Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Encryption Communications Crime Government Privacy Software United States Your Rights Online

Want to Keep Messages From the Feds? Use iMessage 153

Posted by timothy from the disinformation-brought-to-you-by-the-afl-cia dept.
According to an report at CNET, "Encryption used in Apple's iMessage chat service has stymied attempts by federal drug enforcement agents to eavesdrop on suspects' conversations, an internal government document reveals. An internal Drug Enforcement Administration document seen by CNET discusses a February 2013 criminal investigation and warns that because of the use of encryption, 'it is impossible to intercept iMessages between two Apple devices' even with a court order approved by a federal judge." The article goes on to talk about ways in which the U.S. government is pressuring companies to leave peepholes for law enforcement in just such apps, and provides some insight into why the proprietary iMessage is (but might not always be) a problem for eavesdroppers, even ones with badges. Adds reader adeelarshad82, "It turns out that encryption is only half of the problem while the real issue lies in the Communications Assistance for Law Enforcement Act which was passed in 1994.
This discussion has been archived. No new comments can be posted.

Want to Keep Messages From the Feds? Use iMessage More

Want to Keep Messages From the Feds? Use iMessage

Comments Filter:

  • Sadly, no... (Score:4, Interesting)

    by nweaver ( 113078 ) on Thursday April 04, 2013 @03:55PM (#43361489) Homepage

    iMessage keeps messages secret from the carrier, but it can't keep the messages secret from the feds.

    Apple has to be able to know the user's private key to allow them to log in new devices, at least when the user logs into Apple using their Apple password. And therefore, with a warrant, so can the police.

    Now Apple could use a technique where your password is hashed one way to create your iMessage key, and hashed a different way to be sent to Apple for logging in. But this doen't seem likely, as a login to iCloud (using a user's apple Password) on the web interface sends the password to Apple where its hashed on their end for login validation. So unless the iPhone/Mac iCloud login uses a different technique, Apple must (at a minimum) be able to access the user's iMessage key when the user logs into Apple.

    And its far more likely that Apple (and therefore the police with a search warrant) can get the user's iMessage key whenever they want.

  • Re:Easy Police Work is not a Constitutional Right (Score:5, Interesting)

    by SirGarlon ( 845873 ) on Thursday April 04, 2013 @03:55PM (#43361493)
    And "law enforcement" can be either.

  • Re:Seriously now (Score:5, Interesting)

    by rhekman ( 231312 ) <hekman AT acm DOT org> on Thursday April 04, 2013 @05:01PM (#43362517) Homepage
    While nothing technical is stopping an intelligence agency from passing on criminal tips to LEOs, there are legal road blocks to doing so. At least in the U.S. there are supposed to be restrictions on federal agencies spying on private citizens. More importantly though, our federal Constitution, state laws, and over 900 years of English common-law heritage guarantee one's right to face your accuser. Unless the originating agency can prove where and how they intercepted some communication, and it wasn't obtained as part of an unreasonable search or seizure, any such evidence is "fruit of the poisoned tree".

  • Creator of PGP Has Already Fixed This (Score:5, Interesting)

    by FsG ( 648587 ) on Thursday April 04, 2013 @05:50PM (#43363127)
    PGP Creator Phil Zimmerman has a new business, Silent Circle [silentcircle.com], that does proper encryption for voice and SMS on mobile devices.

Slashdot Top Deals

"May your future be limited only by your dreams." -- Christa McAuliffe

Close