Dont get me wrong, I’m NOT saying iMessage is true end-to-end encryption, just that the messages aren’t stored unencrypted on the server.
> On Feb 25, 2017, at 12:43 PM, Cassidy B. Larson <[email protected]> wrote: > > I see nothing in that article that says iMessages are stored unencrypted on > Apples servers, which is what you initial stated. > > I do see it state: "If a hacker were to take hold of the key server, they > would in turn be able to intercept messages as they are being typed — those > that have not already undergone the encryption process.” > > However, the same with anything using a key encryption. If someone has your > device key, wouldn’t they be able to decrypt your messages? > > > >> On Feb 25, 2017, at 12:37 PM, Josh Reynolds <[email protected] >> <mailto:[email protected]>> wrote: >> >> http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/ >> >> <http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/> >> >> On Feb 25, 2017 1:35 PM, "Cassidy B. Larson" <[email protected] >> <mailto:[email protected]>> wrote: >> I’m not sure I agree with that. Just reading up on this article from August >> of last year: >> >> http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html >> >> <http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html> >> >> Couple of points from the article: >> >> - Undelivered messages ARE stored encrypted on Apples servers for up to 30 >> days. Sure someone with the appropriate key can decrypt them. That’s >> nothing new. >> - Cloud backups store your messages, they’re encrypted.. and supposedly >> Apple can decrypt them? Or not? If you’re a terrorist and/or extra >> paranoid, turn them off or use WhatsApp.. Oh wait, don’t they have a >> backdoor? :) >> - They say iMessage is “Not any better than normal TLS”.. well, it’s >> encrypted. Better than not! >> - From this it also appears Apple implemented most of their short-term >> vulnerability patches for old clients. >> >> I assume if both sides of the conversation are running the latest iOS >> version, then they’re much more “secure” than running older un-patched ones. >> Just be sure to patch both sides of your iOS devices before your >> terrorist-ing messages are sent! LOL >> >> -c >> >> >>> On Feb 25, 2017, at 12:05 PM, Josh Reynolds <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> That's bullshit. iMessage is not encrypted on Apple servers, which the >>> messages pass through. This is why iMessage isn't considered true "end to >>> end" crypto. There have been several papers written on this. >>> >>> On Feb 25, 2017 1:00 PM, "Travis Johnson" <[email protected] >>> <mailto:[email protected]>> wrote: >>> Nope... iMessage is encrypted and not even Apple can read the messages. >>> >>> Travis >>> >>> On 2/25/2017 11:47 AM, Bill Prince wrote: >>> Just like iMessage and Siri. >>> >>> >>> bp >>> <part15sbs{at}gmail{dot}com> >>> >>> On 2/25/2017 8:12 AM, Travis Johnson wrote: >>> Now Google will be reading all of your text messages as well... if you use >>> an Android phone that is... LOL >>> >>> https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/ >>> >>> <https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/> >>> >>> Travis >>> >>> >>> >>> >> >
