Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"E2E" is a joke when Apple holds the encryption keys to the vast majority of all messages, and uses them to respond to law enforcement requests. (It's how iCloud backup works by default and we know people don't change defaults. This is documented by Apple, not a conspiracy theory.)


> It's how iCloud backup works by default and we know people don't change defaults

Are you referred to Advanced Data Protection being opt-in?

If I'm using ADP then these concerns are moot, right?


No, when you sign into iCloud/your account in Settings, it sets a bunch of insane defaults like iMessage and Facetime and every app you add is opt-out for iCloud storage. Defaults are end-runs around true explicit and informed consent and open people to implications they didn't knowingly understand


Not unless everyone you talk to also has ADP enabled.


Thats a Bingo!


It’s still a substantial upgrade over SMS or unencrypted (non-Google) RCS, where anybody can snoop on conversations with little effort.


Last time I checked, everyone knows SMS is cleartext and can't take over your phone in the profound way built-in 1st party apps/services you emphatically cannot remove (only toggle) can seize the means of production so to speak.


“Everyone” may be overly broad… just about everybody with any technical inclination knows yes, but for many years now the overwhelming majority of smartphone users have not been particularly technically inclined, and as such I would not expect most of them to be aware of the security and privacy implications that come with use of the various messaging services.

With that in mind, I’d say that most messaging apps don’t go far enough to make that distinction clear. Any app handling SMS or any other unencrypted messages should have ever-present, readily visible warnings when conversations aren’t encrypted.


Didn't mean to sound so bratty, I just get frustrated by this topic. My apologies if I was a bit testy. I just mean that iMessage is extremely misleading and overly-technical in what it takes to truly have a chance at making it secure and private to the extent it extolls itself.

This shit matters now that people aren't able to receive proper reproductive care and education and other grey areas where Apple is setting its users and itself up for terrible and unjust outcomes that depend on everyone but Apple having flawed/imperfect information and Apple pretending 'Saul Goodman...


Ok, but you can change yours, yes? Just like Signal isn’t installed by default on your phone and if you want what it offers you can use it.


But unless everyone you talk to also changes it then Apple still holds the keys to your conversations. If you care, it is best to avoid software with bad security defaults altogether.


Bingo




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: