Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Announces 'Groundbreaking' New Security Protocol for iMessage
- Thread starter MacRumors
- Start date
- Sort by reaction score
Depends on where you are. WhatsApp doesn’t get used much outside of Europe and South America. In Asia, the most popular apps are WeChat and Line. Strangely, Facebook Messenger is the most popular messaging app in the US with Google Messaging second. Of course, Facebook Messenger is also controlled by Meta.
This is about encryption in transit, not at rest.
Not even close to powerful enough to be relevant to cryptanalysis, and it’s unclear when (or even if) that will happen.
It’s not correct that it will able to break all known encryption methods, not at all. For example, not AES and other symmetrical methods.
Unlikely. More like government agencies and similar.
No one has a quantum computer relevant for such attacks since they don’t exist. They aren’t needed since QC is a theoretical science, part of computer science.
Everything is true until it isn’t, outside of mathematics, so that doesn’t say much.
Who’s gonna verify it, you? Just like you verified the current cryptographic implementation?
It’s not even easy to understand AES, from a security perspective, and AES is perhaps the least relevant part of what makes up message security in systems like iMessage.
You never control the other party in any situation. They could print pictures of the messages you send or get drugged and give up their passcodes. You only control your own security, so enable ADP is it’s a concern.
It’s not stored unencrypted.
Yes. See above.
…or Chinese: https://www.macrumors.com/2024/02/20/apple-rcs-message-compliance-china-law/
How does Apple prevent a simple downgrade attack by, for example, messaging from an unsupported, old client? Considering they‘re downgrading text messages to insecure SMS by default today?
WhatsApp provides E2E encryption using the Signal Protocol.
It's stored using vendor-controlled encryption keys, from my perspective as a user it's under the control of an external party that has values different to my own and who has to comply with demands from authorities.
An employee with the right level of access could also leak it for example, whereas if it was stored using my own encryption keys (like with Advanced Data Protection enabled) then even if authorities make demands or employees leak the data then it's still gibberish.
Apple should have allowed (and encouraged) users to set their own encryption keys for backups from the beginning.
But no it's great that we're improving encryption in transit, it's just not the biggest issue at present when it comes to protecting the privacy of users communicating using iMessage.
Last edited:
It sounds like "supported conversations" means conversations between accounts running fully updated (and soon to be released) iOS, iPadOS, and macOS software (and probably excluding certain countries).
So if you and the person you're messaging both only have one iPhone tied to your respective AppleIDs and both are running iOS 17.4 then that conversation will benefit from the new encryption method. However, if you or your conversation partner also send and receive iMessages from an iPad running iPadOS 17.3 or earlier you would not benefit.
Edit: grammar
Last edited:
I'm sticking with Signal because it offers so much more:
- Embraces transparency: it's open-source, ensuring a trustworthy implementation.
- Proven reliability: its encryption has undergone extensive public scrutiny.
- Prioritizes privacy: no data stored on cloud servers for Apple or any other platform to snoop on.
- Unites all platforms: I can enjoy secure communication across iPhones, Androids, Windows, Linux, and more – inclusivity at its best!
Yes, with WhatsApp it doesn’t matter in what device the receiver is.
The President of Signal published a thread on Mastodon about their view on the post quantum encryption for iMessage, since Signal added it last year https://norden.social/@Mer__edith@mastodon.world/111975543883070513
Great stuff. Makes me wonder this is what they will leave out of RCS. I wouldn't be surprised if iMessage will have e2ee and pq3, and RCS might only have e2ee if they can work that into the GSMA spec.
In the US, we consider anything involving WhatsApp to be some sort of Scam
Why are you saying 'American' like it's an insult? We're not the ones using the platform to catfish people on dating sites.
EDIT: It's just a joke
Attachments
Last edited:
He’s pointing out that the entire rest of the world is already incorporating these apps into official businesses and governmental work.
iMessage is a predominantly American thing in terms of international usage.
It’s an easy point to understand, and doesn’t need to be met with derisive nonsense. America is built on scams, so I don’t understand how you feel comfortable posting that nonsense as if we’re better in any way.
Partly. imo Telegram is the better Platform but old people can't be bothered to switch. And thats the reason we use WhatsApp. People other than enthusiasts don't care, they just use whatever they were using before. WhatsApp just got it's foot in the door back then and thats their only edge.
A back door is probably built in
Play ball with government or they’ll take your ball away
So it's E2EE because WhatsApp said so? Is that what you're saying?About end-to-end encryption | WhatsApp Help Center
faq.whatsapp.com