Apple’s iMessage Encryption Puts Its Security Practices within the DOJ’s Crosshairs


The argument is one which some Apple critics have made for years, as spelled out in an essay in January by Cory Doctorow, the science fiction author, tech critic, and coauthor of Chokepoint Capitalism. “The instant an Android user is added to a chat or group chat, the entire conversation flips to SMS, an insecure, trivially hacked privacy nightmare that debuted 38 years ago—the year Wayne’s World had its first cinematic run,” Doctorow writes. “Apple’s answer to this is grimly hilarious. The company’s position is that if you want to have real security in your communications, you should buy your friends iPhones.”

In an announcement to WIRED, Apple says it designs its merchandise to “work seamlessly together, protect people’s privacy and security, and create a magical experience for our users,” and it provides that the DOJ lawsuit “threatens who we are and the principles that set Apple products apart” within the market. The firm additionally says it hasn’t launched an Android model of iMessage as a result of it could not be certain that third events would implement it in ways in which met the corporate’s requirements.

“If successful, [the lawsuit] would hinder our ability to create the kind of technology people expect from Apple—where hardware, software, and services intersect,” the assertion continues. “It would also set a dangerous precedent, empowering government to take a heavy hand in designing people’s technology. We believe this lawsuit is wrong on the facts and the law, and we will vigorously defend against it.”

Apple has, in actual fact, not solely declined to construct iMessage purchasers for Android or different non-Apple gadgets, however actively fought towards those that have. Last yr, a service referred to as Beeper launched with the promise of bringing iMessage to Android customers. Apple responded by tweaking its iMessage service to interrupt Beeper’s performance, and the startup referred to as it quits in December.

Apple argued in that case that Beeper had harmed customers’ safety—in actual fact, it did compromise iMessage’s end-to-end encryption by decrypting after which re-encrypting messages on a Beeper server, although Beeper had vowed to vary that in future updates. Beeper cofounder Eric Migicovsky argued that Apple’s heavyhanded transfer to cut back Apple-to-Android texts to conventional textual content messaging was hardly a safer various.

“It’s kind of crazy that we’re now in 2024 and there still isn’t an easy, encrypted, high-quality way for something as simple as a text between an iPhone and an Android,” Migicovsky advised WIRED in January. “I think Apple reacted in a really awkward, weird way—arguing that Beeper Mini threatened the security and privacy of iMessage users, when in reality, the truth is the exact opposite.”

Even as Apple has confronted accusations of hoarding iMessage’s safety properties to the detriment of smartphone homeowners worldwide, it is solely continued to enhance these options: In February it upgraded iMessage to use new cryptographic algorithms designed to be proof against quantum codebreaking, and final October it added Contact Key Verification, a function designed to stop man-in-the-middle assaults that spoof meant contacts to intercept messages. Perhaps extra importantly, it is mentioned it’ll undertake the RCS normal to permit for enhancements in messaging with Android customers—though the corporate didn’t say whether or not these enhancements would come with end-to-end encryption.


Please enter your comment!
Please enter your name here