iPhone 7(+) Where are older iMessages stored?

AMSOS

macrumors regular
Original poster
Nov 21, 2010
179
9
I’ve noticed that when I want to go back to older messages in a conversation iMessages takes some time to load them.

This suggests it’s pulling up these older messages from the cloud and not a location on the phone. Note that my iMessages is not setup for synching through the cloud to my MBP.

So, is Apple saving all these messages somewhere on its servers? What happens when I delete the current conversation? This will obviously have messages from say a few weeks ago. But will messages on Apple servers from several months ago also be deleted?

Thanks
 

casperes1996

macrumors 601
Jan 26, 2014
4,074
1,978
Horsens, Denmark
If you have an iCloud backup or use iMessage in iCloud the messages are stored on Apple's end. If not, they are only stored locally.

The delay isn't necessarily associated with cloud access. iMessage messages are encrypted, older messages may even be compressed. The recent messages are in your RAM. When you scroll far enough back, the messages need to be retrieved from local storage unencrypted (and maybe uncompressed), put into RAM and displayed on the screen. There's both storage and computation needed to get the older messagges ready for display regardless of whether it's a local or a far copy.
 

AMSOS

macrumors regular
Original poster
Nov 21, 2010
179
9
If you have an iCloud backup or use iMessage in iCloud the messages are stored on Apple's end. If not, they are only stored locally.

The delay isn't necessarily associated with cloud access. iMessage messages are encrypted, older messages may even be compressed. The recent messages are in your RAM. When you scroll far enough back, the messages need to be retrieved from local storage unencrypted (and maybe uncompressed), put into RAM and displayed on the screen. There's both storage and computation needed to get the older messagges ready for display regardless of whether it's a local or a far copy.
Ah, I see. Thanks!
So, obviously if I delete an entire conversation then not only the current messages but also the older encrypted messages (on my phone) are deleted?
Would you be able to explain how it works with WhatsApp? With backup enabled messages are backed up to Google servers regularly. So, if I were to delete an entire conversation does it mean older messages on the servers will also be deleted?
 

casperes1996

macrumors 601
Jan 26, 2014
4,074
1,978
Horsens, Denmark
So, obviously if I delete an entire conversation then not only the current messages but also the older encrypted messages (on my phone) are deleted?
The entire thread, old and new, will be deleted. If you have a backup on iTunes or iCloud, it may retain the thread (encrypted) until the backup is overwritten.

Would you be able to explain how it works with WhatsApp? With backup enabled messages are backed up to Google servers regularly. So, if I were to delete an entire conversation does it mean older messages on the servers will also be deleted?
I'm sorry, I don't really have any deeper knowledge of Whatsapp's system.
I can make some assumptions based on how I'd personally design it though, and from that I'd say yes - older messages in the same thread would also be deleted. It's hard to say conclusively without knowing how their backup system works in the first place though. And knowing Google.... Well, they don't always delete what you tell them to anyway. Are you sure it's Google's servers though? Seems a bit strange considering Whatsapp is a Facebook product.

It's not really about long term server-side storage of messages, rather more about message encryption and in-flight communication, but their white paper on the use of the signal protocol to protect messaging may be of interest to you.

This white paper - WhatsApphttps://www.whatsapp.com/.../WhatsApp-Security-Whitepaper.pdf

It's not super dissimilar to how iMessage works either. A lot of the fundamental principles are identical between the two
 

AMSOS

macrumors regular
Original poster
Nov 21, 2010
179
9
If you have a backup on iTunes or iCloud, it may retain the thread (encrypted) until the backup is overwritten.
I see. So, good to see that even if it was on the Cloud and got hacked etc. it's unlikely anyone would be able to see the contents.
But I thought iCloud (and other cloud systems) is not so secure? There have been hacks of all those celebrities' accounts...
Are you sure it's Google's servers though? Seems a bit strange considering Whatsapp is a Facebook product.
So sorry! It is of course Facebook :rolleyes:
But then Google or Facebook, does it really make a difference? ha ha!
Seeing how iPhone gives me the option of switching off locating tracking, I don't want to have anything to do with the Android/Google/Facebook system.
Of course, I have "Find my iPhone" on so I guess Apple does know all the time where I am. But then that can't helped.
Thanks!
 

now i see it

macrumors 601
Jan 2, 2002
4,143
8,160
It's doubtful Google or FB delete anything. Your junk probably resides on their servers forever whether you delete it or not.
 

casperes1996

macrumors 601
Jan 26, 2014
4,074
1,978
Horsens, Denmark
But I thought iCloud (and other cloud systems) is not so secure? There have been hacks of all those celebrities' accounts...
I don't feel comfortable talking about the security level of other cloud platforms, but having written a paper on iOS security, I think I can safely speak a bit about iCloud - granted, my paper focussed more on local data, but I did research iCloud a fair bit too.
Nothing is entirely secure. That's just a fact. I do however trust iCloud as much as I could ever come to trust a service. In fact, I personally store my keychain in iCloud. My keychain literally contains my passwords for everything. So in essence, iCloud would be my single point of failure. Gain access to my iCloud and you have access to my everything. Now if I were handling highly confidential government or business data, I might do things slightly differently, but even for the most sensitive of personal data, I trust iCloud. It gets independently security audited, all data is encrypted E2E, there's no data-mining, and the platform uses dedicated security chips on the servers (similar to the secure enclave) with distributed keys that are destroyed after setup, to ensure that the system cannot be altered after it is setup properly. That does have the downside however that if the system needs to be updated in one way or another it is not exactly a trivial process - a simple software update would require hardware changing so no malicious software can inflict the servers.
Regarding the celebrity "hacks" you mention... Well, they weren't hacks. Those were phishing schemes, were the celebrities in question were fooled to give their iCloud passwords and usernames to third parties. iCloud was not compromised in itself, but when the usernames and passwords were given to bad actors, there was obviously nothing preventing access. For this reason, the two-factor authentication became more strongly enforced. It is obviously still not impervious to phishing schemes, since the 2-factor code can also be obtained from victims, but it helps alleviate the issue somewhat.

Let us however assume that iCloud's password database was leaked though. The whole list is placed on the dark web. If your password is not sufficiently strong, it'll be cracked fairly quickly (remember, passwords themselves are 'encrypted' (hashed) so even if you have the list of passwords, you can't just read people's passwords, you need to crack them first). However, even with the cracked passwords, there's still the barrier of 2-factor.
Okay, so let's take a different approach. Instead of getting the password list, the attacker gains a higher level of priviledge in the system, and is able to download user data directly from the server without logging in as a user, just downloading from the server.
Well, the data is encrypted so the attacker has an issue. Well, let's say that the attacker couldn't figure out a way past 2-factor authentication, but did manage to crack your password - You might think this password could then unlock the files, since logging in with it and 2-afctor is enough to unlock the file.... But no. The data you store on iCloud is not only encrypted with your password, but a combination of your password and a device key. This is where 2-factor comes into play. It's not just used for logging in, but actually a part of the encryption. Now keep in mind, the 2-factor code is not what is used in the encryption itself, but it is used as a user-level gateway to the device encryption key (since the actual key is way too long for convenience). Each trusted device is capable of decrypting your files with your password, but a non-trusted device is not without the assistance of a key generated by a trusted device. It's quite a brillant protocol really.

But then Google or Facebook, does it really make a difference? ha ha!
A very small one. I think both companies are equally likely to deliberately **** you over with respect to privacy of data... But I think Facebook has shown less aptitude on a technical level. Mind you, the Signal protocol that Whatsapp uses to encrypt messages in flight between devices is a sound protocol providing excellent security. I don't know about longer term server-side storage, but for messages between devices I feel comfortable saying that 1-1 Whatsapp is as secure as iMessage. Though not so for group chats. Whatsapp chooses so relax their security policy a bit when it comes to group messaging (they do this knowingly, and they have reasons that, whilst I disagree lowering security, do make perfect sense. For group messaging, iMessage uses more data - on all participating devices - and requires more processing, but of course maintains a higher level of security too)

Of course, I have "Find my iPhone" on so I guess Apple does know all the time where I am. But then that can't helped.
Find My iPhone is as well protected as your other iCloud associated information :). It can of course be shared through Find My Friends, but Apple does not keep track of your location, and as the system is implemented right now, cannot even if an employee wanted to. If you've agreed to share usage data with Apple, location data may be collected, but never directly or with high accuracy. Your device might tell Apple's servers "I was in the region of place x or at least within a distance of this much to it at some point today". It is never fully live tracking. Furthermore, your device will ocationally lie to Apple's servers to maintain privacy. It will not do this often enough to skew the statisticks gathering, but often enough to make fingerprinting way more difficult if not impossible. You see, the system is meant to be such that all the information collection is done without any of the data being associable to a single device or individual. For instance, if the location data gathered says "I am in Los Angeles!" Apple's servers may note that some device is in Los Angeles, but it should not be possible to then deduce who is in Los Angeles or to whom the device belongs. So your device sometimes lies - though when enough data is gathered, the noise will statistically disappear with the way it is implemented. Again, an ingenious system.