Apple can read your iMessages despite them being encrypted

News by Roi Perez

Despite Apple taking a pro-encryption stance, with its CEO Tim Cook insisting that iMessages are safely encrypted, it turns out that if users backup data using iCloud Backup, they need to be aware that although Apple stores the backup in encrypted form, it uses its own key.

Motherboard has reported that if a user enables iCloud Backup on their Apple device, copies of all messages, photographs and data including iMessages are encrypted on iCloud using a key controlled by Apple and not the user.

This allows Apple and by extension anyone who breaks into their account, to see all personal and confidential data. Apple allows users to switch off iCloud Backup whenever they want, but it doesn't offer a way to locally encrypt iCloud backups that would allow the company to store the personal data on its servers but not access it.

It is worth noting that it is possible to do encrypted non-cloud backups locally through iTunes, but the fact that when you setup a new iPhone it asks you to log in with iCloud should show the heavy reliance Apple has on cloud services, and exactly the reason why users should think twice before backing up to Apple's Cloud, says Motherboard's Joshua Kopstein. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike