Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,189
38,980


In addition to expanding end-to-end encryption to many additional iCloud data categories on an optional basis, Apple today also announced two other new security features designed to protect against threats to user data in the cloud.

Apple-advanced-security-iMessage-Contact-Key-Verification_screen-Feature.jpg
iMessage Contact Key Verification

Apple says the new iMessage Contact Key Verification and Security Keys for Apple ID features will be available globally on the iPhone and other devices in 2023.

iMessage Contact Key Verification allows users who face "extraordinary digital threats," such as journalists, human rights activists, and government officials, to further verify that they are messaging only with the people they intend. In conversations between users who have enabled iMessage Contact Key Verification, users are alerted if a state-sponsored attacker or other malicious actor were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on the conversation.

As an additional layer of security, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call to further verify they are communicating only with whom they intend.

Apple-advanced-security-Security-Keys_screen-Feature.jpg
Security Keys for Apple ID

Second, Security Keys for Apple ID will give users the choice to use third-party physical security keys to further protect their account. For users who enable this feature, Security Keys strengthens Apple's two-factor authentication by requiring a hardware security key as one of the two factors instead of an authentication code.

"Our security teams work tirelessly to keep users' data safe, and with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications," said Apple's software engineering chief Craig Federighi.

Article Link: Apple Previews New iMessage and Apple ID Security Features Coming in 2023
 
  • Like
  • Love
Reactions: allpar and DeepIn2U
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.
 
I wondered what why Apple didn't support security keys / U2F. This will be handy for me.
 
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.
CSAM plans have been cancelled as of today.
 
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.

From my (albeit not yet deep dive), the backup is encrypted with on device keys if you enable this so that should answer your concern above. That is my concern also, but it appears from the info I've seen so far that they are locking that down.

Let's hope.
 
  • Like
Reactions: CrzySxyCl
More virtue signaling from Apple after hobbling AirDrop in China. It's almost comical at this point.

AirDrop limitation to 15mins has nothing to do with virtue signaling, it's about being spammed.

Anyhow this security is a necessary and great feature (Security Keys) to iOS and a BIG reason why RCS is not being implmented. Take that Google.
 
AirDrop limitation to 15mins has nothing to do with virtue signaling, it's about being spammed.

Anyhow this security is a necessary and great feature (Security Keys) to iOS and a BIG reason why RCS is not being implmented. Take that Google.
Yeah, been like that forever but suddenly Chinese citizens started using it to avoid government censors and suddenly Apple wants to fix the "spam problem". You can't be serious.
 
Let me guess these features probably need you to upgrade to iPhone 15 cause current iPhones cannot run this.
 
I’m Chinese in shanghai.

Our device is missing a lot of functions.

Please let this function come to this place. PLEASE!
 
Well, this is unfortunate. I wonder if it’s because of the beta update? I bought this iPhone 14 Peo Max on launch day.

CDB7B515-644D-4A20-BAD6-896A06B51D3A.png
 
Let me guess these features probably need you to upgrade to iPhone 15 cause current iPhones cannot run this.
I'd guess you were wrong. Let's see whose guess is correct... (happy iPhone 12 mini owner here, looking forward to some of these changes/features).
 
Now if only we can get some of this security/privacy on Home Keys for HomeKit enabled smart locks. Currently, anyone added as a resident to the home gets a home key that they alone get to decide if express mode is enabled or not… not the actual lock/home owner. This means literally any resident (adult, kid, etc) can enable express mode on their home key and literally anyone who gains access to that phone can use it to unlock your front door without any authentication being done… and the owner of the lock has no say/no way to bar any resident from enabling express mode! Talk about a massive security risk at your front door! Come on Apple…
 
  • Like
Reactions: _Spinn_
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.
So you chime in roughly 2 times a year (over the last 7) to what, bash an article here and there without searching current articles first…?


They don’t trap anyone. No one has yet to be found cuffed to a chair in TC’s basement, being forced to buy one, let alone more devices from Apple. Don’t like the ecosystem, don’t buy the products.

👊😎👍
 
MacRumors should always add the link to the original announcement from Apple.

I know you want to keep people on your site, but it's annoying for users who want to read Apple's official announcements to have to Google it every time rather than click on a link in your article. Sources should always be linked directly.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.