
Apple's iMessage encryption trips up feds' surveillance - donohoe
http://news.cnet.com/8301-13578_3-57577887-38/apples-imessage-encryption-trips-up-feds-surveillance/
======
pedrocr
If I was the DEA and had a way to break the iMessage encryption, this is
exactly the kind of article I'd try to have someone write.

~~~
lhnz
What do you have _to gain_ by going onto Hacker News and posting conspiracies
theories about DEA disinformation? Are you working for some kind of anti-US
gov agency perhaps?

 _Er_

~~~
coldtea
> _What do you have to gain by going onto Hacker News and posting conspiracies
> theories about DEA disinformation? Are you working for some kind of anti-US
> gov agency perhaps?_

For one, why assume he cares at all about US gov agencies? HN is
international. There are people here who could not care less about US
agencies. Not to mention there are people who despise their abuses and privacy
breaches, including lots of Americans.

Second, not everything is a "conspiracy theory". And not every "conspiracy
theory" is laughable (e.g about aliens or illuminati). Real-life conspiracies
(people, agencies etc, conspiring to do some stuff in secret to gain
something) happen all the time. Actually conspiracy (covertly trying to spread
misinformation or to gain state information or to steal trade secrets etc) is
the very thing secret agencies do.

As for your misguided surprise about how an agency could ever use the press to
spread misinformation, you might want to read on this:
<http://en.wikipedia.org/wiki/Operation_Mockingbird>

~~~
pyre
The problem is that every statement could be a 'government conspiracy.'

E.g.:

    
    
      The DEA can break iMessage encryption
    

Obviously they _can't_ , and they want you to shy away from using iMessage!

    
    
      The DEA can't break iMessage encryption
    

Obviously they _can_ , and they want you to keep/start using it!

~~~
coldtea
Sure. But that's not an argument against it being possible (or actually true).

I mean, in your example there are 3 cases:

1) Obviously that can't, and they want you to shy away from using iMessage! 2)
Obviously they can, and they want you to keep/start using it! 3) They can't
and they are frank about it.

It could be either of the three.

We cannot say that it can only be (3) because "(1) and (2) are conspiracies".

We cannot even say that (3) is more possible because it doesn't involve a
conspiracy.

It depends on more information and context to decide. Some situations we know
quite well that are unlikely to involve conspiracies ("Jack said he went to
Spain for holidays").

Other situations, we know quite well that are more likely to involve
conspiracies ("The other 2 co-founders of my startup had a private meeting
with a VC without informing me").

Now, something involving state agencies, I'd say is quite likely to involve
some kind of conspiracy.

~~~
sageikosa
Technically, if not done in a public forum, its a conspiracy (two or more
parties working together not in the open). In a republic, we tend to look down
on those kinds of things when at least one of the parties is a government
agency, or an agent of an agency. Conspiracies don't have to result in
falsehoods being spread.

------
nodata
Dear criminals,

Please use iMessage more, we promise we definitely can't read your messages.

Lots of love,

Feds

xxx

~~~
Ntrails
There's no advantage to them in people using iMessage. They can easily get
your text messages already.

You could go high-tinfoil and claim they would rather people iMessaged than
using whatsapp or some other free message service? But anyone thinking about
avoiding federal intercepts would use neither of these things rendering this
piece worthless.

So what do they actually have to gain?

It seems more likely to me that this is a real problem than a PR piece.

~~~
mgurlitz
This could encourage people to use an encrypted messaging program that is
closed-source, has a large attack surface, and that might not be patched if a
flaw is found. So they do have some incentive to get people to use iMessage
over something like Cryptocat.

~~~
declan
The choice for 99.99% of Apple users is not iMessage vs. Cryptocat. It's
iMessage vs. unencrypted SMS transmitted and in some cases retained by
carriers with close relationships with FedGov.

------
runjake
About a year ago, a SA from a certain three-letter agency who was pretty
fluent in technology (our conversation largely centered around Bitcoin)
mentioned that iMessage is not end-to-end encryption. That, to his
understanding, it was client<\-->apple<\-->client TLS encryption.

I think I might actually side with the tin-foils on this one. In any case,
iMessage isn't a (well-)documented protocols implementation, so I wouldn't
rely on it for security.

Edit: Public scrutiny seems to back up the SA's claim [1].

1\. <http://imfreedom.org/wiki/IMessage>

~~~
doe88
In the page you link to, it doesn't seem there is an example where one client
try to send a message to another client? Am I missing something?

~~~
nicholassmith
Yeah I was looking for actual message content in there and couldn't spot it.
Not saying that Apple isn't misrepresenting, but I couldn't spot proof that
your messages are getting sent without encryption.

------
dmix
> "it is impossible to intercept iMessages between two Apple devices" even
> with a court order approved by a federal judge.

And even more importantly, impossible with a warrantless wiretap as well.

This new wide-spread adoption of encryption is law enforcements new enemy.

~~~
archon
Maybe for warrantless wiretaps, yes. But for any legal surveillance, they'll
just get a warrant and compel Apple/Microsoft/Twitter/Whoever to hand over any
data they have.

~~~
Nrsolis
If the end user isn't managing the keys, and the service provider is then the
law states that they MUST provide decrypted traffic or provide the keys to
decrypt the traffic to law enforcement.

~~~
declan
Do you have a cite to the section of the U.S. Code that says that? That
applies to companies such as Apple, Google, FB, etc.? (Hint: it doesn't
exist.)

~~~
Nrsolis
<http://www.law.cornell.edu/uscode/text/47/1002>

"(3) Encryption A telecommunications carrier shall not be responsible for
decrypting, or ensuring the government’s ability to decrypt, any communication
encrypted by a subscriber or customer, unless the encryption was provided by
the carrier and the carrier possesses the information necessary to decrypt the
communication."

More info: [http://paranoia.dubfire.net/2011/02/deconstructing-calea-
hea...](http://paranoia.dubfire.net/2011/02/deconstructing-calea-hearing.html)

Also, declan, I was in the room during meetings with the FBI when I worked for
a large telecommunications carrier. I integrated the CALEA mediation platform
with the IP network and I'm well aware of what is required and not required to
be present in the network regarding CALEA.

IANAL, but you would be wise to consider that the FBI considers the former
"information service providers" to be "telecommunications providers" to the
extent that they can convince a judge that they are acting as one. I wouldn't
think I was safe because I was using any kind of messaging where I couldn't
control the keys, the software that uses them, and the distribution and
verification of said keys.

~~~
declan
Thanks for your response! I don't disagree with your representation of the law
(or the practice of the FBI) as it applies to traditional telecommunications
carriers. They're clearly covered by CALEA.

But Apple, Google, Facebook, Twitter, etc. are simply not telecommunications
carriers. That's the whole point. CALEA as enacted in 1994 doesn't apply to
them, and even the FCC didn't try to apply CALEA to them when subsequently
expanding the law. This is why both the FBI director and the FBI general
counsel said in the last two weeks they want Congress to rewrite the law to
cover those companies.

CALEA applies to "facilities-based broadband Internet access providers and
providers of interconnected Voice over Internet Protocol (VoIP)." Pure TCP/IP
services are not "interconnected." See page #2 of the FCC's order:
[http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-06-56A...](http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-06-56A1.pdf)

If you're saying that the FBI sometimes gets judges and companies to go beyond
what the law allows, you may be right. On the other hand, companies are under
no obligation to comply, as we see in this new lawsuit:
[http://news.cnet.com/8301-13578_3-57577958-38/google-
fights-...](http://news.cnet.com/8301-13578_3-57577958-38/google-fights-fbis-
warrantless-data-requests-in-federal-court/)

~~~
Nrsolis
It's worth noting that I got dragged into this project when the District Court
ruled that "information service providers" were subject to regulation under
CALEA. This kicked off a huge project to bring the IP network into compliance.

It's not a stretch to imagine an situation where a company decides to fight
and loses, thus looping in a huge number of companies that might imagine that
they _aren't_ telecom providers, but a court decides they _are_.

There is a very fine line between SMS and iMessage. Apple provides servers
that store and forward messages, and it'd be hard to argue with a straight
face that a court should "think different" when comparing AT&T and Apple.
Judges aren't dumb and they will pay close attention to the "substance test"
when deciding if a company is providing a "telecommunications service" in a
ruling.

~~~
gknoy
So then, how long before there is an open-source, distributed key management
system, that lets you store public keys of all your friends' phones, and end
encrypted texts/etc with them, and which acts basically as only a key exchange
service?

... I guess CALEA could be made to force them to MITM anyone doing key
exchanges. Damn.

------
smackfu
This article and the DEA doc is confusing. It seems to mainly be saying that
having a warrant to intercept cell communications won't get iMessages because
it doesn't go through the cell carrier.

It's implied a bit that it is encrypted end-to-end and that Apple can't get
the contents... but it doesn't seem to actually say that anywhere. This
comment on StackExchange says the encryption is only from sender to Apple and
Apple to recipient, so Apple has the plaintext:
[http://security.stackexchange.com/questions/18908/the-
inner-...](http://security.stackexchange.com/questions/18908/the-inner-
workings-of-imessage-security)

Also, wouldn't the same issues have come up with BBM?

~~~
declan
It's not implied; the article states outright the encryption is end-to-end. :)

That's based on Apple press releases from 2011 and 2012. See, for example:

[http://www.apple.com/pr/library/2011/06/06New-Version-of-
iOS...](http://www.apple.com/pr/library/2011/06/06New-Version-of-iOS-Includes-
Notification-Center-iMessage-Newsstand-Twitter-Integration-Among-200-New-
Features.html) "secure end-to-end encryption"

~~~
IheartApplesDix
Secure end to end encryption doesn't mean government agencies can't snoop on
the coms. First of all, the CIA owns own one of the largest, if not the
largest supercomputer. Also, the encryption could be using CIA's own root key.
Example: <http://www.cypherspace.org/adam/hacks/lotus-nsa-key.html>

------
lucian1900
The sad part is that iMessage's encryption appears to be of dubious quality.
Even worse, the protocol is not public, so there's no way to audit it.

~~~
klodolph
If you can't audit it, you can't be sure it is sound. But you seem to claim
that it isn't sound, which also isn't possible without an audit.

I think there are at least a few engineers at Apple capable of implementing
this correctly. Not that I assume it's unbreakable, I'm just not as
pessimistic.

~~~
revscat
When you're talking about encryption pessimism is the default. The whole point
is lack of trust.

------
A1kmm
Whether or not the software is secure from Apple is a moot point if Apple can,
at any point in time, deploy an arbitrary software update that only affects a
single device.

I presume Apple has the ability to send a backdoored update to iMessage to any
user they want, and probably to obfuscate it well enough to not tip anyone
off. Therefore, if DEA can get a warrant requiring Apple to provide technical
assistance, Apple has at least one route to get message plaintext.

------
smoyer
Smart Jabber users (those who want privacy) exchange public keys, encrypt each
message with the recipient's public key and sign each message with their
private key. Unless a private key is compromised, the recipient is guaranteed
the message came from the sender and that the body is only readable by the
recipient.

I've been using keys with both Jabber and e-mail for a long time ... what we
really need is the clients to use encryption as their default mode.

------
anologwintermut
As the end of the article hints,this is highly unlikely to be actually true
and more so the result of incompetence on the part of Apple and the DEA. It is
most likely more of the we need better law enforcement access to stuff FUD
that is used to insert backdoors into systems that actually weaken security
even if you trust the government, then an actual problem

Apple appears to act as a certificate authority for IMessage [0]. At the very
least Apple could man-in-the-middle any (and scarily) all their traffic. The
article implies that they'd have to do this before the first message is ever
sent between to parties. Presumably, we'd hope Apple has the ability to re-key
the service since phones get stolen and lost, so they can forge that process
to insert the bogus key. We'd probably also hope that your key is not shared
across all of your devices, so it might(though its not as likely as the rekey
protocol) also be possible to add a device as that is "the feds"

Yes, both of these would require active work on Apple/ law enforcement's part
to forward the messages to their intended recipient. However, this isn't that
much work and 2) for actual wiretaps you typically need someone to monitor the
tap so you don't record information not covered by the tap(we see this in The
Wire).

Lastly, there is precedent (all be it Canadian) for companies being forced to
exploit vulnerabilities in their system. [1]

Also, this ignores the fact that apple has device backups of most people's
devices and can probably extract keys from them ( even for the encrypted ones,
its likely with a poor password)

[0][http://blog.cryptographyengineering.com/2012/08/dear-
apple-p...](http://blog.cryptographyengineering.com/2012/08/dear-apple-please-
set-imessage-free.html) [1]
<http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/>

------
josho
Several years ago I worked with a senior tech that had previously worked for
the NSA. For his personal private data he secured it using nothing less than
4096 bit encryption.

Due to his confidentiality agreements he couldn't provide specifics about the
NSA's capabilities, he only would share his own personal security practices.
After that discussion I concluded that if the US Government wanted to know
something about you they could find out. Not only by technical means, but by
any channel you could likely imagine. These guys are smart, the idiots you
hear about in the media are field agents, not the back office folks conducting
the real security work.

Since that time I've also assumed that the US has encryption technology that
is at least 5 years ahead of public research. Today, I assume that means the
US has access to a functional quantum computer and anything using today's
encryption standards are left insecure if the right 3 letter agency wants to
know.

~~~
Jach
RSA-based encryption may be insecure right now; I strongly doubt any agency
has access to a quantum computer powerful enough to break it. But if it is
insecure, it doesn't really matter. The US can't do anything with the
information it gains, because the US can't let anyone know they can break RSA-
based crypto. Once it becomes known that powerful enough quantum computers are
around, the entire crypto community will switch to one of the several
algorithms that are immune to quantum attacks, so their capability is really
only useful for a one-time thing. If I was a major criminal organization I
might have already invested time to switch algorithms.

------
ComputerGuru
It's interesting how easy Apple's iMessage model would lend itself to being a
mass-deployed, heavily-used, CA-based asymmetric encryption network.

As I understand iMessage, when you attempt to text a number a background
thread fires and checks with Apple's iMessage servers to see whether or not
the number is associated with an iMessage account, then returns the end-user
account details to your device so it may send a digital message addressed to
that user to Apple's iMessage servers.

Replace that digital ID with a public key. Private keys are generated and kept
only on your iDevice. iMessage servers are your CA. Each iDevice has a unique
public key.

At this point you have a very secure, end-to-end encryption scheme. No
warrantless snooping is possible, and even Apple is unaware of your message
contents.

Now depending on whether you want your design to be CALEA-compatible or not,
Apple can issue a new private key to the government and add it to "your" list
of public keys on their CA to allow the government to intercept _future_
messages _after_ they have obtained a warrant. If you think you can go toe-to-
toe with the FBI and exempt yourself from CALEA by claiming the design of your
infrastructure does not permit for message interception, you can tweak the CA
around a bit. Only one public key per user, pass private key symmetrically
encrypted with a password only the user knows from one device to the other via
a "secure" side channel when adding new iDevice to user's iMessage account or
other workaround.

I'm absolutely not a security person, and none of what I say should be taken
except as some ramblings that might have some hint of an idea beneath them. I
already can think of a dozen weaknesses in this system, this kinda works only
if you assume you can trust Apple to play within the rules of the framework
they're making, i.e. not to try to intercept your private key, log your
keystrokes, automatically add a second public key recipient to your messages,
etc. Fact of the matter is, you are at their mercy. tptacek, please be gentle
in gutting me.

Edit: Thanks for that link, daniel. It is comforting to know that there is
indeed some base level of security. If CALEA-compliance is achieved by adding
the fed's public key to a list of destination public keys for a message, that
implies you should actually be able to find out whether or not you're being
monitored by simply checking for new/unknown/unexpected additions to your list
of public keys. Of course, there are other methods of doing this that wouldn't
be as easy to detect, e.g. maybe there is an out-of-band request for
additional public keys to send to, maybe the fed's public key is already
embedded in the device and is being used invisibly every time, etc. etc. etc.

Edit2: For people wondering if syncing of old iMessages between devices means
iMessage doesn't work like this, I don't _think_ that's the case. I believe
that's done via iCloud (i.e. backup of previously decrypted messages), as when
you add a new Apple ID to iMessages on OS X, you don't get the old messages
for that account, only new ones. So it's another attack vector, but not
inherent weakness in the iMessage design.

~~~
danielsju6
This is actually how the protocol works, it uses the certificate burnt into
the CPU; Apple claims that the private keys are known by no party including
themselves, probably generated by the chip fab with some some of SCEP
exchange. I've been meaning to update the IMWiki page with my research, but
here's the bit where you see that exchange:
<http://imfreedom.org/wiki/IMessage#Unknown2> ["Apple iPhone Device CA" / "Mac
OS Device Identity (Production)"]

~~~
andreyf
> Apple claims that the private keys are known by no party including
> themselves

Source? How can I add a new device (e.g. Messages on OSX) and get all the
messages between my phone and friends?

~~~
danielsju6
Private keys, not public; the messages are decryptable by anyone who's been
added to the keybag, you've probably seen the pop up notifying you that
another device (private keys burnt onto the chipset) is joining the keybag.
Once you hit OK Apple pings you with encrypted communications from the other
devices (them being the pipe and presumably not in the trust chain, this
explains why sometimes it's a little iffy showing cross device messages.)

The protocol hasn't been completely reverse engineered but enough to know it's
likely decentralized like this, just MITM it (quite a bit is documented on the
wiki I linked), Apple is the CA and the piping but it appears to be rather
strong and decentralized in terms of chain-of-trust. Apple has put itself,
probably without coincidence, in a position where they may not even be able to
execute a court order to spy on a user.

The Apple security white-papers detail their hardware level certificates, I've
dealt with this a lot as a Apple MDM developer.

~~~
Groxx
Not sure I'm reading this correctly, so a quick check:

When I have A, and want to add B, A ships its private key to B so it can
decrypt the messages too? (and vise versa, obviously)

Or does A get B's public key, and A then re-encrypts and re-sends messages it
receives to B?

Or is it something completely different?

~~~
andreyf
The messages don't always arrive in the same order between the devices, so
it's definitely not passed from one to the other. I imagine the senders
encrypt the message with every public key in your keybag.

Someone who actually knows should weigh in, though. GP's understanding seems a
bit murky to me.

~~~
Groxx
If that's the case though, where would this popup be appearing from? (I
haven't seen it, not quite sure where it would be) I would guess they wouldn't
be asking the _sender_ to approve adding my multiple computers whenever I add
one, since that would be a fairly crummy user experience. Seems like it should
be something that I, the owner of the receiving devices, would approve or
deny.

~~~
andreyf
The popup (and e-mail) only notify you that a device has been added to your
account. The approval is done by logging in with your Apple ID.

------
zimbatm
> They [the DEA] can also send a suspect malware, purchase a so-called zero
> day vulnerability to gain control of a target device and extract the
> contents

Made me chuckle. Given that zero day are mostly available in black markets how
can they justify to give money to criminals ?

~~~
lawnchair_larry
You're quite misinformed. There is relatively little zero day of value on the
black market, and zero day doesn't come from criminals. And it can't really,
because finding a vulnerability in someone else's code, that you had nothing
to do with putting there, can't be a crime.

~~~
WiseWeasel
Maybe they were already criminals before they found the vulnerability... : P

------
Dylan16807
All this worry about electronic messaging makes me wonder something. Can they
get a warrant/order to intercept your physical mail and read it in transit?
I'm wondering if they're actually less able to tap than in the past or if
they're just whinging.

~~~
DanBC
EFF say that physical mail is safer than anything else because the legal
protections are so strong.

But then you have to trust that 'they' are law abiding. Extraordinary
rendition is both reassuring and alarming. 'They' will jump through hoops to
look like they're obeying laws, but the end result is still people being
water-boarded.

The Hushmail thing shows that some companies will happily roll over when given
valid law enforcement documentation. (Fair enough, I'm not sure what else they
should do.)

(<https://ssd.eff.org/wire/protect>)

~~~
betterunix
"The Hushmail thing shows that some companies will happily roll over when
given valid law enforcement documentation. (Fair enough, I'm not sure what
else they should do.)"

Companies could design products that do not give them the ability to cooperate
in that manner. Hushmail, for example, could have designed a system where
customers were sold smartcards and not actually run the mail transport, so
that Hushmail itself had no ability to access encrypted messages. While this
would have made Hushmail a bit less convenient, it would also have made it
many times more secure.

Unfortunately, in the current right-wing political climate, there are few
incentives for companies to actually develop or deploy such systems.

~~~
Dylan16807
From what I recall Hushmail had a downloadable applet that was safe. The
problem is they stole certain user passwords by altering the web client.

~~~
betterunix
They could just as easily have modified the applet itself.

~~~
Dylan16807
Not assuming you downloaded it before you became a target. The point I'm
trying to make here is that there was a way to use hushmail without trusting
their servers, which anyone wanting to use the service should do because
they're completely untrustworthy.

~~~
betterunix
I am pretty sure that applets can be updated by the server, which is one of
their big advantages (i.e. no need to try to compel everyone to update on
schedule).

Really though, if you are only going to use PGP from a single computer and you
are not going to download your encryption software every time you use it, what
advantage is there to using Hushmail? Thunderbird with Enigmail, Evolution,
Claws-mail/Sylpheed, and numerous other email programs can encrypt and sign
messages. Hushmail's only draw is that it is webmail, which is only useful if
you want to check your email from arbitrary other computers.

It is also generally bad practice to leave your secret keys on some server
somewhere, even if you are sure your passphrase is strong. I would not be
surprised if a lot of Hushmail users have very weak passphrases that can be
easily guessed.

~~~
Dylan16807
Maybe I shouldn't have used the word 'applet' but it was something you were
supposed to NOT load from their servers every use.

~~~
betterunix
"Applet" is the correct word -- it is a Java applet. The only way to not load
_anything_ from their servers every use is to use PGP in a more traditional
setup, where your keys are stored locally and never leave your control.

~~~
Dylan16807
As far as I understand it you can one-time download and verify their java
program, and it uses your password to retrieve and decrypt keys in a way that
protects you from hushmail. So with that workflow it is very much like
traditional PGP with no way to inject a vulnerability later. Am I mistaken?

------
fnayr
Why shouldn't I work for the NSA? That's a tough one. But I'll take a shot.
Say I'm workin' at the NSA and somebody puts a code on my desk, somethin' no
one else can break. Maybe I take a shot at it and maybe I break it and I'm
real happy with myself cause I did my job well, but maybe that code was the
location of some rebel army in North Africa or the Middle East and once they
have that location, they bomb the village where the rebels are hiding, fifteen
hundred people I never met, never had no problem with get killed. Now the
politicains are sayin' "Oh send in the marines to secure the area, cause they
don't give a shit, won't be their kid over there gettin' shot just like it
wasn't them when their number got called cause they were all pullin' a tour in
the National Guard. It'll be some kid from Southy over there takin' shrapnel
in the ass. He comes back to find that the plant he used to work at, got
exported to the country he just got back from, and the guy that put the
shrapnel in his ass got his old job cause he'll work for 15 cents a day and no
bathroom breaks. Meanwhile, he realises the only reason he was over there in
the first place was so that we could install a government that would sell us
oil at a good price, and ofcourse the oil companies use a little skirmish over
there to scare up domestic oil prices, a cute little ancilliary benefit for
them, but it ain't helpin' my buddy at 2.50 a gallon. Their takin' their sweet
time bringin' the oil back, of course maybe they even took the liberty of
hiring an alcoholic skipper who likes to drink martini's and fuckin' play
slolum with the icebergs. It ain't to long til he hits one, spills the oil,
and kills all the sea life in the North Atlantic... so now my buddy's out of
work, he can't afford to drive, so he's walkin' to the fuckin' job interviews
which sucks cause the shrapnel in his ass is givin' him cronic hemroids and
meanwhile, he's starvin' cause everytime he tries to get a bite to eat the
only blue plate special their serving is North Atlantic scrod with Quaker
State.... so what did I think? I'm holdin' out for somethin' better. I figure
fuck it, while Im at it why not just shoot my buddy, take his job, give it to
his sworn enemy, hike up gas prices, bomb a village, club a baby seal, hit the
hash pipe, and join the National Guard. I could be elected President.

------
archon
So, if they're caught in other ways than via the surveillance, does that open
up criminals using iMessage to further prosecution based on the notion that
they used encryption to conceal a crime?

~~~
webignition
My understanding is the messages app seamlessly transitions to using iMessage
to send messages over a data connection where available.

Assuming this to be the case, you wouldn't normally choose to use iMessage. It
just happens if it can.

If further penalty were to be considered, I expect the prosecutor would have
to prove that the user intentionally took action to ensure iMessage was used
for the delivery of messages instead of SMS. I suspect that would be hard to
demonstrate.

------
mindcrime
Good. Isn't that the point of encryption? F%!# the DEA anyway. Now we need to
get more people educated on the importance of using strong crypto to protect
their private communications.

------
Zimahl
_We don't want to have a system where you're needlessly imposing burdens on
thriving industries or even budding industries_

Messaging is superfluous on the internet. Everything has it from Words With
Friends to World of Warcraft. I understand that not all messaging systems are
encrypted but being required to put in a backdoor for a government agency to
spy on messages is a fair amount of work. Would you have to log all messaging
too and for how long?

------
joshdick
So what if DEA can't decrypt it? The real question is: Can the NSA decrypt it?

~~~
declan
Additional questions: Given that the DEA is more likely to reveal its methods
in court intentionally or unintentionally
(<http://news.cnet.com/8301-10784_3-9741357-7.html>), even if the NSA can
decrypt iMessage communications, why in the world would they share this
knowledge with law enforcement?

It's a modern version of the Ultra intercepts/Coventry blitz (now called into
question). The NSA might risk revealing its methods if it would stop the next
9/11. To put a meth dealer in jail? Not a chance.

~~~
pi18n
> The NSA might risk revealing its methods if it would stop the next 9/11.

I think the government would need to be in mortal peril otherwise before they
reveal they broke RSA, assuming that they have. To stop a 9/11-type attack
they would probably fake some information leak from the other side.

------
runn1ng
Is the code open for scrutiny? No? Then it's not secure enough for me, sorry.

------
nsxwolf
So, this article is untrue? Apple has the messages in plaintext on their
servers, thus the DEA could in fact subpoena them? I'm getting mixed messages.
Consensus?

------
rmrfrmrf
Boo hoo?

------
mtgx
I bet it doesn't even use OTR. You can't just rely on Apple to keep it secure.
I do hope Google's upcoming Babel service is at least as secure, but I also
hope it uses OTR.

------
yalogin
The one thing that stands out from that article is that iMessage is the most
popular encrypted chat program in history. Is this true? Isn't gchat encrypted
as well?

~~~
a2tech
Gchat isn't encrypted in any way-other than over SSL to and from your client
to Google's servers. Your chat history is also stored in gmail.

------
telecuda
IF a court order (40+ page Title 3) were provided to surveil a criminal
suspect, do you believe that Apple/iMessage and VoIP services should be
required to respond to law enforcement intercept requests?

If yes, then legal and technical frameworks are needed where service providers
outside the traditional telcos can respond. This is the gap that has been
widening since the introduction of the smartphone.

It's not a huge problem right now since most criminal communication that
police are interested in is still done over traditional voice, SMS, and email
(where these providers are already interfaced with law enforcement).

~~~
Zigurd
That point of view implies making client-based encryption illegal, or it's a
very short hop to the same outcome, except that message contents are secured
separately from the messaging application and infrastructure behind it.

------
blueprint
It's a trap!

------
EGreg
So the government wants to make laws to prevent people from securely talking
to each other?

~~~
rhizome
They'd rather not have to be so vulgar as to publicize it through legislation.
Just giving them the power to read everything will be satisfactory enough.

~~~
EGreg
Well but the laws are for the providers...

------
kunai
tl;dr, government bureaucrats upset because they can't spy on innocent
civilians.

------
shmerl
OTR is better.

------
mattbarrie
Not for long.

