Skip to main content

Apple reiterates it cannot read user iMessages, has no plans to do so

imessage

Update: Fresh Apple statement added

The immunity of iMessages from government surveillance has been cast into doubt by QuarksLab security researchers presenting at the Hack in the Box conference in Kuala Lumpur.

A leaked DEA document had pointed to the impossibility of intercepting iMessages even with a court order, a point that was confirmed by an apparently categorical Apple statement:

Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.

The researchers reverse-engineered the iMessage protocol and confirmed that the claim was true. However, they identified that Apple needed to hold the encryption keys on its own servers, and that simply by changing these keys, it could enable access to the message content.

They can change a key anytime they want, thus read the content of our iMessages.

The researchers were keen to stress that they do not believe Apple is doing, or has ever done, this – but rather that it could do so if the NSA or another government agency were to require it. Only messages sent after Apple changed the keys would be accessible.

Apple has since issued a statement to AllThingsD:

“iMessage is not architected to allow Apple to read messages,” said Apple spokeswoman Trudy Muller said (sic) in a statement to AllThingsD. “The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.”

This is, though, merely a weaker version of its earlier statement. Then, it said it couldn’t read iMessages, now it is saying that it could, but it would require work and it has no intention of doing so. That Apple would not willingly do so was never in doubt: the point is that the NSA could force it to. A demonstration from QuarksLab is below:

[youtube=https://www.youtube.com/watch?v=EbqZnTKDVU0]

When the NSA PRISM story broke, it led to a raft of denials in what some security researchers say was carefully-crafted language. Apple, among other companies, was clearly unhappy about the secrecy imposed on it and gained permission to reveal some numbers on government requests for customer data. A meeting was subsequently held at the White House in which Tim Cook and other tech CEOs met with President Obama to discuss the issue. Details of the discussions were not made public.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Droopy Snoopy - 10 years ago

    Apple – and others – are clearly in cahoots with government and NSA. All this “clearly unhappy”, “gained permission” and secret meetings at the White House is simply more “carefully-crafted language”, in other words Smokescreen, to hide this blatant fact. If Apple – and others – did not comply with government and NSA, they would receive severe restrictions and disciplining; look what happens to those who fail to comply: Presidents Lincoln and Kennedy, Princess Diana, Michael Jackson etc. are all dead. That is the price and you will not find anybody at Apple – or others – willing to admit it, the price is too high (death).

    • BuffyzDead (@BuffyzDead) - 10 years ago

      Droopy. Clearly, you Know the facts.

      Wasn’t that You, waving to the camera from the background, of those faked moon landing pictures?

      Yeah, it WAS you !

      Dang, …YOU are GOOD !!

  2. Andre Salazar - 10 years ago

    Please try to qualify your statements & articles with actual facts: a) If they say the can’t or won’t access iMessages than thats their “official” position; b) The government has “publicly” denied having access to Apple’s data; c) Allowing the government access to iMessages while denying they do publicly would only leave Apple open to legal-action plus ruin their trust with their 600+ million customers! #SoundsReallyStupidWhenYouGiveItThought #NiceTry

    • Ben Lovejoy - 10 years ago

      Andre, if you read the wording of what has been said, there are no contradictions. Both Apple and the NSA have used the same wording to say they don’t have “direct server access.” Apple has said it has no intention of decrypting messages. Neither statement means the NSA can’t come along later with the court order requiring Apple to do so.

      • Isitjustme - 10 years ago

        So why don’t we wait to see this happened before you start claiming they can.

      • Ben Lovejoy - 10 years ago

        We would almost certainly never know. Get court order, change key, comply with court order, reset key.

  3. PMZanetti - 10 years ago

    “Apple can’t read your encrypted iMessages.”

    All I have to say is…LOL. Naiveté knows no limits in the world of the general public.

    • Isitjustme - 10 years ago

      Looks like you the cleverest of all.

  4. Claustin (@ClintAustin26) - 10 years ago

    Not saying they’re lying in this instance, but they also said they weren’t giving info to the NSA.

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear