Hacker News new | past | comments | ask | show | jobs | submit login

One thing to keep in mind is that really only two things Apple can do. The first is to release a modified and signed version of iOS to LE agencies that has any timeouts removed to allow them to try to bruteforce the passcode locks. If a user uses a significantly long password instead of a passcode, this becomes way less effective.

The second thing is to log iMessage data on the server-side (since it has to be decrypted at some point). This would allow them to produce it, but would miss any apps installed on the phone used for alternative communication.

I don't like to see this so much as Apple refusing but there really isn't a way for Apple to enable easy full access without a backdoor, which is an unrealistic expectation.




>The second thing is to log iMessage data on the server-side (since it has to be decrypted at some point).

iMessage is end-to-end encrypted, so that's also not an option. Apple would have to inject a key they controlled into a user's list of device keys. (Which they can do, and the UI doesn't notify users if it were to happen.)


Thanks for the clarification. I guess iCloud backups could then be a viable option then?


Yes, if iCloud backups are enabled, Apple does then have the keys required to decrypt backed-up iMessage messages.


That seems to completely defeat the point of it being end to end encrypted in the first place.


True, but these days you can disable iCloud backups without giving up all that much. (it also re-keys Messages in iCloud when you turn off backups)

Keychain, messages, and health data are all E2E encrypted and synced to iCloud.

By not doing iCloud backups, you're basically only giving up backups of app icon placement, home/lock screen background images, app data that isn't otherwise synced via iCloud or the app's dedicated sync service, and a handful of phone settings.

You can opt for the occasional iTunes backup to preserve those infrequently changing elements on the phone, and not have to compromise on recovery point for more important data like messages and security creds since all of that is synced in real time.


How much longer will iTunes be around?


The backup function is moving to Finder before iTunes disappears entirely.


That's the whole joke. Apple pushes E2E in advertising but fails to mention how by default it's all """backed up""" in their cloud where they hold the keys. It's ridiculous.


My understanding is the passcode and timeout behavior is on dedicated hardware that's tied to the OS level encryption. It's not possible (or maybe just not feasible) to replace or update this hardware.


They wouldn't be able to install the new OS over the old one without the passcode, though.


Not sure if things are in a similar state now, but it looks like the FBI and Apple had reason to believe something like this could be done.

https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_d...

Although it seems like it would be a RAM-only thing


I suppose that's true, potentially they could release a new firmware or OS that would enable this in the future.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: