Apple reaffirms security, privacy of encrypted iMessages
Apple on Friday issued a statement affirming the security of their iMessage instant messaging service, rebuking suggestions that the company could, if forced by court order, intercept the encrypted missives.
"iMessage is not architected to allow Apple to read messages," Apple spokewoman Trudy Muller said in a blunt statement to AllThingsD regarding recent suggestions that the iMessage protocol could be subject to a wiretap. "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."
iMessage security has been a hot topic seemingly since the public release of the service alongside iOS 5 in 2011 when Apple's news release touted the feature as having "secure end-to-end encryption."
The United States Drug Enforcement Agency famously complained in April of this year that iMessage's secure design prohibited the agency from spying on suspects. The DEA circulated a memo to staff, warning that "iMessages between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider."
Apple's messaging service utilizes public key cryptography to secure its communications. Broadly speaking, public key cryptography works by encoding data with one key such that it can only be decoded with a different, mathematically matched, key.
Both keys are generated at the same time and are considered to be a "key pair" --?one key cannot be deduced from the other.
Apple's vehement response comes after suggestions from security firm QuarksLAB gained publicity this week. They suggested that Apple, which controls distribution of both keys via their central servers, can read users' iMessages by performing what is known as a "man-in-the-middle" attack, in which the central servers would transparently pass illegitimate key pairs between devices. The illegitimate key pairs would theoretically be generated by Apple, and thus allow the company to intercept iMessages.
"iMessage is not architected to allow Apple to read messages," Apple spokewoman Trudy Muller said in a blunt statement to AllThingsD regarding recent suggestions that the iMessage protocol could be subject to a wiretap. "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."
iMessage security has been a hot topic seemingly since the public release of the service alongside iOS 5 in 2011 when Apple's news release touted the feature as having "secure end-to-end encryption."
The United States Drug Enforcement Agency famously complained in April of this year that iMessage's secure design prohibited the agency from spying on suspects. The DEA circulated a memo to staff, warning that "iMessages between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider."
Apple's messaging service utilizes public key cryptography to secure its communications. Broadly speaking, public key cryptography works by encoding data with one key such that it can only be decoded with a different, mathematically matched, key.
Both keys are generated at the same time and are considered to be a "key pair" --?one key cannot be deduced from the other.
Apple's vehement response comes after suggestions from security firm QuarksLAB gained publicity this week. They suggested that Apple, which controls distribution of both keys via their central servers, can read users' iMessages by performing what is known as a "man-in-the-middle" attack, in which the central servers would transparently pass illegitimate key pairs between devices. The illegitimate key pairs would theoretically be generated by Apple, and thus allow the company to intercept iMessages.
Comments
QuarksLAB is doing what everybody does these days. Shameless.
What are they doing that everybody else is doing?
If they want to put this to rest, then they should have a few respected outside security experts come and do an audit of the system. Just saying, "That's not how our system works" won't stop the speculation and click-bait articles declaiming the possible/theoretical insider MitM vulnerabilities. I'm not talking about making the whole architecture opensource or anything, just a third-party audit of the security code much like they have outside firms audit their financial records.
You're missing the salient point. Quarks is not misconstruing Apple's system. And Apple is not saying they are. Before criticizing any party, try reading Quarks' report and Apple's rebuttal. Of course, no need to do so if you just want to make a *soundbite* for the sake of it.
Who cares, it's safer to assume the government can read your messages on all these devices and use alternate comm's methods if you need privacy.
True. Assume nothing is safe and you'll get it just about right.
QuarksLAB is trying what every other troll entity is doing: Publishing a false negative article about Apple in order to gain eyeballs and publicity.
Anything negative about Apple gains a lot of publicity and immediate Pavlovian reaction from pro-Apple activists. That is simply a fact of the world. And this is taken advantage of by anyone seeking publicity, notoriety and eyeballs to make more money from web-ads.
Quote:
QuarksLAB is doing what everybody does these days. Shameless.
What are they doing that everybody else is doing?
True. Assume nothing is safe and you'll get it just about right.
The thing is that whether absolute secrecy is a good thing or not depends on the circumstances. It is all relative. During the WW2 there were many resistance movements working against the Germans. From our pov absolute secrecy would have been fantastic. The Germans in turn were famously trying to communicate in secrecy to orchestrate their u-boat attacks. Turing famously cracked the code and we are all grateful. Do I want 'the government' to be able to access any communication it pleases? Absolutely not, I don't trust any government not to abuse its powers. Do I wan't terrorist groups (that is also a relative term, of course) to be able to communicate with 100% assurance they will not be listened in on? I don't think so.
Name dropping Apple for attention. Stating things as fact that they can't prove. And so on
If the key pair is generated in Apple's server, surely they could use them or pass them on if required. For all we know the DEA wants everyone to use iMessage because they do just that.
Who cares, it's safer to assume the government can read your messages on all these devices and use alternate comm's methods if you need privacy.
This. I think anyone who assumes the government can't crack Apple's encryption is on the losing side. If I were the DEA I'd leak internal memo's saying we can't crack Apple's code too. Its called 'fishing for drug dealers dumb enough to believe that'
You're right they didn't misconstrue anything. Because that term's connotation is that any false information is given by accident.
Quarks lied. They stated something they have no reasonable expectation of authority to know what they are talking about and no hard proof of it.
They didn't find a hole that lets them calculate the keys, decode the messages etc. They simply said that Apply is lying and can look up the key for any person they want and decode messages any time they want and lied that they could not.
Quarks can't prove this, knows they can't prove this, but stated it anyway. So no they didn't mistakenly state false information, they flat out lied. Something none of the hit whoring sites and blogs, including this one, bother to ever point out. Because they care more about the page hits than the truth. Which is why when Apple replies they will cast it as the act of a desperate company and so on.
Who knows, perhaps their suggested MitM attack is possible, but perhaps Apple's security team architected iMessage to use an architecture that protects against server-side MitM attacks. Perhaps they are also using a one-off non-repeating cypher stream and uniquely-generated key pairs for each exchange that are destroyed immediately afterwards.
Who knows? QuarksLAB certainly doesn't!
Another statement made on assumptions and a lack of information. Same thing these 'experts' are doing. They haven't proven their claims and yet sites are picking up their claims as facts. Why? Because folks like you and those even less educated about tech will assume that a 'security company' would never say something that isn't true without noting the total lack of proof.
Same stunt stock analysts use all the time because they know that in general folks are stupid and too lazy to really think about what is being said. And sites play party to it because Apple gets page hits.
If they were going for that kind of a stunt they would claim they can't read basic SMS or such that it's on all phones. Cause even the dumbest drug dealer knows that burner flip phones are the best to use. Make them think no one can find them in any phone not just this restricted service.
People can snidely suggest what they like but the evidence that iMessage and Facetime are encrypted and sealed off from the NSA is that they have been complaining in Memos about message trails going dark at Apple.
From April 2013: "A recent Justice Department memo revealed by CNET shows law enforcement’s frustration with Apple’s encrypted iMessage software. The internal memo, sent by the Drug Enforcement Administration, calls iMessages “a challenge to DEA intercept” and notes that messages sent between two Apple devices — the ones that turn blue in users’ chat windows — cannot be captured by monitoring devices.”
Do these Quarkslab people think the NSA is playing dumb to make Apple look secure? I think not!
Another statement made on assumptions and a lack of information. Same thing these 'experts' are doing. They haven't proven their claims and yet sites are picking up their claims as facts. Why? Because folks like you and those even less educated about tech will assume that a 'security company' would never say something that isn't true without noting the total lack of proof.
Same stunt stock analysts use all the time because they know that in general folks are stupid and too lazy to really think about what is being said. And sites play party to it because Apple gets page hits.
Did you actually read the Quarks report? They offered a pretty thorough run down of the parts of the protocol that are exposed at the client side, and how the infrastructure handler works and would be able to decrypt the message. And they plainly stated that even though Apple theoretically could read your iMessages, that doesn't mean that they are, or that their internal processes are set up today in a way that would make the process trivial. Apple's response said much the same thing - "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."
It disputes the interpretation of Apple saying they "can't" read your messages - maybe they can't right now, right this second, with everything set up exactly as it is, but they have the power to change those things so that they can. Just like I can't run a marathon right now, as I'm not at peak fitness, and I've left my running shoes at home; but give me a little while and under my own power I'll be able to.
A more interesting discussion than outrage at the attacks on Apple would be talking about how Apple can assure their customers that the infrastructure will not be changed to allow them (or other agencies) to snoop, and what protection users have from a court order on Apple. "Trust us" doesn't really work as a security feature. This is an area where Apple's corporate secrecy and ownership of its technology and infrastructure can be of concern to its customers.
Also your older brother knows your weaknesses! Beware of big brother!
Please tell me what tech company do you trust?