Update: A reader points out a recent debate about whether iMessages can be deciphered by law enforcement or not. In April, CNET published a DEA memo suggesting iMessages were untappable, but a counter-theory was put forward that the DEA memo could be wrong, or even deliberate misinformation. "While Apple boasts of 'end-to-end encryption' it's pretty clear that Apple itself holds the key—because if you boot up a brand new iOS device, you automatically get access to your old messages," wrote Techdirt's Mike Masnick. "That means that Apple is storing these messages in the cloud, and it can decrypt them if it needs to."
This reader's comment is correct. When you boot up a new apple device, usually one of the first things that you do is restore that new device from a backup of your old device -- all of your iMessages appear on that new device because they were copied in from your old backup. iMessages are encrypted for the transmission of the messages, but when the messages are stored on your phone, they are not encrypted. Likewise, the database file of messages (iMessage, SMS, and MMS) in your backup stores the messages in plain text. You can encrypt your backup, but that is not foolproof (here's the first few google hits about decrypting iPhone backups, some require the password and some don't 1 2 3).
For local backups (the ones stored on your computer made with iTunes), this isn't an issue -- your messages are on your phone and computer in plain text, but I have to seize your computer to access them. If you have concern, it should be about your iCloud backups. Those backups contain a significant amount of your data: text messages, visual voicemails, contacts, camera-roll photos, etc (If you're curious about what is stored in your backup, or why I know so much about what is stored in a backup, I highly recommend checking out our free trial of Decipher Backup Browser for Windows or Mac. It will show you what kind of files exist in the iPhone/iPad backups on your computer -- the same information is stored in your iCloud backup.)
Your iCloud backups are transmitted and stored encrypted but decrypting those backups hinges on knowledge of your iTunes username and password -- your iTunes username is likely one of your primary email addresses and, if you're like me, your password isn't very fancy.
So what's the takeaway from this? Someone should be asking if iCloud backups are subject to government information retrieval requests. Your original iMessages are not subject to request, because they are encrypted during transit through Apple's network, but I don't see why the copies in the iCloud backups wouldn't be.
If you have only local backups, your iMessages will not show up in a government search; if you use iCloud backups, they may. I am not a lawyer, nor do I have insider knowledge about what information is and is not requested -- but if I were the NSA, I would ask for iCloud backups.
iCloud backups ARE stored encrypted, however:
- encrypted backups are known to be hackable on the local machine, which doesn't give me much confidence for the iCloud backups and
- iTunes user account info isn't that hard to get a hold of.
Granted, if someone got a hold of my backups, they'd just be tortured with photos of my son and iMessages full of photos of my friends' children -- I will gladly show you those to save you the trouble of guessing my iTunes password :)
really enjoyed reading your different articles. They are so informative and interesting.
ReplyDelete----------------------------------------
Aaron