I see nothing in that article that says iMessages are stored unencrypted on Apples servers, which is what you initial stated.
I do see it state: "If a hacker were to take hold of the key server, they would in turn be able to intercept messages as they are being typed — those that have not already undergone the encryption process.” However, the same with anything using a key encryption. If someone has your device key, wouldn’t they be able to decrypt your messages? > On Feb 25, 2017, at 12:37 PM, Josh Reynolds <[email protected]> wrote: > > http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/ > > <http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/> > > On Feb 25, 2017 1:35 PM, "Cassidy B. Larson" <[email protected] > <mailto:[email protected]>> wrote: > I’m not sure I agree with that. Just reading up on this article from August > of last year: > > http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html > > <http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html> > > Couple of points from the article: > > - Undelivered messages ARE stored encrypted on Apples servers for up to 30 > days. Sure someone with the appropriate key can decrypt them. That’s nothing > new. > - Cloud backups store your messages, they’re encrypted.. and supposedly Apple > can decrypt them? Or not? If you’re a terrorist and/or extra paranoid, turn > them off or use WhatsApp.. Oh wait, don’t they have a backdoor? :) > - They say iMessage is “Not any better than normal TLS”.. well, it’s > encrypted. Better than not! > - From this it also appears Apple implemented most of their short-term > vulnerability patches for old clients. > > I assume if both sides of the conversation are running the latest iOS > version, then they’re much more “secure” than running older un-patched ones. > Just be sure to patch both sides of your iOS devices before your > terrorist-ing messages are sent! LOL > > -c > > >> On Feb 25, 2017, at 12:05 PM, Josh Reynolds <[email protected] >> <mailto:[email protected]>> wrote: >> >> That's bullshit. iMessage is not encrypted on Apple servers, which the >> messages pass through. This is why iMessage isn't considered true "end to >> end" crypto. There have been several papers written on this. >> >> On Feb 25, 2017 1:00 PM, "Travis Johnson" <[email protected] >> <mailto:[email protected]>> wrote: >> Nope... iMessage is encrypted and not even Apple can read the messages. >> >> Travis >> >> On 2/25/2017 11:47 AM, Bill Prince wrote: >> Just like iMessage and Siri. >> >> >> bp >> <part15sbs{at}gmail{dot}com> >> >> On 2/25/2017 8:12 AM, Travis Johnson wrote: >> Now Google will be reading all of your text messages as well... if you use >> an Android phone that is... LOL >> >> https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/ >> >> <https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/> >> >> Travis >> >> >> >> >
