I have often criticized Apple for marketing iMessage as end-to-end encrypted while the vast majority of encryption keys still reside on their servers and are routinely used to decrypt messages for law enforcement on demand. This is a long overdue step forward.
However, for most people their messages will still not be end-to-end encrypted because their contacts will mostly not have this optional feature enabled. To be truly effective, this feature would have to ensure that Apple does not strip the end-to-end encryption from your messages when they are sent to other people using iMessage. In my opinion it is still fraudulent to market iMessage as an end-to-end encrypted system until this is fixed.
>However, for most people their messages will still not be end-to-end encrypted because their contacts will mostly not have this optional feature enabled. To be truly effective, this feature would have to ensure that Apple does not strip the end-to-end encryption from your messages when they are sent to other people using iMessage. In my opinion it is still fraudulent to market iMessage as an end-to-end encrypted system until this is fixed.
I think your opinion is mistaken in conflating separate problem spaces/threat models. E2EE deals exclusively with the transit and reading of data between trusted ends, that's the point. It deals with the threat posed by middle observers. What happens to the data after it reaches and gets stored on one end or the other is out of scope. Certainly important, but still has nothing to do with whether something is E2EE. Communications between people necessarily means no one person is fully in charge. The person on the other side could perfectly well have their PIN be "1234", that wouldn't suddenly mean Signal/iMessage/SSH/whatever are no longer E2EE.
This is definitely an unambiguously significant improvement, and it will help more people stay secure more easily while still making use of wireless services (vs backing up with a cable to a system like I have always done and still do with iOS devices). However, while technology is helpful it's not a total substitute for opsec either. And I think it's a mistake to mush together different domains. iMessage going full E2EE was a good all by itself and its own specific thing, even if Apple was wrong to not deploy the same thing everywhere and also wrong (and still wrong!) not to allow 3rd party options for backups. There was nothing fraudulent about saying it was E2EE.
You want to separate iMessage and iCloud and say that it doesn't matter that iCloud is less secure than iMessage by default because it's separate. You'll still call iMessage end-to-end encrypted separately from iCloud Backup by defining the "end" as before iCloud Backup runs, and blame users for making insecure choices when they enable iCloud Backup.
This argument makes no sense for two reasons. First, iMessage and iCloud Backup are not simply apps that you can replace with other services as you choose. "For your own protection" against malware or whatever, Apple restrictions prohibit anyone from offering an SMS-integrated messaging app or a cloud backup app in competition with iMessage or iCloud Backup. iMessage and iCloud Backup are not separate; they are part and parcel of the larger piece of software called iOS. Apple can't play dumb and blame users for making insecure choices when Apple is the one limiting them to insecure options.
Second, even if they were separate apps and replaceable, they are made by the same company. The service provider the end-to-end encryption is supposed to protect against is the same one making the non-E2EE backup. If Facebook started making a phone backup app that was "separate" from WhatsApp but made non-E2EE backups of WhatsApp messages to Facebook servers, and it was used by a large fraction of WhatsApp users, and the FBI was sending subpoenas for WhatsApp messages to Facebook and routinely getting decrypted messages back, would you really be defending Facebook for marketing WhatsApp as end-to-end encrypted? If so, I guarantee you would be in an extreme minority.
>You want to separate iMessage and iCloud and say that yes iCloud breaks end-to-end encryption
No, iCloud simply has nothing to do with iMessage E2EE, nor with Signal nor Nextcloud nor anything else.
>but that doesn't matter because it's separate from iMessage
It is indeed.
>so you can still call iMessage end-to-end encrypted separately from iCloud Backup by defining the "end" as before iCloud Backup runs.
Yes, because that is correct, and you are wrong. The "end" is when an authorized end user possessing the keys access the data. That's how it works. What they do with that data afterwards in completely orthogonal. They can print it out, make it into paper airplanes, and throw it off a skyscraper in the middle of a city and it still will have been E2EE. By your argument, there is literally no E2EE in existence on any common hardware in the world, since it's easy to use a PC to backup unencrypted (and indeed at least until relatively recently that was the rule not the exception, and even FDE only rose to general usage within the last decade or so.
>First, iMessage and iCloud Backup are not simply apps that you can replace with other services as you choose
Irrelevant even if you were right, which you are not.
>"For your own protection" against malware or whatever, Apple policies prohibit anyone from offering an SMS app or backup app in competition with iMessage or iCloud Backup.
You seem awfully confused if you think "SMS" has even the slightest security anywhere on anything. As far as messaging apps, Whatsapp utterly dominates iMessage worldwide. Signal is also very popular. There are Matrix apps, etc etc. What an absolutely ludicrous statement. Internet backups not being open to 3rd parties is indeed bad as I've said, but you can backup to a computer same as was always the option well before iCloud Backups even existed. That's what I do. Or simply not backup of course, such as if someone was using a phone in a high security situation and would rather lose history if they phone had to be wiped then have any risk of disclosure.
>iMessage and iCloud Backup are not separate; they are part and parcel of the larger piece of software called iOS. There is no firewall between them.
Wrong. If you want to allege that Apple is secretly backdooring stuff at a much lower level, well why not go straight down to the silicon? And you're going to need quite the evidence for that.
>Second, even if they were separate apps and replaceable, they are made by the same company. The service provider the end-to-end encryption is supposed to protect against is the same one making the non-E2EE backup blah blah
Also all irrelevant.
You've come up with a make believe fantasy head canon version of what "end to end encryption" means that has nothing to do with what it actually means. People like you love to throw around criminal allegations like "fraud" very lightly.
He has several good points attacking strawmen of his own creation, which he willfully confuses with my actual arguments, to which he has no substantive response. It's an easy method to make yourself look good in online arguments and a total waste of time to engage with.
>E2EE deals exclusively with the transit and reading of data between trusted ends, that's the point.
That's transit encryption. The point of E2EE is to prevent anyone, including the service provider from decrypting the communication. Apple making a backup copy of the comms that they can read breaks the E2EE.
>The point of E2EE is to prevent anyone, including the service provider from decrypting the communication.
The point is to prevent anyone between the ends from reading it, not anyone at all obviously. The ends are trusted by definition. Once the data reaches them, it's decrypted. They can then do whatever they want with that. The job of the E2EE is whatever happens in the middle (both in transit and at rest).
>Apple making a backup copy of the comms
What the heck are you talking about? Apple does not make a backup copy of the comms. Users may choose to use an Apple provided service that right now is not E2EE to make a backup themselves, if they wish. Or they can choose to backup in other ways (remember, Macs can access iMessage too). Those other backups that have nothing to do with Apple also may, or may not, be E2EE.
I see where you're coming from, and it's a bit of an old school view of E2EE.
Wikipedia even has a section for the meaning of the term with a lot of citations requested, suggesting not everyone views the meaning of E2EE the same. https://en.wikipedia.org/wiki/End-to-end_encryption#Etymolog...
I wonder how far you would take the separation of functions. If Signal started offering a service to scan your messages and attachments for spam/malware, sending them plaintext from the app to their server to do so, does that break their E2EE? If they recommended the feature, implied that not enabling it was reckless, and didn't explicitly explain the result being Signal servers reading your messages?
Hmm, but law enforcement can ask Interpol, which can ask the FBI, which can ask the NSA, which can directly get the data from the backdoored endpoints that seem to be on the Apple devices since 2012, without the need of a warrant ?
(Alternatively it might be law enforcement => local intelligence agencies => NSA, since the local law enforcement might still need to provide a warrant to ask this from Interpol ?)
However, for most people their messages will still not be end-to-end encrypted because their contacts will mostly not have this optional feature enabled. To be truly effective, this feature would have to ensure that Apple does not strip the end-to-end encryption from your messages when they are sent to other people using iMessage. In my opinion it is still fraudulent to market iMessage as an end-to-end encrypted system until this is fixed.