way to explain my suspicions that the whole AppleID core rot provides the technical capability to override encryption protection . Until, I came across Ars and Soghoian weighing in:

"In the case of iMessage intercept capabilities, Apple is taking a page from Skype's playbook—make very carefully worded statements about the existence of encryption, and then let people read far more into their claims than they have actually made," Chris Soghoian, who is principal technologist and senior policy analyst for the American Civil Liberties Union, told Ars. "When reading Apple's carefully worded PRISM denial, remember it was written by a hybrid team of lawyers and PR folks. Every word matters. At best, they are being cagey, at worst, outright deceptive."

As Soghoian and other critics admit, the end-to-end encryption included with iMessage may make it impossible for Apple to decrypt conversations, at least in some circumstances. But in the absence of key details that Apple has steadfastly declined to provide, customers who are especially concerned about their privacy would do well to assume otherwise.

In other words, Apple’s privacy statement may well not be strictly true. let alone only misleading in the iCloud backup sense.

And I for one welcome our new iMessage/PRISM/NSA overlords. I’d like to remind them that as a trusted blog commenter, I can be helpful in rounding up others to toil in their underground sugar caves.

[...] agree, but I still think that it’s a mistake to focus on the end-to-end encryption and Apple’s statements about [...]

[...] still think this is misleading because it ignores the fact that iCloud backups are encrypted with a key [...]

[…] it could happen without his knowledge or consent. The systems are designed such that Apple could tap into your messages if it wanted to. There is unfortunately no way to prove that this doesn’t […]

[…] they mean here is that iCloud backups are not encrypted. So, as I’ve said, it’s pretty much irrelevant that the iMessage communications themselves are encrypted […]

[…] is more protection than iMessage offers for iCloud backups, but it seems like both could benefit from allowing the user to specify a […]

[…] still think this is misleading because it ignores the fact that iCloud backups are encrypted with a key […]

[…] iMessage End-to-End Encryption, Can Apple Read Your iMessages?, iOS Security White Paper (Nick […]

[…] Previously: Chinese Firm to Operate China iCloud Accounts, Apple Starts Using Google Cloud Platform, iOS 5 and iCloud, Apple Is Trying to Make iMessages More Private, Apple’s iMessage Metadata Logs, Can Apple Read Your iMessages?. […]

[…] agree, but I still think that it’s a mistake to focus on the end-to-end encryption and Apple’s statements about […]

[…] I think Nat is right that there is not really a difference in security because iCloud Backup already made the messages available to […]

Leave a Comment