Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
59,217
23,138


In addition to expanding end-to-end encryption to many additional iCloud data categories on an optional basis, Apple today also announced two other new security features designed to protect against threats to user data in the cloud.

Apple-advanced-security-iMessage-Contact-Key-Verification_screen-Feature.jpg
iMessage Contact Key Verification

Apple says the new iMessage Contact Key Verification and Security Keys for Apple ID features will be available globally on the iPhone and other devices in 2023.

iMessage Contact Key Verification allows users who face "extraordinary digital threats," such as journalists, human rights activists, and government officials, to further verify that they are messaging only with the people they intend. In conversations between users who have enabled iMessage Contact Key Verification, users are alerted if a state-sponsored attacker or other malicious actor were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on the conversation.

As an additional layer of security, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call to further verify they are communicating only with whom they intend.

Apple-advanced-security-Security-Keys_screen-Feature.jpg
Security Keys for Apple ID

Second, Security Keys for Apple ID will give users the choice to use third-party physical security keys to further protect their account. For users who enable this feature, Security Keys strengthens Apple's two-factor authentication by requiring a hardware security key as one of the two factors instead of an authentication code.

"Our security teams work tirelessly to keep users' data safe, and with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications," said Apple's software engineering chief Craig Federighi.

Article Link: Apple Previews New iMessage and Apple ID Security Features Coming in 2023
 
  • Love
Reactions: DeepIn2U

KingOfTas

macrumors newbie
Jul 15, 2015
15
12
Tasmania
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.
 

mansplains

macrumors 6502a
Jan 8, 2021
793
1,219
I wondered what why Apple didn't support security keys / U2F. This will be handy for me.
 

samlikesmac

macrumors member
Jun 10, 2010
85
124
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.
CSAM plans have been cancelled as of today.
 

centauratlas

macrumors 68000
Jan 29, 2003
1,650
3,076
Florida
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.

From my (albeit not yet deep dive), the backup is encrypted with on device keys if you enable this so that should answer your concern above. That is my concern also, but it appears from the info I've seen so far that they are locking that down.

Let's hope.
 
  • Like
Reactions: CrzySxyCl

DeepIn2U

macrumors G4
May 30, 2002
11,944
6,159
Toronto, Ontario, Canada
More virtue signaling from Apple after hobbling AirDrop in China. It's almost comical at this point.

AirDrop limitation to 15mins has nothing to do with virtue signaling, it's about being spammed.

Anyhow this security is a necessary and great feature (Security Keys) to iOS and a BIG reason why RCS is not being implmented. Take that Google.
 
  • Like
Reactions: ixrated and Chazak

BootsWalking

macrumors 68020
Feb 1, 2014
2,227
13,979
AirDrop limitation to 15mins has nothing to do with virtue signaling, it's about being spammed.

Anyhow this security is a necessary and great feature (Security Keys) to iOS and a BIG reason why RCS is not being implmented. Take that Google.
Yeah, been like that forever but suddenly Chinese citizens started using it to avoid government censors and suddenly Apple wants to fix the "spam problem". You can't be serious.
 

t0rqx

macrumors 6502a
Nov 27, 2021
782
1,802
Let me guess these features probably need you to upgrade to iPhone 15 cause current iPhones cannot run this.
 

Xoushu

macrumors newbie
Jun 15, 2022
3
3
I’m Chinese in shanghai.

Our device is missing a lot of functions.

Please let this function come to this place. PLEASE!
 

gank41

macrumors 68030
Mar 25, 2008
2,913
2,991
Well, this is unfortunate. I wonder if it’s because of the beta update? I bought this iPhone 14 Peo Max on launch day.

CDB7B515-644D-4A20-BAD6-896A06B51D3A.png
 

rweston002

macrumors newbie
Mar 17, 2014
6
6
USA
Let me guess these features probably need you to upgrade to iPhone 15 cause current iPhones cannot run this.
I'd guess you were wrong. Let's see whose guess is correct... (happy iPhone 12 mini owner here, looking forward to some of these changes/features).
 

pcmike

macrumors 6502
Jun 17, 2007
464
294
Lake Worth, FL
Now if only we can get some of this security/privacy on Home Keys for HomeKit enabled smart locks. Currently, anyone added as a resident to the home gets a home key that they alone get to decide if express mode is enabled or not… not the actual lock/home owner. This means literally any resident (adult, kid, etc) can enable express mode on their home key and literally anyone who gains access to that phone can use it to unlock your front door without any authentication being done… and the owner of the lock has no say/no way to bar any resident from enabling express mode! Talk about a massive security risk at your front door! Come on Apple…
 
  • Like
Reactions: _Spinn_

iDarth_Betar

macrumors 65816
Jul 18, 2022
1,018
3,931
I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.
So you chime in roughly 2 times a year (over the last 7) to what, bash an article here and there without searching current articles first…?


They don’t trap anyone. No one has yet to be found cuffed to a chair in TC’s basement, being forced to buy one, let alone more devices from Apple. Don’t like the ecosystem, don’t buy the products.

👊😎👍
 

alexe

macrumors regular
Nov 5, 2014
215
1,180
MacRumors should always add the link to the original announcement from Apple.

I know you want to keep people on your site, but it's annoying for users who want to read Apple's official announcements to have to Google it every time rather than click on a link in your article. Sources should always be linked directly.
 
  • Like
Reactions: Tenkaykev
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.