[Cryptography] Signal planning no support for plaintext SMS

Jerry Leichter leichter at lrw.com
Wed Nov 9 15:45:55 EST 2022

> I don’t know under what definition does iMessage not suck. From all I can gather the security of iMessage drops to basically the same level as email the moment you enable iCloud. Your message keys are stored in iCloud and Apple have full access. Simply because they has been ignoring some government requests doesn’t mean it is secure. “I don’t use iCloud” doesn’t matter much when people you are messaging do. This is not even considering the fact that Apple already have a parallel implementation for chinese that have all the backdoors so when they do want to use their mitm position they don’t even need pay someone to write more code.
None of this is true.  The iCloud backups of messages used to be cleartext a while back, but are now encrypted.  Keys stored in iCloud are also encrypted and not accessible to Apple.  (The system works so well that it fools you into thinking that it's less secure than it is.  For example, when you connect a new device to your iCloud account, you can download your stored keys.  But before you can use them you need to provide the password used to encrypt them on one of your existing devices.  They then get decrypted and re-encrypted using the new device's password.)

This is the first I've heard of a parallel implementation for China.  What Apple is forced to do in China is allow a Chinese-owned company to run their datacenters.  Yes, physical access will ultimately allow them get at whatever they want, but it would take a while.  (The protection they provide against weak passwords - commonplace - is the same as used on iPhone's and recent Mac's:  The user password is mixed with a device-specific large random key which is kept inside a hardware-secured device.  Yes, you can break it with physical control of the datacenter.)
                                                        -- Jerry

More information about the cryptography mailing list