this post was submitted on 08 Dec 2023
99 points (96.3% liked)

Technology

59377 readers
5724 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] BearOfaTime@lemm.ee 4 points 11 months ago* (last edited 11 months ago)

I tried it yesterday, it still has some growing pains (had some trouble getting it to connect).

Going to keep watching though, for a new app it looks pretty good, fluid, well designed from a UI standpoint.

Given the dev was able to reverse-engineer Apple's ANP (equivalent to Google's GCM), build an app, backend, etc, it should be fun to watch.

It's also generating a conversation around the misperception of iMessage being perfectly secure, and how SMS downgrades iMessage to not secure at all.

Hacker News story about the lack of Forward Secrecy and other concerns: https://news.ycombinator.com/item?id=38537444

A summary of what I think is the primary issue with iMessage security that most people can easily understand (I've quoted this from another commenter, this is in the article):

  1. iMessage uses RSA instead of Diffie-Hellman. This means there is no forward secrecy. If the endpoint is compromised at any point, it allows the adversary who has

a) been collecting messages in transit from the backbone,

or

b) in cases where clients talk to server over forward secret connection, who has been collecting messages from the IM server

to retroactively decrypt all messages encrypted with the corresponding RSA private key. With iMessage the RSA key lasts practically forever, so one key can decrypt years worth of communication.

I've often heard people say "you're wrong, iMessage uses unique per-message key and AES which is unbreakable!" Both of these are true, but the unique AES-key is delivered right next to the message, encrypted with the public RSA-key. It's like transport of safe where the key to that safe sits in a glass box that's strapped against the safe.

**BearOfATime Comment: **This lack of Forward Secrecy alone is enough to say iMessage is nowhere as secure as we've been lead to believe. The delivery of the AES key with the AES-encrypted message but the package encrypted with RSA that virtually never changes is so blindingly flawed. This setup makes the AES encryption pointless, if you're going to package the key with it. Because once the RSA is broken/acquired, they have the AES key for the message (and ALL messages)!

The concern over the RSA key length is a bit premature, I'd say it's more of a future concern that Apple is probably working on.

The other issues (unchanging identifiers, for example) are a valid concern. Something I've seen other apps take into consideration (Signal, Briar, SimpleX Chat).