[Cryptography] Signal planning no support for plaintext SMS

[Ron Garret]

On Nov 9, 2022, at 9:21 AM, Shironeko <shironeko at waifu.club> wrote:

>> From: Jerry Leichter <leichter at lrw.com>
>> 
>> iMessage most definitely “doesn’t suck.” It’s highly usable, and is used by
>> hundreds of millions, if not billions, of people - who need make no special
>> effort to use it in a secure way. (In fact, I would contend that any system that
>> requires the user to specifically pay attention to the system’s security is
>> forever going to restricted to a small subset of potential users.) Granted, it’s
>> only available on Apple devices - though it works fine on both phones and
>> computers (and other devices with no phone number). Is “ability to run on my
>> favorite OS that isn’t Apple’s” part of your “doesn’t suck” definition?
> 
> I don’t know under what definition does iMessage not suck. From all I can gather
> the security of iMessage drops to basically the same level as email the moment
> you enable iCloud. Your message keys are stored in iCloud and Apple have full
> access.

Apple can push an OS update that gives them access to your keys even without iCloud any time they want.  So with or without iCloud, your security with iMessage is entirely dependent on Apple’s trustworthiness.

And this is true in general for any vendor.  The only way you can be absolutely sure that there isn’t a back door in your comms is to build your own silicon foundry from the ground up.  The minute you use *any* third-party hardware or software *anywhere* in your process you open yourself up to a rusting-trust attack.

So as a practical matter you have to trust someone, especially if you’re a muggle.  It might as well be Apple.

rg