Apple’s iMessage encryption puts its security practices in DOJ focus

It’s an argument that some Apple critics have made over the years, including science fiction writers, technology critics, bottleneck capitalism. “When an Android user is added to a chat or group chat, the entire conversation turns into a text message, an insecure and easily hackable privacy nightmare that first emerged 38 years ago. wayne’s world first release,” Doctorow wrote. “Apple’s response to this is hilarious. The company’s stance is that if you want true security in your communications, you should buy iPhones for your friends. “

In a statement to Wired, Apple said its products are designed to “work seamlessly together, protect people’s privacy and security, and create amazing experiences for users,” adding that the Justice Department’s The lawsuit “threats who we are and the principles we live by.” Make Apple products stand out in the market. The company also said it hasn’t released an Android version of iMessage yet because it can’t ensure third parties implement it in a way that meets the company’s standards.

“If successful, [the lawsuit] “It will also hinder our ability to create the technology people expect from Apple – where hardware, software and services intersect,” the statement continued. “It will also set a dangerous precedent that allows governments to take drastic measures when designing human technology.” We believe this lawsuit is wrongful on both facts and law, and we will vigorously defend it. “

In fact, Apple not only refuses to build iMessage clients for Android or other non-Apple devices, but it actively fights those who do. Last year, a service called Beeper launched, promising to bring iMessage to Android users. Apple responded by tweaking its iMessage service to break Beeper’s functionality, and the startup announced its exit in December.

Apple argued in the case that Beeper compromised users’ security — and in fact, it did compromise iMessage’s end-to-end encryption by decrypting and then re-encrypting messages on Beeper’s servers, though Beeper vowed to do so in future updates. to change this. Beeper co-founder Eric Migicovsky doesn’t think Apple’s drastic move to reduce Apple-to-Android text messages to traditional text messages is a safer alternative.

“It’s kind of crazy that it’s 2024 and there’s still not a simple, encrypted, high-quality way to do something as simple as sending a text message between an iPhone and an Android,” Migicovsky told Wired in January . “I think Apple’s response is very embarrassing and bizarre – claiming that the Beeper Mini threatens the security and privacy of iMessage users, when in fact, the opposite is true.”

Even as Apple faces accusations of hoarding iMessage security features to the detriment of smartphone users around the world, it has only continued to improve them: In February, it upgraded iMessage with a new encryption algorithm designed to be impervious to quantum cryptography cracks Impact; last October, it added a new encryption algorithm. Contact Key Verification, a feature designed to prevent man-in-the-middle attacks where intended contacts are tricked into intercepting messages. Perhaps more importantly, it’s said to be adopting the RCS standard to improve messaging with Android users, although the company hasn’t revealed whether those improvements include end-to-end encryption.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *