People who say things like this rarely also want the hassle that comes with it. Key exchanges, re-keying: all a big PITA. But iMessage (and WhatsApp) do key exchanges facilitated by a trusted broker. If you didn't trust the broker, you would have to do more work when making an initial exchange with a peer and more work if they lost their phone/keys.
iMessage has always been a compromise with subtle rough edges. But we trusted Apple because they talked about privacy and made it clear that their business model meant that we should trust them more than competitors. But now, precisely because of how good and effective they secured their devices -- they fear regulation and thought that they could further compromise things and people would go along with it.
>We are over a year into a pandemic which involved wide-scale lockdowns. Physical key exchange is a nonstarter for broad adoption.
I think the emphasis is on the -ed in involved. That's a temporary condition which is already resolving in much of the world. You may also be overestimating lockdown compliance among average people.
Yes and no. It's not 'hard' it's just friction that's not present at baseline (when iMessage was designed, and for the most part still today). Sometimes you send messages to someone who you haven't ever met in person, or you met but didn't think to exchange keys at the time. And when Dave drops his phone in the lake and buys a new one, he would have to sheepishly re-meetup with everyone he interacts with.
If iMessage had been designed to require a brokerless key exchange, its security would be superior (though in this case, Apple's interception software trumps everything). But iMessage would appear to be less convenient than alternatives like WhatsApp (brokered key exchange, re-keying).
It could offer both brokered and brokerless key exchange, distinguishing between messages from parties verified through each method by, I dunno, the color of the text bubble.
The thinking that key exchange need to be robust and P2P makes alternative secure solutions harder: most of the times big companies don't want to be caught doin a man-in-the middle attack, so iMessage or even Facebook is practical enough for it, as long as the key exchange can be verified on any other comunications channel easily.
We would be in a much better position right now with email privacy if the version of PGP that doesn't defend from an active attack would have been deployed worldwide.
People who say things like this rarely also want the hassle that comes with it. Key exchanges, re-keying: all a big PITA. But iMessage (and WhatsApp) do key exchanges facilitated by a trusted broker. If you didn't trust the broker, you would have to do more work when making an initial exchange with a peer and more work if they lost their phone/keys.
iMessage has always been a compromise with subtle rough edges. But we trusted Apple because they talked about privacy and made it clear that their business model meant that we should trust them more than competitors. But now, precisely because of how good and effective they secured their devices -- they fear regulation and thought that they could further compromise things and people would go along with it.