Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Look, if Apple is the adversary and willing to lie under oath then there’s not much anyone could do. They could sign and push crafted firmware to a target device, game over.

The question at hand is, if you trust that iMessage/iCloud works as documented, how does an adversarial third party cloud affect it. So far it looks like iMessage and keychain are still secure end to end encrypted. Apple never had the keys to those to begin with.



With iMessage they don’t need to push anything to the device.

I think Apple should provide a way to know who you are talking to has changed rather than saying, “trust us”, we won’t do anything bad.


Actually iOS does notify you when another device has joined your trust circle. So if you pay attention to that you’d know you’re being monitored. Suppressing that would need a crafted OS pushed to the device.

iMessage is very secure. The real question is what would China do if it takes off (no one uses it there).


If you are talking to person A and they get a new phone, how do you know that happened?


You don't, and it would arguably violate their privacy if you did. But they do.


What stops Apple telling your iMessage that person A got a new phone but not telling person A it is telling your iMessage that?


See earlier comment re: Apple as the adversary.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: