FBI highlights iMessage encryption issues
iMessage is so well encrypted that US law enforcers can't intercept it, while the DoD has detected weaknesses in the army's mobile strategy
By Karen Haslam
April 08, 2013 — IDG News Service — We all know that iMessage is encrypted, but US law enforcers have only just realised they can't intercept it. And in other news, the Department of Defense has detected weaknesses in the US army's mobile strategy.
The FBI's Intelligence Note, uncovered by Cnet, suggests that: "While it is impossible to intercept iMessages between two Apple devices, iMessages between an Apple device and anon-Apple device are transmitted as Short Message Service (SMS) messages and can sometimes be intercepted, depending on where the intercept is placed."
The FBI's best advice for law enforcers is to "put an intercept on a non-Apple device."
Apparently the DEA San Jose Resident Office didn't realise that iMessages were not captured by pen register, trap and trace devices until 21 February 2013.
The Intelligence Note explains that: "Investigators may erroneously believe they have a complete record of text transmissions if they are unaware that iMessage communication between smartphones are not captured or provided by the cell phone service providers."
iMessage not government proof
Cnet's report includes details that suggest that Apple's iMessage is not actually "government proof", it also suggest that encryption on messages is the least of the FBI's worries. Christopher Soghoian told Cnet: "It's much much more difficult to intercept than a telephone call or a text message. The government would need to perform an active man-in-the-middle attack... The real issue is why the phone companies in 2013 are still delivering an unencrypted audio and text service to users. It's disgraceful."
However, it is exactly this level of privacy that we concluded had the Chinese government's attention when we wrote about why the Chinese government had kicked off an anti-Apple campaign on the government owned TV service recently.
It also reminds us of the way that those who took place in the UK riots back in 2011 used Blackberry messaging to organise themselves -- precisely because it was a closed system.
Apple announced iMessage in 2011 and made it clear then that it would offer "secure end-to-end encryption" and that the messages would be sent for free via the internet, rather than eating into a monthly SMS limit. Last autumn Apple CEO Tim Cook claimed that 300 billion messages had been sent so far. Infact, in January we reported that two billion iMessages are sent from Apple's 500 million iOS devices every day.