Fair point. It looks more specifically they’re not if you enable “messages in iCloud” or iCloud backup with messages.
Comment on Samsung joins Google in RCS shaming Apple
ozymandias117@lemmy.world 1 year agoiMessage is only meaningfully E2E encrypted if both users have iCloud disabled or have gone into their iCloud settings and enabled “Advanced Data Protection”
whofearsthenight@lemm.ee 1 year ago
ozymandias117@lemmy.world 1 year ago
“Enable” is the incorrect, and why I was warning you about it. It’s on by default, so you need to “disable” it if you want E2E encryption
A blue bubble is unlikely to mean a message is E2E encrypted. That may not matter for your threat model, but Apple almost certainly has the decryption keys for you messages
whofearsthenight@lemm.ee 1 year ago
Also very good point. My threat model is I don’t want script kiddies with shit that they can get (optionally) off of eBay to be able to read my messages because too many places still default 2fa and other identifiers to SMS. Until RCS defaults to E2E at least in transit, that’s tough. From there it’s still going to be the mercy of what the OS vendor decides, like Apple in this case. That said, if I were worried about government actors or a targeted attack, I would 1000% used advanced data protection.
Anyway, upvoting your comments as much as I can (+1) because you’re totally right and it’s a consideration you should have.
franklin@lemmy.world 1 year ago
So essentially they’re just as bad as RCS. Both hamstrung by the limitations of their encryptions interoperability
ozymandias117@lemmy.world 1 year ago
Hamstrung in different ways?
RCS predates iMessage, but it was never widely adopted. Google has been running with it, but it’s been with Google-specific changes to the protocol
If they can get others to adopt their extensions as a standard and offer an open source example implementation, it could probably be better than iMessage
Google has a problem getting other people to use standards they work on because they drop support for them all the time, though
glimpseintotheshit@sh.itjust.works 1 year ago
Wow, thanks. Always assumed E2E was enabled by default. That sucks.
Natanael@slrpnk.net 1 year ago
The encryption is on but backups are unencrypted by default, which makes it quite pointless