Privacy concern: iMessage in iCloud

[Maleption]

I know iCloud today is encrypted by my password but apple engineers can access my content without my password as long as they have my permission.

iMessage is always marketed with End-to-end Encryption. Now I want to know how they will store my messages in iCloud.

 

[VSMacOne]

I think I remember them saying it was still encrypted end-to-end so I think it will be a different story than other iCloud content.

 

[Suckfest 9001]

It's encrypted on the cloud too. "apple engineers can access my content without my password as long as they have my permission" not with encryption they can't. Messages will require a key.

 

[Courageous]

I don't know how this will work. If I can setup a new phone with just my iCloud password and restore my messages then end-to-end encryption is useless. Maybe you have to authorize the new phone with your current iphone and it sends the encryption key to it. Then it must send the key directly to the new phone.

 

[4ndr3w]

I don't know how this will work. If I can setup a new phone with just my iCloud password and restore my messages then end-to-end encryption is useless. Maybe you have to authorize the new phone with your current iphone and it sends the encryption key to it. Then it must send the key directly to the new phone.

This is what I'm thinking. This feature isn't just like a Dropbox for your messages, it's a system that was created just for storing encrypted messages and has significant integration into the OS.

 

[KeanosMagicHat]

Whenever we hear about Apple hacks recently, they always relate to iCloud.

I don't use it at all for that reason.

Has there been a change I've missed regarding how iMessage is handled?

 

[armandxp]

I'm sure Apple is not going to back down on their privacy and encryption policy's. Beside's there's nothing in my messages that I could care less about an Apple Engineer looking at.

 

[Mlrollin91]

My guess is you can't use iMessage in the cloud with 2FA on your device. That will add a second layer of protection.

This was required just for Apple Watch to unlock your Mac.

 

[Apple_Robert]

Whenever we hear about Apple hacks recently, they always relate to iCloud.

I don't use it at all for that reason.

Has there been a change I've missed regarding how iMessage is handled?

iCloud isn't the problem. The problem comes when some users of Apple products are lazy or ignorant about account security. They put themselves at risk through their own actions, not Apple.

 

[KeanosMagicHat]

iCloud isn't the problem. The problem comes when some users of Apple products are lazy or ignorant about account security. They put themselves at risk through their own actions, not Apple.

If you don't use it though - you're not at risk from these type of attacks.

 

[stephen1108]

iCloud isn't the problem. The problem comes when some users of Apple products are lazy or ignorant about account security. They put themselves at risk through their own actions, not Apple.

Exactly, the celebrities who had their iCloud accounts compromised a while back supposedly had rather simple passwords and there were no two step verification methods enabled (I couldn't tell you if those features were available at the time though).

 

[Tanax]

If you don't use it though - you're not at risk from these type of attacks.

Then you shouldn't use e-mail. Nor Facebook. Or any other type of Internet service. Or in fact, you should just stay out of Internet all together. Everything you do can be tracked and used to steal personal information unless you safeguard against those hacks. E.g. use a VPN. And of course, GOOD passwords.

I promise you that iCloud has far better security than your logins does.

 

[KeanosMagicHat]

Then you shouldn't use e-mail. Nor Facebook. Or any other type of Internet service. Or in fact, you should just stay out of Internet all together. Everything you do can be tracked and used to steal personal information unless you safeguard against those hacks. E.g. use a VPN. And of course, GOOD passwords.

I promise you that iCloud has far better security than your logins does.

I don't buy this "simple password" explanation.

Although it will account for some, obviously, I saw numerous reports about Apple addressing issues with iCloud after each hack.

I'm not telling people not to use it, just not using it myself.

 

[Cigsm]

You're saying each hack. There was one "hack" and it had nothing to do with Apple. A group was targeting celebrities they knew had iPhones and using social engineering to get in. That is, when the security question came up for Jennifer Lawrence that said "your first dogs name", someone could google that answer and get into the account.

I don't buy this "simple password" explanation.

Although it will account for some, obviously, I saw numerous reports about Apple addressing issues with iCloud after each hack.

I'm not telling people not to use it, just not using it myself.

 

[archvile]

Whenever we hear about Apple hacks recently, they always relate to iCloud.

I don't use it at all for that reason.

Has there been a change I've missed regarding how iMessage is handled?

These aren't "hacks" in the sense that the iCloud system was compromised, it was people using simple passwords with no 2-factor auth, and iCloud.com at that time allowed basically brute forcing an account's password because it didn't lock out after X times, they have since fixed that. iCloud is by far the most secure of any cloud platform I've seen or used. If you are using Google cloud based on the assumption that iCloud is insecure, you are very ill-informed. Google's system tracks and reads ALL of your content, and serves ads to you based on said content, in addition to selling your data to 3rd parties. They scan your e-mail, location, web browsing, photos, search history, et. al under the mask of providing a more personalized experience for the user. They are just in it for the information collecting and targeted advertising; Apple at this point in time couldn't care less about being able to access that info.

To the original topic, Apple does store all of your iCloud information completely encrypted, but iMessage has always been end-to-end encrypted, which means that the keys to decrypt this data are stored solely on the devices authorized under that Apple ID. Apple does not have the ability to read iMessage data (but they can read metadata, such as phone numbers involved, time sent/received, etc.). Compare this to other iCloud data, such as Photos, where it is still sent and stored encrypted on Apple's system, but they have the keys to be able to unlock this data if they so desire. However, I am sure this would only happen for legal or criminal reasons. So, iMessage in iCloud is merely additional sync capabilities (no different than how they already mark messages as read on other devices), but they still do not have the ability to read that data.

Now, another aspect of this is iCloud backups; from what I have read, Apple has the keys to unlock your iCloud backup (again, they have their own set of keys to almost everything except for iMessage), but the iMessages within the backup would still be encrypted with the device keys that it originated from, so they still wouldn't be able to access them there, either.

EDIT - if you have time or are interested, check out the iMessage section of the iOS security guide, it does a very good job of explaining how it works, how it is secured, etc. There is also a general iCloud section as well, it is a very good read even if you don't know what everything means.
https://www.apple.com/business/docs/iOS_Security_Guide.pdf

[doublepost=1497015244][/doublepost]

My guess is you can't use iMessage in the cloud with 2FA on your device. That will add a second layer of protection.

This was required just for Apple Watch to unlock your Mac.

You are probably right on this, and I hope Apple starts slowly pushing 2FA as a requirement to use certain features, just to get more people aware about it and using it. 95% of the people I try to explain the basic concept of 2FA to initially have absolutely no idea what it is nor have they ever heard of it.

 

[wx4olf]

You are probably right on this, and I hope Apple starts slowly pushing 2FA as a requirement to use certain features, just to get more people aware about it and using it. 95% of the people I try to explain the basic concept of 2FA to initially have absolutely no idea what it is nor have they ever heard of i

I tend to agree that it's going to require 2FA but Apple does need to do a better job explaining/pushing its use.

 

[rui no onna]

You're saying each hack. There was one "hack" and it had nothing to do with Apple. A group was targeting celebrities they knew had iPhones and using social engineering to get in. That is, when the security question came up for Jennifer Lawrence that said "your first dogs name", someone could google that answer and get into the account.

Yep. This. We don't know if the hacked celebrities were using simple or complex passwords. However, much of their personal life is public knowledge so the security questions ended up being useless and password recovery was much easier.

I do believe Apple is pushing 2FA now. I remember setting up my dad's new iPhone and 2FA was enabled by default.

 

[KeanosMagicHat]

Ok I didn't think I'd have to do this on this forum, because I felt that people were already well researched enough.

Also, as I said earlier in the thread, I'm not here to tell other people what to do in terms of whether they choose to use iCloud or not, but merely to post my own personal opinion.

For the several above who are completely blaming user error for iCloud hacks, or incorrectly stating that there's only ever been one, here are some articles freely available on the 'net.

October 2014 - Reports of Chinese body attacking iCloud by using a "Man in the Middle" where their server is placed between the user and Apples iCloud infrastructure in an attempt to capture as much data as possible during transit.

This has nothing to do with poor use of passwords, as anyone has the potential to be caught out by such an attack.

One of the senior management at F-Secure, Mikko Hyponnen, made a definitive statement saying that from the evidence he had seen, it was a genuine hack.

Mikko is a respected tech industry employee and is also known for his TED talks.

http://www.cnbc.com/2014/10/21/china-hackers-may-have-hacked-apples-icloud.html

---

May 2015 - admittedly this particular hack crosses both boundaries as the initial part of the attack relies on simple passwords, however it is relevant as there was an additional technical layer to the attack which bypassed Apple's two factor authentication rendering it "useless".

This iCloud security flaw was patched by Apple with a security update.

http://www.ibtimes.com/apple-icloud...atched-after-new-years-day-disclosure-1773648

---

Oct 2015 - A white hat attacker exposes a flaw which allows a simple phishing email to generate a realistic looking iOS pop-up to request user iCloud Passwords

Whilst, I doubt many on this forum, would be caught out by such a trick, the forum is not at all representative of the masses that use iCloud. I can think of many people in my circle of friends that would definitely be caught out by this and therefore expose their iCloud account to attack.

http://www.ibtimes.com/apple-icloud...ords-targeted-part-white-hat-security-1960278

---

Some forum members would no doubt point out that the article above mentioned a white hat attacker, rather than someone hacking maliciously.

To those people I would say, do you seriously believe that if this person was able to find and exploit a flaw to attack iCloud, that no one else in the world knew about this vulnerability and were already also taking advantage of it, but for more nefarious reasons?

So in summary, there has been more than one attack on iCloud, these are just a few corroborating articles that I was able to find with just a couple of minutes of research to refresh my memory of prior attacks that I knew had taken place.

In addition, these attacks are about far more than overly simple passwords and have occurred as a direct consequence of iCloud security flaws which Apple have subsequently had to take action to remedy.

This will continue into the future with further iOS updates and is something Apple will have to remain vigilant on going forward.

 

[archvile]

October 2014 - Reports of Chinese body attacking iCloud by using a "Man in the Middle"
http://www.cnbc.com/2014/10/21/china-hackers-may-have-hacked-apples-icloud.html

This attack vector can be utilized against literally any web server and is not indicative of the security of Apple's system; also, it says MAY have. I MAY have used a MITM to get into an NSA server yesterday. No solid proof or confirmation, though.

May 2015 - admittedly this particular hack crosses both boundaries as the initial part of the attack relies on simple passwords,
http://www.ibtimes.com/apple-icloud...atched-after-new-years-day-disclosure-1773648

Literally says "relies on simple passwords", pretty sure this would qualify as user error - don't know what else you are trying to prove here.

Oct 2015 - A white hat attacker exposes a flaw which allows a simple phishing email to generate a realistic looking iOS pop-up to request user iCloud Passwords

Phishing, again falls under user error. No matter how real it looks - that's the point of phishing. Also,

To those people I would say, do you seriously believe that if this person was able to find and exploit a flaw to attack iCloud, that no one else in the world knew about this vulnerability and were already also taking advantage of it, but for more nefarious reasons?

The same can be said about any internet facing service/system in today's world. I can say with fairly utmost certainty that Apple receives a very small percentage of attacks compared to bigger targets such as Facebook and Google. And, as your articles have pointed out, Apple is pretty quick to patch any holes.

So in summary, there has been more than one attack on iCloud, these are just a few corroborating articles that I was able to find with just a couple of minutes of research to refresh my memory of prior attacks that I knew had taken place.

Again, small potatoes compared to other internet giants. If this turns you off to just iCloud, then you might as well disconnect your computer from the internet completely.

In addition, these attacks are about far more than overly simple passwords and have occurred as a direct consequence of iCloud security flaws which Apple have subsequently had to take action to remedy.

One of the attacks you yourself listed literally says "simple passwords", yet you say they are about far more than simple passwords... again, you're not making much sense here.

 

[KeanosMagicHat]

This attack vector can be utilized against literally any web server and is not indicative of the security of Apple's system; also, it says MAY have. I MAY have used a MITM to get into an NSA server yesterday. No solid proof or confirmation, though.

I'm sure you know better than the tech veteran that commented on the evidence he'd personally seen of the attack.

Literally says "relies on simple passwords", pretty sure this would qualify as user error - don't know what else you are trying to prove here.

If you didn't deliberately take a part of my quote out of context, you'd see this was a multi layered attack and my point would be obvious.

Phishing, again falls under user error. No matter how real it looks - that's the point of phishing.

It doesn't fall under "simple passwords" as others claimed was the sole cause though does it, which was my point.

The same can be said about any internet facing service/system in today's world. I can say with fairly utmost certainty that Apple receives a very small percentage of attacks compared to bigger targets such as Facebook and Google. And, as your articles have pointed out, Apple is pretty quick to patch any holes.

By stating Apple are "quick to patch any holes" you admit the holes are there in the first place - which is, yet again, my point exactly.

Again, small potatoes compared to other internet giants. If this turns you off to just iCloud, then you might as well disconnect your computer from the internet completely.

This is an overly dramatic and irrelevant statement that adds nothing to the debate.

 

[mthomas184]

Whenever we hear about Apple hacks recently, they always relate to iCloud.

I have only heard of one, back in 2014. Care to share the others?

 

[Capeto]

Back on topic:

A quick search came up with Apple’s Law Enforcement Guidelines. Scroll down to the iCloud section, and you’ll see the following:

iCloud content may include email, stored photos, documents, contacts, calendars, bookmarks, Safari browsing history and iOS device backups. iOS device backups may include photos and videos in the Camera Roll, device settings, app data, iMessage, SMS, and MMS messages and voicemail.

and

iCloud content, as it exists in the subscriber’s account, may be provided in response to a search warrant issued upon a showing of probable cause.

While it doesn’t specify how the new iMessages on iCloud is stored (i.e., encrypted or not), the wording to me implies that iMessage data from an iCloud backup is accessible. The encryption only applies when messages are being sent (to prevent interception as the message is being sent).

 

[hehe299792458]

Doesn't this quite definitively answer the OP's question?

Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, a copy of the key protecting your Messages is included in your backup. This ensures you can recover your Messages if you've lost access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and it is not stored by Apple.

https://support.apple.com/en-hk/HT202303

 

[cola79]

If you want privacy, you should never use iCloud. iCloud is for convenience, not for security.

The key to encrypt all your messages content is stored in the iCloud backup of these.

So if Apple has to hand over the backup or someone from outside gets access to your backup, they should be able to decrypt all content easily.

„Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, a copy of the key protecting your Messages is included in your backup. This ensures you can recover your Messages if you've lost access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and it is not stored by Apple.“