derekmorr
About
- Username
- derekmorr
- Joined
- Visits
- 29
- Last Active
- Roles
- member
- Points
- 110
- Badges
- 0
- Posts
- 237
Reactions
-
Apple and Android users deserve better universal chat than Beeper mini
-
iMessage Contact Key Verification appears in first iOS 16.6 beta
This article from Dr. Matthew Green, a cryptographer at Johns Hopkins, has a good overview of the problem. He's the researcher that was able to break iMessage encryption back in 2016. See his discussion of "key substitution attacks."
On the one hand, it addresses a long-standing design flaw in iMessage -- it was impossible to verify the identify of the other party. You just had to blindly trust the Apple provided the right encryption key to you, and you weren't subject to a man-in-the-middle attack. This is opposed to Signal and WhatsApp which support verification. Basically, these systems create a "fingerprint" of the encryption keys used in your conversation -- both parties can verify this fingerprint to ensure they both see the same keys.
Historically, iMessage did not have this -- so you could not know if you were really talking directly to someone or if your conversation was being relayed through an eavesdropper, or if Apple had secretly added an eavesdropper to your conversation. Now, this will be possible.
Edit: WhatsApp is actually innovating here. Most users do not manually verify safety numbers, so WhatsApp is rolling out an automatic key verification system which has a public log of all public keys in the system. See this announcement for a high-level overview. There is also an extended deep-dive discussion on the Security Cryptography Whatever podcast. -
Apple preparing for third-party app stores by 2024
JP234 said:It begins. Prepare for malware on your iOS devices. -
Epic CEO will fight Apple to the bitter end over App Store control
Madbum said:Epic doesn’t have to sell in Apples App Store. The store did t exist before Apple spent billions over last 15 years developing it. -
Zuckerberg really wants iPhone users to shift to WhatsApp
He has some valid criticisms of iMessage - it is nowhere as secure as Apple makes it out to be. But WhatsApp collects all of your metadata and shares it with Meta, so it's hardly better. I strongly suggest using Signal -- it's cross-platform and open-source, has been independently audited, and collects virtually no metadata.
iMessage has many problems:The problems with iMessage are in two areas: the protocol itself, and everything else.The iMessage encryption protocol isn't well designed:- In 2016, researchers at Johns Hopkins demonstrated that iMessage messages can be decrypted of they’re intercepted. This is a link to their paper -https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_garman.pdf
. While the attack is difficult to execute, it should never be possible.- The iMessage protocol doesn't have forward secrecy (https://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html) -- that means it reuses the same encryption key indefinitely. That makes it much more susceptible to compromise. The Signal protocol has forward secrecy and changes the encryption key on each message.- The research team said that Apple should replace the iMessage protocol with something more secure, like the Signal protocol. https://www.vice.com/en/article/d7y7vk/apple-should-replace-imessage-encryption-researchers-warn- Following the 2016 revelations, Apple updated the iMessage protocol, using a custom signcryption scheme (see https://par.nsf.gov/servlets/purl/10200009). That paper found that the iMessage protocol is theoretically sound but makes suspect parameter choices: it uses only 88 bits of entropy per-message, and the per-message authentication tag is only 40 bits; both values are too small. Ultimately, the authors claim that Apple made unusual design choices in iMessage and questioned why Apple didn't use a more standardized, well-studied approach. There is speculation that backwards compatibility drove Apple's design process.- iMessage does not allow participants to verify one another’s identities and their shared encryption key. The system requires devices to implicitly trust Apple’s servers to distribute user’s public keys. In Signal, you can scan a QR code to verify the encryption key; this prevents man in the middle attacks. See this for more info https://blog.cryptographyengineering.com/2015/09/09/lets-talk-about-imessage-again/- A 2014 analysis of iMessage found that traffic analysis can reveal the Operating System (100% accuracy), type of user action message (96% accuracy), text language (98% accuracy), and plaintext message length (to within 6 characters). https://arxiv.org/pdf/1403.1906.pdf.In terms of "everything else" -- Apple has access to a lot of iMessage metadata, and in many cases to your chats (via iCloud backups):- Apple logs your iMessage contacts, and can share them with law enforcement. https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/. Signal does not log your contacts.- iMessage data is also accessible to governments since iCloud backups are not end-to-end encrypted. In November 2021, Rolling Stone published an FBI document showing that iMessage can reveal more information that most other messengers, link: https://www.rollingstone.com/politics/politics-features/whatsapp-imessage-facebook-apple-fbi-privacy-1261816/ and see this PDF: https://propertyofthepeople.org/document-detail/?doc-id=21114562