Apple Could Read Your Encrypted iMessages. Here’s How to Stop Them.

Reading Time: 5 minutes.
Text reads: Messages are only seen by who you send them to. Apple can’t read your iMessages while they’re being sent between you and the person you’re texting.

Apple claims iMessages are completely confidential, but are they?

iMessages are encrypted end to end. This means that, before leaving your device, your messages are encrypted. It turns your text message into gibberish. The recipient gets a sort of “key.” This allows them to decrypt the message, turning it back into readable text. Only the recipient can read your message. This messaging protocol is more complex than I’ve explained it, but the important part to remember is that, through transmission and at rest (on your device), your messages are encrypted so no one can read them. When your messages are sent through Apple’s servers, Apple can’t read them.

But what happens when you back up your device through iCloud? Apple can decrypt iCloud backups. Are iMessages encrypted separately so no one can read them? Yes… but also no. As it turns out, iMessages may not be as safe from prying eyes as Apple would have you believe, according to their own support documents.

How Apple Could Peek at Your Messages

Apple’s iMessages are encrypted end to end and when stored on Apple’s servers. Apple’s very clear about that, and they’re not lying. However, Apple’s very specific with their messaging on iMessage security. Check out the graphic above.

“Apple can’t read your iMessages while they’re being sent between you and the person you’re texting.”

– From Apple, emphasis added.

Notice they’re specific about when Apple can’t read your text messages. While in transit. They don’t mention storage at all. There’s a good reason for that, and It’s Apple who tattles on themselves later in a support document for iMessage security.

“When Messages in iCloud is enabled, iMessage, Business Chat, text (SMS), and MMS messages are removed from the user’s existing iCloud Backup and are instead stored in an end-to-end encrypted CloudKit container for Messages. The user’s iCloud Backup retains a key to that container.

– Apple’s support document. Emphasis added.

This does explain that Apple encrypts your iMessages separately from your iCloud backup if you’re sharing iMessages across devices. This decoupling actually would make your iMessages more secure than simply backing them up in iCloud, if not for the second part. The key to unlock those iMessages is stored in the iCloud backup. If you don’t remember from one of the many FBI vs Apple debacles, Apple can decrypt your iCloud backups. In fact, one of the ways the FBI failed to get into a device was repeatedly trying the passcode when Apple told them just to turn the device on in the shooter’s home, which would trigger a more recent iCloud backup that Apple could decrypt and hand over to authorities.

Apple can decrypt your backups. That means they can potentially access the key to your iMessages and decrypt them too.

Now, Apple says they’ll only do this if your iCloud backups are subpoenaed. However, the ability is there. Someone at Apple who has their eye on you could potentially find a way to decrypt your iCloud backups, for example. You also may not be comfortable with the subpoena process, as judges are often more than willing to hand out warrants for very little reasoning.

Your iCloud backups are not secure, but, for years, Apple insisted that your iMessages were encrypted separately. Now we’re finding out that they store those keys too, and could potentially, if they wanted, recover iMessages too.

Fixing the Problem

If you’re hearing this and care nothing about your own privacy or security, fine, keep doing what you’re doing. However, if you’d like to improve your security, there are two things you should do. However, both rely on you convincing your friends and family to change things too.

Stop Backing up to iCloud

Once again, Apple tells you specifically how you can continue to use iMessage, including iMessage in the cloud, without allowing Apple access.

“If the user later disables iCloud Backup, that [iMessage] container’s key is rolled, the new key is stored only in iCloud Keychain (inaccessible to Apple and any third parties), and new data written to the container can’t be decrypted with the old container key.”

If you turn off iCloud backups, Apple will delete the keys they store and re-encrypt your backup with a new key, one that only you’ll have access to. This will protect your messages from Apple or anyone else.

To turn off iCloud backups, go into your iOS device (iPhone, iPad, or iPod Touch). Go into Settings. At the top, you’ll see your name and “Apple ID, iCloud, Media & Purchases.” Tap that. From here, select “iCloud.” Then “iCloud Backup.” Make sure the toggle is to the left and gray, meaning it’s turned off.

Next, go back and make sure you’ve deleted the backup from iCloud. So, from the iCloud screen, tap “Manage Storage.” You’ll see a list of apps that have stored items in the cloud. One of them will be “Backups,” even if it’s empty. If it’s empty, you’ll find it at the bottom, with “0 KB.” If not, select backups and delete the backups for each of your devices. However, you may want to come back to this step after you’ve backed up your device elsewhere.

Local Backup

Plug your iOS device into your computer. If you’re on a Mac and you’re running macOS Catalina or higher, you will be able to find your iPhone in the Finder sidebar. If you’re on an older version of macOS or a Windows PC, you’ll use iTunes. Select your device and choose “Back up all of the data on your iPhone to this Mac” (or PC). Also choose to “Encrypt local backup” and enter a password. You may also want to select the “Show this iPhone when on Wi-Fi” so you can sync without having to connect to your device, if your computer supports it. This will allow you to back up wirelessly.

This isn’t as convenient as being able to automatically back up at regular intervals, but as long as you remember to look at it once a day or perhaps weekly, you wouldn’t lose too much from a lost or damaged device. You can set up a reminder on your calendar. Make sure you’re also backing up your computer. It’s a good idea to use Time Machine or an application like Carbon Copy Cloner to make a perfect backup of your data.

One Little Problem with Local Backups

You may have already noticed the problem here. On one hand, you’ve blocked Apple from looking at your messages. However, messages are always to someone. Every message you send to another person will end up in their backups. If they’ve chosen to back up their messages in iCloud, then you could potentially have your messages stored elsewhere.

Now, someone looking to get to your messages would have to know the people that you most likely message. They’d have to know your friends and that may not be as easy to get. If they interview people, ask friends, or use messages that may have been sent through standard SMS to other people, to figure out who you may have messaged. Your data will definitely be safer if you turn off iCloud backups, but as long as you’re messaging people who are using iCloud backups, you could still be at risk. Maybe you can convince your friends to abandon iCloud backups as well?

There is, of course, a better option, but it also requires your friends and family to make a change.

Ditch iMessage

Speak Freely Say "hello" to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect. [A button reads "Get Signal"]

Screenshot from Signal.org

This one’s easy. Download Signal. Use that. That’s the solution. Other apps like WhatsApp may claim security, but Facebook owns WhatsApp. While it’s encrypted end-to-end, it’s still possible to do analytics on messages prior to sending them. I wouldn’t trust Facebook, a company that makes its money by spying on users, for messaging, no matter what they say. Most other companies don’t consider privacy to be the reason for their existence. Signal does.

Signal encrypts your messages to other users. They don’t back up your messages either. The only people who can see a message from Signal is the recipient. When Signal found that hacking firm Cellebrite could potentially access Signal messages stored on your device due to a flaw in iOS and Android, they reverse-engineered a way to break Cellebrite’s tool, giving your phone a way to automatically fight back against attackers. Signal’s tool will invade Cellebrite’s hacking software, forcing it to delete whatever it copied from your device. Signal’s not messing around, they care about user privacy in ways that other companies wouldn’t.

Unfortunately, Signal is a separate service. I have a few friends who use it, and will often message them through Signal rather than iMessage, Facebook, or Discord if I can. Still, you’ll have to convince people to sign up for it, then change their habits from iMessage or their old messaging app. Still, if you can, it’s the most secure option you have for messaging.

Protecting your privacy isn’t easy anymore. But small steps can go a long way. Start with trying out Signal, perhaps turning off iCloud backups, and then try to get others to do the same.

Next you can delete Facebook… or at least make it harder for them to track you.


Sources:
,