Wednesday, February 8, 2023
Home Tech News Apple claims a new iMessage can alert you if state-sponsored spies are...

Apple claims a new iMessage can alert you if state-sponsored spies are eavesdropping

/

iMessage Contact Key Verification is an opt-in feature for ‘users who face extraordinary digital threats’ to check that they’re chatting with the person they meant to chat with.

Apple’s new iOS and iCloud security initiative includes a new way for iMessage users to verify that they’re talking to the person they think they’re talking to. The company claims the new iMessage Contact Key Verification will let people who “face extraordinary digital threats,” such as journalists, activists, or politicians, make sure that their conversations aren’t being hijacked or snooped on.

According to a press release on Wednesday, if both people in an iMessage conversation have the feature enabled, they’d get an alert if “an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications.” They’ll also be able to compare contact keys via other means — such as a secure call or in-person meeting — to make sure that they’re actually having a conversation with each other and not unknown third parties. That sort of thing has long been a security best practice, whether you’re verifying that software you downloaded is legitimate or setting up PGP encryption for email conversations.

Screenshot of an iMessage conversation with a notification on the bottom saying “An unrecognized device may have been added to Jenny’s account.”

Screenshot of an iMessage conversation with a notification on the bottom saying “An unrecognized device may have been added to Jenny’s account.”

a:hover]:text-gray-63 text-gray-63 dark:[&>a:hover]:text-gray-bd dark:text-gray-bd dark:[&>a]:text-gray-bd [&>a]:shadow-underline-gray-63 [&>a:hover]:shadow-underline-black dark:[&>a]:shadow-underline-gray dark:[&>a:hover]:shadow-underline-gray”>Image: Apple

If this all sounds like hardcore spy business, that’s probably not by accident. Apple’s acknowledging that iMessage has been targeted by nation-states, many of which may not have people’s best interests at heart. And while iMessage has long been end-to-end encrypted, there have been a few caveats and incidents that have potentially driven the platform’s most sensitive users to look for other secure messaging apps like Signal or WhatsApp. Journalists have had their phones targeted by nation-state-level spyware, potentially with the intent of reading their messages.

As critics (including Mark Zuckerberg) have pointed out, messages you send and receive may also be included in iCloud Backups, depending on certain settings you or the person you’re talking to have. Until now, those weren’t fully end-to-end encrypted, so Apple could get at your messages if it really needed to (read: if a subpoena told it to). Apple’s addressing that point in other ways — Wednesday’s announcement also included Advanced Data Protection for iCloud, which adds end-to-end encryption for those iCloud Backups. You can read more about that from my colleague Jay Peters here.

While it’s not exactly clear whether iMessage Contact Key Verification will be able to help if your phone has been completely taken over by advanced spyware (though Apple’s recently introduced an extreme lockdown mode to help people who may be targeted by those sorts of things), it’s definitely a step-up for people looking to use iMessage for their most sensitive conversations.

It is, however, worth noting at this point that iMessage exclusively remains a platform for using your Apple device to talk to other people with Apple devices — a point that many critics have said is part of the company’s lock-in strategy (and part of the reason why alternate secure messaging apps with cross-platform support are so popular). With hints that regulators could be looking to force Apple to open up iMessage, the company could theoretically argue that doing so would break important security protections for some of its most vulnerable users. Plus, if you’re relying on iMessage to keep you safe, what are the odds that you’ll move to another phone?

With that said, I doubt anyone’s going to complain about having access to this feature when it becomes available worldwide sometime next year.

- Advertisment -

Most Popular

2022 Vanier Cup supported more than $2.4M in economic activity for London, Ont.: study

Last fall’s Vanier Cup university football championship generated more than $2.4 million in economic activity for London, Ont., a new study suggests. Officials with Tourism...

Elon Musk’s ‘Starman’ in a Tesla Roadster completes five years in space

Starman behind the wheel of the Tesla Roadster with planet Earth in the background (Picture: SpaceX)Remember when Elon Musk launched a whole Tesla into...

All the news from Microsoft’s February AI event

Microsoft is holding an event on February 7th to “share some progress on a few exciting projects,” according to CEO Satya Nadella. The company...

Shift Happens celebrates 150 years of typewriters, keyboards, and the people who use them

A wide-ranging interview with Marcin Wichary, author of Shift Happens, which launches today on Kickstarter. Share this storyShift Happens is a book, launching...