The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

Apr/13

4

DEA can’t break Apple iMessage encryption?

Cnet reports that an internal DEA document reveals that the DEA are unable to intercept text messages sent over Apple’s iMessage protocol.

The protocol provides end to end encryption for messages between iOS and Mac OS X devices.

This is not to suggest that the encryption in iMessages is particularly good, but to contrast with standard text messages and voice calls which are completely unprotected within the phone company’s networks.

It appears that an active man in the middle attack would be able to thwart the encryption, but would be significantly more effort. The lack of any kind of out of band channel authentication suggests that such an attack should not be too difficult.

If you really need to protect your chat messages, I suggest using a tool like Silent Text. They take some steps that make man in the middle attacks almost impossible.

· · · ·

3 comments

  • Gomez · April 6, 2013 at 10:36 pm

    Silent Text is not cheap, are there alternate solutions for private use?

  • Author comment by lance · April 7, 2013 at 8:38 am

    I don’t know of many good options. Blackberry messenger is supposed to be fairly secure. You could use SMIME encrypted email in place of text messages.

  • Darren Chaker · April 16, 2013 at 8:13 pm

    I agree, Silent Text is a great tool when privacy is needed. Also, when privacy is needed for phone conversations, various apps are available for encrypted calls. Wish continued the best in its efforts to keep online privacy, private!

Leave a Reply

<<

>>