
Tim Cook on iMessage Security: It’s Encrypted, and We Don’t Have a Key - Tangokat
http://techcrunch.com/2014/09/15/tim-cook-holds-firm-on-imessage-security-its-encrypted-we-dont-have-a-key/
======
pilif
There is zero control over what public keys get handed over to your phone to
encrypt an iMessage with. For all we know, whenever you want to send a message
to $USER, your phone gets a public key for $USERs iPhone, her iPad and the NSA
master key.

Tim Cook can state that they can't decrypt the message all he wants, but as
long as there's no control over what public keys we encrypt the message with,
the statement that Apple or the NSA can't read the messages is a half-truth at
best.

Don't use iMessage for anything you wouldn't be using email for. Assume every
message you send over iMessage to be public.

 _> If the government laid a subpoena to get iMessages, we can’t provide it.
It’s encrypted and we don’t have a key. And so it’s sort of — the door is
closed._

But the government can (and probably has) force you to have the phones send a
copy of every message to some government server encrypted with the
government's public key. They don't need to subpoena messages - they already
got them all.

~~~
simonh
He didn't make a statement that Apple or the NSA can't read your messages. He
said that Apple can't read your messages. However since you are so concerned
about half truths, if you're going to criticise someone's statements, it would
be nice if you'd address what they actually are saying.

It's entirely possible that the NSA has hacked Apple, or that an Apple
employee has been subverted by the NSA and inserted a back door into the
encryption system. Tim Cook wouldn't know about that and can't give assurances
of that kind, and isn't trying to. All he can do is state what Apple as a
company intends and can do acting according to it's policies.

So yes it's entirely possible Apple or the NSA has back door keys to iMessage.
Tim Cook is now publicly on record saying that Apple don't. That's not a 'half
truth at best'. It's either true or it's a lie. I'm not telling you to believe
him or not, but historically these things have a way of coming to light
eventually, one way or another.

~~~
danieldk
The half-truth is here:

 _If the government laid a subpoena to get iMessages, we can’t provide it.
It’s encrypted and we don’t have a key._

It's encrypted and they don't have the key, but since the user does not have
any control over the public keys being added, they could add a trusted public
key and get it anyway. So they can actually provide messages if they really
wanted to.

I don't believe they really want to. But the thing we should've learnt from
last year's revelations is (1) that companies can be forced to do so anyway
via secret courts; and (2) the NSA is willing to make a 'technical solution'
otherwise.

So, Tim Cook is not being completely honest here. Apart from what hardware can
do, the only way to trust such an application is if you had the source code,
the source code of the operating system and the source code to firmware blobs,
and some way to prove that everything was compiled from public source code
without modifications. Since that is not going to happen, iMessage should be
considered as secure as unencrypted e-mail when it comes to governments. Of
course, it does provide more protection than e-mail against less equipped
actors.

~~~
simonh
They can't create trusted public keys after the fact, they'd have to already
have them. So there's no half truth. Either they currently create and store
such public keys or they don't. Tim Cooke is saying they don't. That statement
can't be half true. It's either true or false.

~~~
danieldk
_They can 't create trusted public keys after the fact,_

Of course they can. They own the directory server that hands out keys.

[http://blog.cryptographyengineering.com/2013/06/can-apple-
re...](http://blog.cryptographyengineering.com/2013/06/can-apple-read-your-
imessages.html)

tl;dr: Apple can send you a public key of Bob's new device. Apple can pretend
to send you a public key of Bob's new device. And since it's proprietary
software, they can trigger a resend of your recent messages to Bob.

Moreover, if you use iCloud backups, they have the keys to your kingdom, since
it fails the 'mud puddle test':

[http://arstechnica.com/security/2013/06/can-apple-read-
your-...](http://arstechnica.com/security/2013/06/can-apple-read-your-
imessages-ars-deciphers-end-to-end-crypto-claims/)

~~~
giovani
So this ends up being as "simple" as answering the question: Do you trust
Apple? Given they control the operating system and all around it, having the
directory server controlled by someone else (or distributed) doesn't solve the
problem as they have access to anything they want in your device, meaning they
don't need any keys to begin with.

~~~
srslack
I wouldn't trust any company that blatantly dodges the question of security
with a half truth. It's clear he's playing word games for PR points.

You can reset your password and redownload all of your messages to a new
device _if you use iCloud backup_. Cook is full of shit when he says that
Apple doesn't have the capability. They own the system.

Even a dedicated civilian could reset your password, associate a device with
your account and receive all messages going forward. To state that Apple
cannot is such a laughable claim that it becomes clear that it's just a PR
game. Which calls into question how sincere he is in his feelings about
privacy.

~~~
comex
For the record, you cannot redownload old messages in iMessage; if you use
iCloud Backup, a civilian could fetch messages from there, but if not, they're
out of luck.

~~~
srslack
Fair enough, I was mistaken. Security is hard, but no one should get a pass
playing games like this when it comes to security.

A civilian could still associate another key (device) to the account if
they're dedicated with the password or a password reset (not as stealthy)
assuming 2FA is disabled. And Apple could surely do it stealthily since they
own the system.

They have the capability, and it's too kind to his statement by calling it a
half-truth in that respect because it's really a lie when he says "[Apple
doesn't] have the capability."

------
yeahmayb
"Our business is not based on having information about you. You’re not our
product. Our product are these, and this watch, and Macs and so forth. And so
we run a very different company. I think everyone has to ask, how do companies
make their money? Follow the money. And if they’re making money mainly by
collecting gobs of personal data, I think you have a right to be worried. And
you should really understand what’s happening to that data. And companies I
think should be very transparent about it."

Honestly, I am starting to see the wisdom behind consumers choosing the
companies with these kinds of business models. Its not that I dont trust the
companies -- I guess its that I accept that governments and laws transcend
companies and their explicit arrangements with their consumers.

~~~
yen223
Of course, there's nothing stopping Apple from selling both the product and
the user...

~~~
danieldk
But that reduces the value of the product. I also don't think it is in Apple's
DNA to do that.

My concern is more that, given how bad they generally are at providing robust
cloud applications [1], that their security is equally bad.

[1] iTunes Match would always refuse to play some songs from my collection.
Even when a stopped using an iPhone last december, iMessages would often come
in in non-chronological order and sometimes not at all, etc.

------
gear54rus
These statements again... Time to get some downvotes, I guess.

How do I know? How _can_ I even know that YOUR own device for which YOU wrote
software and YOU designed hardware (although it may be based on some
_standards_ , no one can guarantee it's unmodified) won't share my private
information with YOU?

How can I know that you're not sending my private key encrypted with your
server's public key (one simple example of many) to your side?

Am I supposed to take your word on it? No thanks.

As much as I'm against Apple and their policy, these statements make no sense
from anyone (Google, Apple, whatever). Unless you design your own phone from
scratch, you can not be sure that it is _secure_ (however, when you do that,
all medium your phone may use is still not secure). It is simply not worth it.
Anything in digital world is not secure (only a matter of attacker's
determination and resources available to them) and there is no point in saying
otherwise.

~~~
MarkSweep
I tend to agree, it's much easier to just assume all online commutations are
monitored than to try to escape the gaze of the five eyes (of Sauron).

Maybe this attitude means they have already won?

~~~
gear54rus
For some reason I think only diversity may help.

1000s different systems built differently are harder to milk for useful
information if user is smart.. Centralization is the enemy of privacy
(centralized = compromised).

Unless they have an AI which can analyze such systems' patterns at the speed
of light and present solutions (which is not as unbelievable as self-conscious
AI) but it's still more of a fiction.

Really, the problem is not in tech, it's in people. We're not fixing this one
anytime soon.

------
epoxyhockey
Apple is a PRISM participant, as of Oct 2012 (one year after Steve Jobs died).
I highly doubt any iMessage is more secure than a plain text SMS sent via any
cell carrier's network. Apple probably offers a sexy interface for the Feds to
read everything.

Reference: [http://tctechcrunch2011.files.wordpress.com/2013/06/prism-
sl...](http://tctechcrunch2011.files.wordpress.com/2013/06/prism-slide-51.jpg)

~~~
epoxyhockey
Do any down-voters care to offer a comment? Is it that one contests that Apple
is a PRISM participant?

~~~
iLoch
I think you're being downvoted because you got a little too excited while
bashing Apple. iMessage is most certainly more secure than plain text in most
cases, save for the VERY exceptional case where the NSA might be watching IF
they do have a key on your phone. Plus, anyone who's used Apple's partner
portals knows they're just as capable of shitty design as everyone else.

~~~
spacefight
"In most cases" isn't enough any more these days. People are targeted alone by
metadata - and killed too.

------
Luker88
It's Encrypted, and We Don't Have a Key. But it's not open source so you don't
get to check. ... and we control the key distribution. We also do control your
device, so _technically_ , we don't need the key.

Fixed that for him.

~~~
spacefight
And we put music on your device without asking you.

------
samirahmed
Is actually possible to not have the ability to decrypt messages remotely?

At first I thought that if just an iphone held the encryption keys and these
were not on apple servers this statement could be true ...

however considering that imessage can be setup on a Mac and an iPhone via your
Apple ID ... its more likely that this statement is just hyperbole for the
Apple's approach to privacy

~~~
_jsn
"When a user turns on iMessage, the device generates two pairs of keys for use
with the service: an RSA 1280-bit key for encryption and an ECDSA 256-bit key
for signing. For each key pair, the private keys are saved in the device’s
keychain and the public keys are sent to Apple’s directory service"

"The user’s outgoing message is individually encrypted using AES-128 in CTR
mode for each of the recipient’s devices, signed using the sender’s private
key, and then dis- patched to the APNs for delivery."

Source:
[http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.p...](http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf)

When you send an iMessage, you actually send a separate encrypted and signed
copy for each recipient device. So, it is possible, but these are the lengths
you have to go to.

~~~
codeka
But they could just inject a "fake" recipient device with their own
public/private key and decrypt messages as they transit the system. They might
not be able to decrypt messages you've sent in the past, but I can see no
reason why they couldn't read messages as you send them if they wanted to (or
were required by a wiretapping agency, for example).

I also recall a while ago a researcher who showed that if you forgot your
iCloud password, there was a way to get Apple to reset the password and give
you access to all your previously-stored data. If they had no way to decrypt
your data remotely, that should be impossible.

~~~
_jsn
On the first point, you're coreect. That's also why you get those extremely
annoying modal dialogs each time a device/key pair is added to your iMessage
account, because a device added without your knowledge could be used to
eavesdrop on you.

~~~
pilif
You only get that dialog for the devices _you_ add. The public key added by
the NSA or Apple themselves does not trigger the dialog.

(explanatory note as the sarcasm in the comment might not have been obvious: I
do not know whether such a facility exists in the services or not, so this
might or might not be true.

But: The fact that it's possible that this "feature" already exists or can
easily be added in the future, potentially even without an update of the
client leads me to my current opinion which is that iMessage is not secure and
all traffic is open to Apple, rogue employees at Apple and whatever government
Apple is cooperating with).

------
lnanek2
That isn't really definitive, because the NSA has required companies to change
software to capture keys before. There was an encrypted email company who was
told they have to start recording private keys used in their web client.

------
scragg
> we finally got an agreement from the administration to release how many
> times we had national security orders on Apple. And in a six month period,
> and we had to release a range, because they won’t let us say the exact
> number, it’s between zero and 250. That’s the lowest number you can quote.
> Zero to 250.

So does anyone else think this might be a bad number (being so low)? If the
NSA had access to everything, wouldn't you expect the official requests for
data to be low and not because Apple doesn't store data or it's all encrypted
anyway as Cook implies.

------
natch
This statement is not enough... there could still be a third party (e.g. law
enforcement) with a key or for more plausible deniability, a portion of a key
(n bits out of N), and the statement would still be true. If they can do so
truthfully, they should also state that nobody else other than the user has a
key or any portion of a key, and that there are no keys or portions of keys in
escrow where anybody else can conceivably get at them.

------
aespinoza
Honestly, I really don't care if they have the key or not. My concern is if
they can read my messages. I am more worried about backdoors added to iMessage
by Apple. This is known to happen often in Apple products, maybe for the
purpose of Development or Support, but it is still there. That is exactly what
I want to know. Because if Apple can use that backdoor, a patient hacker can
too.

~~~
MBCook
> This is known to happen often in Apple products, maybe for the purpose of
> Development or Support, but it is still there.

Could you elaborate on this? Are you talking about the development tools that
require your phone to be cabled to a laptop?

~~~
aespinoza
This is just one example:
[http://www.networkworld.com/article/2456967/security0/apple-...](http://www.networkworld.com/article/2456967/security0/apple-
inadvertently-admitted-to-ios-backdoor-forensics-expert.html)

But if you google it, you'll find more.

------
kristianp
Apparently skype uses encryption, according to:

[https://support.skype.com/en/faq/FA31/does-skype-use-
encrypt...](https://support.skype.com/en/faq/FA31/does-skype-use-encryption)

------
tolmasky
He should instead just have said "Have you _tried_ iMessage?? Its a disaster,
we couldn't pull messages out of there even if we wanted to. Be thankful
anything shows up on the screen at all!"

------
skuhn
It's nice to see that he thinks user privacy is something valuable, and that
this is an issue worth talking about. However, I think he's really only
addressing one of the three ways that user data can be compromised when it's
held by a company:

1\. Selling or using it internally (e.g. Google's ad targeting)

2\. Stolen by criminals (e.g. Apple's recent snafu)

3\. Requisitioned by the government (e.g. Yahoo's daily fines for refusing to
join PRISM)

Data that isn't collected in the first place can't be lost, but that isn't
always possible (and it often defeats the entire purpose of the service).

I think he's mostly talking about the first one, that Apple hasn't built their
business around harvesting user data to feed advertising or other systems. I
think that's laudable. I would rather a company focus their energies on one
product, rather than selling a byproduct of their real money maker. I also
don't really like being the fuel for a free service -- I'd rather pay for what
I use and have everything above board.

Security is where I think Apple has its biggest problem with user privacy.
Relative to companies like Google, they just aren't very good at running
Internet services. Despite operating several huge services (iTunes, a CDN that
handles iOS updates, iCloud, etc.), they aren't an Internet company at heart.
Google and others are leaps and bounds above them in this regard.

They can improve this with hiring and changing the culture in those groups,
and I think they started this process a year or two ago. It will take some
time, and they're never going to be the world's best at this stuff.

Tim Cook touches on the third point a little, and some people think he is
being disingenuous in his description of how iMessage works. I think that it
doesn't really matter. It's great that Apple has designed a system that places
an emphasis on keeping user conversations private, but there is literally
nothing that they can do about government interference if they want to
continue operating as a legal entity.

I hope that they do everything in their power to curb government overreach.
Ultimately the government will get what they want. Simply building a system
designed to keep you from accessing the data that flows through it is not
sufficient: you will be forced to subvert that system or face serious
consequences.

I strongly believe that the only way people will ever have privacy from the
government again is to decentralize the Internet and the services that run on
it. I doubt that a political solution is possible now that pandora's box has
been opened, and it seems like it will only become more widespread as
companies have to answer to more governments around the world and the
technology to broadly intercept traffic becomes more commonplace.

------
lazylizard
erm. "with every mention of 'encryption' comes the issue of 'key management'?
" ?

and possibly a subset of 'key management', 'key exchange'..?

------
Istof
all these claims are worthless when you are not even administrator on the
device you use... (they have access to your messages before they get
encrypted...)

------
autism_hurts
Wasn't there a leaked FBI PowerPoint that very explicitly stated that they
can't intercept iMessages? (and it was a point of frustration)

------
Thesaurus
Jobs is rolling over in his graves, Cook is a shill. Jobs kept the five-eyes
out of Apple's shit until he croaked.

------
ganessh
But the NSA do have the keys :p just kidding

------
ruuki
The tech heroes of our age are becoming some kind of politicians, this is very
sad.

------
KaiserPro
Does that mean its just a ROT13 cipher? I mean its _technically_ encrypted,
but also doesn't need a key...

------
atmosx
Let's take this to the extreme: If you are _threat_ to the NSA, you'd use an
iPhone to send a message because Tim Cook said it's _encrypted_?

YES - NO - I DON'T KNOW

ps. Let's wait for Apple to do a better job at keeping private naked pictures
people make for fun using an iPhone and we'll talk iMessage encryption later.

------
chj
"we don't have a key, at this moment". Come on, Apple is still able to get
your messages. Next time when you set up your iPhone, and if the messages are
downloaded to your new device, you know they have access as well.

------
hadoukenio
3 words - National Security Letter.

Take what Timmy says with a grain of salt, until they should you the source
code. Oh wait...

Apple fan boys: bring on the downvotes, but enjoy your surveilling

~~~
ejr
I didn't downvote you, but I imagine it has less to do with what you said and
more with how you said it. NSLs as a "boogeyman" is a poor substitute for
lacking evidence. So far, we know that these things are sent to US companies
which are in the business of collecting and bartering data. While Apple has a
corner of that market, it isn't its entirety.

So here they have snippets of our information Ex: email, credit card, home
address for app purchases. However, it's just as possible to use the phone
normally without downloading a single app. That leaves the SIM provider
holding the bag for your information ready to be collected by the authorities.
Effectively, Apple washes its hands of your data on phone calls, but there is
no reason to presume lies regarding backdoors on iMessage.

Also, I'm not an "Apple fan boy". I'm just unconvinced of widespread
eavesdropping at Apple and that they're willing to risk destroying such a
massive advantage over Google's Hangouts platform.

~~~
efdee
In a post-Snowden world, when it comes to leaking your data, companies are
guilty until proven innocent. That is the only sensible stance to take given
what we have learned in the last year.

~~~
hadoukenio
This.

The Director of National Intelligence James Clapper tells Congress that the
NSA doesn't conduct intelligence on American citizens, and then later gets
caught out. He committed Perjury without any ramifications.

Why do people think that CEOs are telling the truth when they are all in the
same boat paddling up shit river?

