Skip to main content
  1. Home
  2. Mobile
  3. News

Despite FBI whining, iMessage isn’t invincible after all, researcher claims

Kate Conger
By

how to save text messages
Kritchanut/Shutterstock
FBI director James Comey has been campaigning against Apple and Google’s decision to introduce “end-to-end” encryption on the companies’ respective smartphones since they announced it last fall. Most recently, Comey testified before the Senate Judiciary Committee about the dangers of encryption and asked Senators to pressure tech companies into rolling it back so that the contents of smartphones would be accessible to law enforcement. Comey argued that criminals are “going dark,” hiding evidence of their wrongdoing behind encryption that his agency cannot break.

However, Comey’s arguments about encryption don’t align with how iPhone encryption actually works, claims computer-security researcher Nicholas Weaver. In a post on the blog Lawfare on Tuesday, Weaver points out that, even if encryption protects the contents of your iMessages, the FBI can still obtain plenty of information about you from your iPhone — for instance, your location data and your iMessage metadata would both be accessible to law enforcement with a warrant.

Recommended Videos

Crucially, Weaver also points out that iPhone users who enable iCloud backups would be vulnerable to a FBI search warrant. iCloud backs up the contents of messages to Apple’s servers, making the messages themselves easily accessible — a far cry from the inaccessibility described by Comey before the Senate Judiciary Committee.

Related

“Finally, there is iMessage, whose ‘end-to-end’ nature, despite FBI complaints, contains some significant weaknesses and deserves scare-quotes,” Weaver explains. Even though Apple CEO Tim Cook has claimed that there is no way for the company to read users’ iMessages, Weaver points out that it is possible to compromise the cryptography used to encrypt these messages.

Some encryption systems use a public keyserver, where users can look up and independently verify each other’s keys. However, Apple’s keyserver is private, so users have no way to independently verify each other’s keys. Apple could collaborate with law enforcement to provide a false key, thereby intercepting a specific user’s messages, and the user would be none the wiser. Weaver writes, “There remains a critical flaw: There is no user interface for Alice to discover (and therefore independently confirm) Bob’s keys.  Without this feature, there is no way for Alice to detect that an Apple keyserver gave her a different set of keys for Bob.  Without such an interface, iMessage is ‘backdoor enabled’ by design: The keyserver itself provides the backdoor.” Weaver says this vulnerability could also be used to tap into FaceTime calls.

“If one desires confidentiality, I think the only role for iMessage is instructing someone how to use Signal [an open-source encrypted messaging app],” Weaver concludes.

Editors' Recommendations

Topics
Kate Conger
Kate Conger
Former Digital Trends Contributor
Kate is a freelance writer who covers digital security. She has also written about police misconduct, nail polish, DARPA…
An iPhone that isn’t the iPhone 15 is selling fast in Japan
Apple's logo on an iPhone.

Apple released the iPhone 15 last month, with the new device offering two screen sizes of 6.1 inches and 6.7 inches.

The arrival of the latest iteration of the tech giant's popular handset saw the company banish from its online store the iPhone 13 Mini, which, as its name suggests, offers a smaller 5.4-inch display.

Read more
The iPhone 15 Pro isn’t the iPhone upgrade I hoped it would be
Apple iPhone 15 Pro with titanium frame.

When Apple introduced the first “Pro” iPhone in 2019, it stood with an additional telephoto camera at the back. To this day, the third lens serves as a proud marker of the Pro moniker. The camera chops are what predominantly separated these pricey trims from the non-Pro variants.

As Apple’s fall launch event unfolded last week, I was hoping to see some big camera upgrades fitting for the new Pro models. Yet, the only meaningful camera upgrade we got was kept exclusive to the iPhone 15 Pro Max. Instead of the iPhone 14 Pro’s 3x zoom camera, the iPhone 15 Pro Max makes the jump to a 5x telephoto camera.

Read more
I really hope this iPhone 15 Pro rumor isn’t true
Mockup of Titan Gray iPhone 15 Pro by 9to5Mac.

September is right around the corner, and that means we’re just a few weeks away from Apple’s iPhone 15 event. This year, it looks like we’re definitely going to get the iPhone 15 lineup, as well as the Apple Watch Series 9 and, perhaps, an Apple Watch Ultra 2. The rumor mill has been going particularly strong recently as we inch ever closer to the announcement.

But one of the latest reports from 9to5 Mac seems to indicate that Apple is getting rid of the gold color option for the iPhone 15 Pro and adding a “Titan Gray” (natural titanium, similar to Apple Watch Ultra) and Dark Blue colors instead. This also seems to indicate that the crimson red color rumor from a few months ago is also inaccurate, as we’re getting a “blue” instead.

Read more