Tim Cook Says Apple Can't Read Users' Emails, That iCloud Wasn't Hacked

Apple CEO Tim Cook insists that Apple doesn't read -- in fact, says Cook, cannot read -- user's emails, and that the company's iCloud service wasn't hacked. ZDNet presents highlights from Cook's lengthy, two-part interview with Charlie Rose. One selection of particular interest: Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form." [Cook] claimed if the government "laid a subpoena," then Apple "can't provide it." He said, bluntly: "We don't have a key... the door is closed." He reiterated previous comments, whereby Apple has said it is not in the business of collecting people's data. He said: "When we design a new service, we try not to collect data. We're not reading your email." Cook went on to talk about PRISM in more detail, following the lead from every other technology company implicated by those now-infamous PowerPoint slides.

Is this technically impossible - no.

[queazocotal]

Is it legally possible... Not everywhere certainly.
http://www.cnet.com/uk/news/in...
Is he required to lie about this?

Re:Is this technically impossible - no.

[Pieroxy]

He makes a fair point. The data stored at Apple does not generate revenue for Apple, at the contrary of Google - where your emails are scanned for content to target ads at your eyeballs.

Now, jumping from that to "We cannot do it even if we wanted to" is quite a leap forward. I'm not sure I trust that part of the statement.

Re:Is this technically impossible - no.

[fustakrakich]

Is he required to lie about this?

Very likely, if I can read my mail, so can he. It's only logical.

Re:Is this technically impossible - no.

[Garfong]

I can read my mail, so can he. It's only logical.

Not true. They could be encrypting your emails with a public key as soon as the email hits their server, and have the private key encrypted based on your password. Then you could only access at most the email of users who were currently logged in.

But I think it's more likely that they don't have any tools to read user's emails, but they're still stored on the server essentially in the clear.

Re:Is this technically impossible - no.

Wrong! They have the ability to reset your password without losing your data so they would need to have either have access to the password itself or the keys to decrypt stored data.

Re:Is this technically impossible - no.

[mean+pun]

For these people, with their resources, your "encryption", unless it's a one time pad, is no better than ROT13.

From the Snowdon leaks it looks like even the NSA cannot crack properly used strong encryption. That's why they try to harvest or weaken keys, try to get in before or after encryption, or use traffic (metadata) analysis.

Re:Is this technically impossible - no.

[Anubis+IV]

Very likely, if I can read my mail, so can he. It's only logical.

The fact that an organization acts as a conduit for delivering messages does not necessitate that they have the ability to read the contents of those messages. The one does not follow from the other. It may be likely that the two go hand-in-hand, but by no means is it logical that they would do so.

The various white papers and other security documents Apple has released over the last year or two make it clear that they claim they do not hold the private keys necessary to decrypt their users' data. Those private keys reside on the devices of the users, with unique keys being generated for each device and unique copies of the data being maintained separately for each device. For instance, in the case of iMessages, here's how Apple claims they work:
1) I type up an iMessage to send to another Apple user and press Send.

2) My device queries Apple's servers for the public key(s) of the recipient, which could be numerous if they've configured iMessages to arrive on multiple devices.

3) My device creates and encrypts one copy of the message for each device, using the public key that is specific to each device for the copy going to it.

4) My device signs the copies using its private key.

5) The iMessage is sent to Apple, who then forwards it and immediately deletes it, unless they can't deliver it, in which case it'll stay queued for up to 7 days.

6) The recipient's device verifies the signature against my public key and then decrypts the message using its own private key.

Assuming the system works as described, Apple shouldn't have access to the content of the messages. Whether or not you believe that it works as described is a matter of how much faith you put in corporations and/or the governments that might be compelling them to insert backdoors. For instance, there are trivial ways that they can circumvent their own systems to gain access to messages, without having to compromise the private keys at all. The easiest way I can imagine would be to simply provide the public key of a wiretapping device in addition to the other keys in step #2 above. Unless you're sniffing your own traffic to ensure that you're sending EXACTLY what you're expecting to send, you'd never notice that you've sent out an extra copy of the message, and would be entirely unaware that it had landed on a government agent's device as well.

But again, it isn't logical that they would have that sort of access. "Likely", given the state of things? Sure. But logical? By no means. Again, the one does not follow from the other. Particularly so in the case of Apple, since their money comes from hardware sales, not from monetizing the user's information, so it's in their best interests to make those devices as secure to use as possible.

Re: Is this technically impossible - no.

Please mod parent up. If they can recover your data after a password reset, then they can read your data if they are required to.

Re:Is this technically impossible - no.

[unrtst]

Assuming the messages are encrypted on Apples servers at all, they would likely be encrypted with a random key, and a copy of that key would then get encrypted with your password, and another copy encrypted with something support can use (ie. apple owned), so that changing your primary password does not change the underlying key, but just changes the encryption on the copy. There may be multiple layers in there, and public key/private key stuff, etc, but that's one simple description of how, for example, you can send an S/MIME encrypted email to multiple recipients (primary message is encrypted once; its key is encrypted by the public key of each recipient and attached to the email; their private key can decrypt the key and read the message).

That said, my gut doubts there's much encryption going on. This quote:

such messages and calls are not held in an "identifiable form."

... I've heard similar from many C-line (ceo/cto/etc) calls and RFC's (ex. discussing PCI-DSS or SSN security). It generally means there's just an extra hop between foreign keys. I mean, it's obvious that the messages are identifiable from some perspective (your phone), so the breadcrumbs are there somewhere. Things that get downloaded or are real time (SMS and calls)... maybe they remove the lookup and leave the original data? There's still some ID on them.

Re:Is this technically impossible - no.

[knightghost]

That is the best proof I've seen in this discussion.

Summary for the unwashed masses: Tim Cook is a big fat liar!

Re:Is this technically impossible - no.

[gl4ss]

...but they can change the password for you.
so they can read the mail.

http://support.apple.com/kb/HT...

so how is it not total bullshit that is is spewing from his filthy mouth?

Re:Is this technically impossible - no.

[NatasRevol]

I'm not sure whether to follow your logic, or the guy who said Tim Cook is a big fat liar.

Re:Is this technically impossible - no.

They are apple, they don't need to, they have the crypto keys and server to force anything that want on your phone, if they want you email it's rather trivial to force an app onto the phone that gives you the key. See the U2 thing, they forced mp3s onto phone and called it a feature. From a technical standpoint it's rather trivial, though Apple probably doesn't bother with that, you never know really. I suspect they do give the NSA access to do that if they want to.

Re:Is this technically impossible - no.

Here is how I see it:

Apple can reset my password without 2FA on.
With 2FA on, the only thing on my end keeping my E-mail protected is the password and a SMS or use of a trusted device.

Even with a service that only decrypts on the client, the service can be ordered via the government to push out a client that decrypts keys and sends the decrypted stuff to another place.

What I get concerned about is E-mail providers playing policeman. Having to handle a court order is one thing. Actively scanning people's stored files and E-mail without a lawful order or motion of discovery, and handing that over to LEOs is unacceptable. It isn't a violation of the 4A because of private property and the TOS, but people need to think about E-mail privacy. What might happen to a diaper sniper can happen to anyone after a while. (Anyone remember how LRAD was only supposed to be for "fending off the terrorists", but was used on civilians? If something is used on a scumbag, it can be used on you.)

As always, I recommend encrypting E-mail at the endpoint and storing files with some encryption. BestCrypt seems to be the best multiplatform replacement for TC these days.

Is it real that Apple has no access to your E-mail. If pressed, they can log your password and decrypt it, just like Hushmail was forced to do. Does Apple value privacy? So far, they have a good track record -- they are not sorting through people's stashes and narcing on them. Is Apple secure? The iCloud data centers with the Teradata front ends, HP G7s, and NetApp arrays. All of this can be configured in a decently secure manner. I wouldn't call them 100% secure, (which is why I recommend packing your own parachute), but they are as secure as anything else out there.

Re:Is this technically impossible - no.

[fustakrakich]

Yeah, I can see you point. Apple doesn't need to read them directly, they farm the job out by sending the raw data to a third party. And faith in corp/gov't? Not me... History precludes that. And the future doesn't look too bright either.

Re:Is this technically impossible - no.

[Trailer+Trash]

People are conflating the "iMessage & Facetime" part of the quote with the "email" part. He says that they cannot (that is to say "do not have the ability") to read iMessage & Facetime. He then states that they do not read your email. People are pulling the "cannot" along with them when they read that sentence, but it doesn't say that they cannot read email, only that they choose to not read your email.

Your description of the iMessage encryption is good, but what the original poster said was true given a few constraints. So let me restate it in a logically consistent manner: if I can read my icloud email on any browser then apple also has the ability to read it.

But, but, maybe they encrypt it using your password on their server! If they did, "change password" would always require the old password and if you forgot your password your email would be lost forever. So, no, they're not doing that.

The bottom line is that if they can show me my email in any browser (which they can) then they can also read it trivially.

This isn't inconsistent with Cook's statement - he merely says that they choose to not do that.

Re:Is this technically impossible - no.

[Dins]

I personally don't believe that the NSA can't crack strong encryption. I just think it's time consuming enough that they don't make the effort unless it's REALLY REALLY important to them and they have no other means to get at the data. Probably 99% of the time they can work around it, like you suggest.

Re: Is this technically impossible - no.

It could be encrypted like stated above. But all apple need to do is start collecting the key once it needs it. Maybe it will need to build an infrastructure first, a huge expense, which I wonder how that would impact search warrants. Interesting.

Re:Is this technically impossible - no.

[Noah+Haders]

i don't know if the NSA compels them to lie or just forbids them from telling the truth. my understanding is that as long as you keep your trap shut, they don't expect you to actually perjure yourself or cause all sorts of SEC trouble.

Re:Is this technically impossible - no.

[Tuidjy]

I personally don't believe that the NSA can't crack strong encryption.

I'm not quite sure what you are saying. It sounds to me as if you think that there is no encryption strong enough that the NSA cannot crack it. This is completely false.

A simple example is using one time pad encryption. Without the pad, you you cannot even theoretically crack it. Try every possible pad, and you will get every possible message of the proper length - some of them will make perfect sense, so you will not be able to find the right one.

Taking it a bit further, there are encryptions that would take too long to crack, if they are properly executed, and the NSA does not have a backdoor. And by too long, I mean that there is not enough time before the heat death of the Universe.

Hell, I am perfectly sure that I could establish communication with some of my friends from college that could not be cracked, even theoretically. I would have to exchange some information with them in a secure manner before hand, of course. But I would never take the risk of doing something like this. It would attract the wrong kind of attention.

Re:Is this technically impossible - no.

[koan]

But you don't know and Apple has a terrible track record.

Re:Is this technically impossible - no.

[koan]

I use ROT26

Re:Is this technically impossible - no.

[Dcnjoe60]

That is the best proof I've seen in this discussion.

Summary for the unwashed masses: Tim Cook is a big fat liar!

The first statement is valid. However, it is possible that Tim Cook isn't lying and instead just relaying what he believes to be the truth based on what he was told. Ignorance is not the same as lying, which requires intent to deceive.

Re:Is this technically impossible - no.

I trust that statement as much as I trust the Roger Goodell of the NFL never saw the Ray Rice elevator tape before last week.

Re: Is this technically impossible - no.

[osiaq]

Blah blah blah lavabit.com full stop end of story

Re:Is this technically impossible - no.

One time pads are worthless in practice. The key is as long as the message. If you have a secure means to transmit the key then you can just transmit the message instead and call it a day. Key management is the primary reason no one uses this.

Re:Is this technically impossible - no.

[Garfong]

Fair enough. As I said, I suspected this was not actually what Apple was doing.

I was responding to GGP claim that services like Lavabit were logically impossible, which clearly isn't true: Lavabit existed. But as you say, Apple is obviously not doing the same level of encryption.

Re:Is this technically impossible - no.

[Dins]

Thank you - that's what I meant.

Re:Is this technically impossible - no.

[TWX]

Except that you can transmit a whole host of keys in advance, and use them one at a time until you run out of keys.

Obviously this is only going to work for very, very important and infrequent messages, as one could run out of keys quickly or have to worry about too many keys being found by the opposition and compromised, but for those applications it works just fine.

Re:Is this technically impossible - no.

[Tokolosh]

Is he required to lie about this?

Yes, a National Security Letter may do so. We have no way of knowing, so have to assume the worst.

This will continue until there is independent oversight of the security apparatus. And by apparatus I mean all three branches of government.

Re:Is this technically impossible - no.

[Tuidjy]

Anyone with a solid Computer Science background, extensive programming experience, and access to google can make something that is secure enough that it cannot be cracked in resonable time. It may be sluggish, it may be extremely inefficient, it will require a secure exchange of data at some point (before it is secure itself) and will draw a lot of attention when used. But it is perfectly possible. I certainly could do it.

Oh, of course, I would be infringing on a bunch of patents, but I bet it would be the last of my problems, once my encrypted communications attract the attention of 'the proper authorities'.

Re:Is this technically impossible - no.

He makes a fair point. The data stored at Apple does not generate revenue for Apple, at the contrary of Google - where your emails are scanned for content to target ads at your eyeballs.

Now, jumping from that to "We cannot do it even if we wanted to" is quite a leap forward. I'm not sure I trust that part of the statement.

What about that iBeacon crap?? Surely that's designed/being designed to store data. What good would it be if it only cached data for the current visit?

Re:Is this technically impossible - no.

[ObiWanKenblowme]

If you think marking a U2 album as "purchased" across all users' accounts is comparable to cracking strong encryption or secretly stealing private keys from remote devices, you really have no business commenting on this.

Re:Is this technically impossible - no.

[Tuidjy]

One time pads are not worthless in practice, at all.

Whether you are a criminal, or a government agent, at some point you will be in a secure location, and you will be able to exchange the pads. The USB stick in my pocket can hold more data than I expect to exchange with any of my friends in the course my lifetime. How long to you think encrypted messages need to be?

But even that is less secure than what you could do.

Hell, if I was writing a novel about smart criminals, and wanted them to be capable of secure communication, this is what I have them do:

They would meet in the big boss's hacienda, and they would agree to use one of the 50000 books available on project Gutenberg. The page to use as an one time pad would be selected via a function of the day the message is sent. The function would be simple enough to memorize.

When one of the party wants to send a message, they would take a picture they have a plausible reason to send, and would use a hex editor, on a PC physically disconnected from the Internet, to manually change a subset of low-significance color bits. Again, the subset will be determined by a rule that is easily memorized.

Yes, the process is laborious, and I would have them do it twice, and then compare the two resulting pictures. If they do not match, they will have to do it again. Once the pictures match, wipe (properly) the originals (from everywhere: camera, usb, secure computer) and send the modified picture, accompanied with an innocuous and appropriate message.

Obviously, the encrypted messages would need to be short, but this process will not attract any attention, and will rely on memorized rules, publicly available data, and programs that would not draw anyone's attention.

What is the NSA doing to do? Suspect anyone sending pictures to his friends? Try, as a one time pad, every page on every book available on Gutenberg, or the myriads of pirated book libraries in China, Russia, Ukraine, etc?

I cannot think of any weakness of this system. Can you? And even if it is completely stupid, I bet you two things: there are plenty of people who can come up with a better one, and plenty of people who are getting away with using a worse one.

Re:Is this technically impossible - no.

[maccodemonkey]

This works because iMessages are stored on your device, and not the server. So when you change your password, and update your devices password's the iMessages will re-transmit their history to other devices. So no, not wrong.

If you pull all of your devices offline and reset them, and then take them back online, the history won't be available to sync so all your messages will be gone. Apple does manage delivery, but the initial handshake is done by a peer to peer key exchange, so while Apple is caching and flinging data, they don't sit in the middle of the key exchange, so they can't read messages.

Email is another matter. The nature of how email works means they probably have some sort of access.

All the complaints about how buggy iMessages is make sense when you look at all the mechanics that they go through to keep messages secure.

Re:Is this technically impossible - no.

[mean+pun]

Let's put it more simply. Aside from the one time pad, there is no publicly available encryption the NSA can't crack.

Although that might be the safest assumption to make, it is not at all clear that that is true. The standard algorithms and key sizes that are currently considered safe are certainly far too strong for brute-force attacks, even using massive and dedicated hardware, and they will remain so in the foreseeable future. It is always possible that there is a weakness in an algorithm, but there are no indications that there are, despite a lot of public scrutiny.

More directly: Edward Snowdon says that he trusts these algorithms.

Re:Is this technically impossible - no.

No. Since part of the mathematics is hidden from you, you don't know what NSA can and can't do. Only if you can prove mathematically that something is secure, given all possible future advancements in mathematics, can you know NSA can't decode it.

Re:Is this technically impossible - no.

[david_thornley]

A National Security Letter means the recipient must hand over information without notifying anybody else about it. It can probably force somebody to lie if they're using a "canary" approach (such as a message on accessing mail that it's definitely not going to the authorities). I don't see that it can force lying under any other circumstances.

Re:Is this technically impossible - no.

Nothing you described is a solution whereby Apple remains unable to read your e-mail. Throwing public-private keying into the mixture doesn't magically make it unreadable by Apple. Ultimately if they can change your password without knowing your password, they have the capability to read all your data.

All that multi-recipient S/MIME does it encrypt a secret key (used to encrypt the message) each time for each recipient. But if the recipient lost his private key, then he'd never be able to decrypt the secret cipher key. Because you can lose your password and/or private key (assuming the iPhone has a builtin PKI) and still recover your data, Apple has a master lock somewhere. And if Apple does, so does the government, through power of a court order.

There are many schemes more clever than the ones you brought up (you might have actually be confusing multi-recipient S/MIME with secret sharing schemes), but neither do any of them grant Apple magical powers.

Re:Is this technically impossible - no.

[ceoyoyo]

One time pads have been, and probably are, used extensively. You send a bunch of random data to someone via some secure method, which is usually very slow (like hopping on an airplane with a DVD full of random numbers on your person). You can then exchange messages securely using a convenient and fast channel, such as e-mail. See the utility there?

Re:Is this technically impossible - no.

[ceoyoyo]

You didn't say so, but I'm assuming you're encrypting your message using the book page as a one time pad, then obscuring it using steganography. If someone sufficiently motivated were after your criminals, they could break that. Steganography isn't much protection when someone knows there might be hidden messages. And your one time pad, while one time, isn't random. Book pages have quite a bit of structure.

Any structure in a one time pad makes it vulnerable. To the point where people have gone to great lengths to construct them using the best random numbers obtainable, from devices ranging from antennae monitoring the ionosphere to quantum devices.

Re:Is this technically impossible - no.

[ewibble]

The questions are this:
1. If you get a new phone can you access your emails with that phone?
2. Can you reset your password?

If 1 is true clearly there is nothing on your phone that is needed access your emails.
If 2 is true and they use your password to encrypt your data:
They clearly can decrypt it without you providing the old password, and re-encrypt it.
else they decrypt it with some key stored on their sever so they can clearly decrypt it.
else don't encrypt it at all.

So either Tim Cook's technical knowledge is lacking or he is lying.

Disclaimer:
I don't have an iphone or use icloud, so I don't know for sure but I assume the answer to both questions is yes

Re:Is this technically impossible - no.

[ewibble]

He also may be using weasel words, he may be stating there is no application that currently exists that allows a staff member read your emails. Not that one cannot be written, rather simply.

This maybe true, but the intent of the statement is still to deceive.

Re:Is this technically impossible - no.

[ewibble]

So if you loose your phone, or it getsbroken you loose all your iMessages? I am not sure you might be right but doesn't that kind of defeat the purpose of the cloud.
Tim Cook Says:

Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form."

saying they are not held in "identifiable form." means they are held. therefore they are idenfiable since the apple user can identify them, since apple has the knowledge to identify them.

Re:Is this technically impossible - no.

[Tuidjy]

You didn't say so, but I'm assuming you're encrypting your message using the book page as a one time pad,

Yes, I missed describing part of the mechanism. You use the page to generate the one time pad, once again via simple rules that you only keep in your head. You certainly do not use the ASCII code of each letter/space/punctuation sign as one byte in the pad. This will not make it anywhere close to random - it will be way worse than counting decay particles, but I think that it will be good enough. I am not trying to improve on something that we know works, here. I am trying to avoid incriminating keys that the characters have to keep secure, and that can be seized to compromise the communications.

Steganography isn't much protection when someone knows there might be hidden messages.

Once again, I am going for good enough. Sure, the attacker may know that a few bites in the picture 'may' have been changed. (The characters won't be dumb enough to exchange pictures only when they want to exchange a message.) If the message is short enough, and the picture large enough, it will be very hard to tell there's something amiss, and much much harder to prove it in a court of law... Not that it really matters.

Remember, by picking other bites, and picking a different one-time pad, you would get different messages, just as meaningful.

Re:Is this technically impossible - no.

[penguinoid]

Your system has too many vulnerabilities. The worst is its reliance on criminals to be loyal and diligent, any one of whom could compromise your entire organization's communication. Almost as bad is using a 2 byte encryption key (the index to a book). And then you want them doing steganography, and by hand? They'll be raising every red flag there is.

On the other hand, you could simply use private/public keys. Each person has their own set of keys, and the key itself is encrypted with a decent password.

Re:Is this technically impossible - no.

[ceoyoyo]

What you're describing is a random number generator with a key to initialize it. Some of the good ones might be good enough (or might not). Anything you can keep in your head is going to be crap and fairly easily breakable. Either way, you're still better off to just exchange regular secret keys at your meeting, which can be concealed in a variety of ways. Even real one time pads can be fairly easily concealed - a "blank" USB key, for example.

Re:Is this technically impossible - no.

[Tuidjy]

What you're describing is a random number generator with a key to initialize it. Some of the good ones might be good enough (or might not). Anything you can keep in your head is going to be crap and fairly easily breakable.

Hell no. Using a not-all-that random-book page, and obfuscating its structure by applying a simple algorithm on will still give you an one time pad that is suboptimal, but nowhere all that breakable, especially if you do not know the simple algorithm, and that it is being applied on book pages.

Lets assume that you have somehow completely broken through some of the steps (In the real world, you could not break through the whole thing step by step)

1) So, through some magic you have managed to extract the exact bits from the picture that have been modified. (Which is far from easy, if you have ran out of magic)

2) Lets even assume that you somehow know that the one time pad is generated from book pages, through some keep-it-in-your-head method. (Through the same magic as before)

So now you have the encrypted message. What do you do? How do you use your knowledge of the weakness of the one time pad?

All you will get is the ability, once you have come up with every possible message, to assign a probability of the sort "This message is more likely to have been the original, if the one time pad was crappy in the way we assume it was".

Re:Is this technically impossible - no.

[Tuidjy]

the worst is its reliance on criminals to be loyal and diligent, any one of whom could compromise your entire organization's communication.

No argument there.

And then you want them doing steganography, and by hand? They'll be raising every red flag there is

How exactly is the e-mail with a picture going to raise any red flags? Sure, it they are already tailed everywhere they go, and someone is monitoring how long they spend composing their e-mails, they will be in trouble. But just from the sent e-mail, when neither the sender or the receiver are monitored? Unlikely.

Each person has their own set of keys, and the key itself is encrypted with a decent password.

Sure. And their e-mails contain obviously encrypted content, which makes them a person of interest, and they own the key for the next e-mail, and the program to decrypt it, so that it can be taken from them, and used by the adversary. Are you sure your way is better?

Re:Is this technically impossible - no.

No CEO is ignorant or stupid. He knows.

Re: Is this technically impossible - no.

Clearly.

Re:Is this technically impossible - no.

[fustakrakich]

Unfortunately the mods don't want to hear that. The simple things are often the most painful to some. Marrone! Waddami gonna do?

Re:Is this technically impossible - no.

[fustakrakich]

Oh please! We don't even know who "Edward Snowdon" is. And the "clarity" of truthfulness is unimportant when dealing with authority. It is always most prudent to assume the worst. That way you will never be disappointed.

Re:Is this technically impossible - no.

[AmiMoJo]

Data stored by Apple certainly does generate revenue them. It's a service that requires or at least strongly encourages you to buy expensive Apple hardware. They don't provide it out of generosity.

Re:Is this technically impossible - no.

[AmiMoJo]

Apple say that the data is encrypted with a key derived from your password. Okay, that says they could be telling the truth, in so far as they don't store the key.

However, in practice it's meaningless. They could easily make the client send the password to them in plaintext for target accounts (weren't Hushmail suspected of doing that years ago?) For most users they could just brute force the password. We have to take their word for it that the password storage is properly secured, e.g. hashed with a unique salt value.

When the FBI comes knocking with a National Security Letter all bets are off.

Re:Is this technically impossible - no.

[rioki]

Semantics, but... the data "itself" does not generate revenue; it is an auxiliary to the expensive device. Contrast that to Google, the data is the central bit about the targeted adverting. That is the distinction done here.

Re:Is this technically impossible - no.

[gnasher719]

Yes, a National Security Letter may do so. We have no way of knowing, so have to assume the worst.

You are wrong. There is no way to legally force Tim Cook to lie. There are ways to legally force him to be quiet about a subject, and not to give us information, but there is nothing that can force him to lie.

Re:Is this technically impossible - no.

[rioki]

I think Bruce Schneier put it quite blunt "trust the math". There is a relative high degree of certainty that the math is solid. You may need to use different "magic numbers" then the specs, but apart from that the math should be solid.

The problem actually comes in the implementation and security protocol. Implementation of the crypto may be faulty. The key may could be intercepted when you are sharing it with the other party. The system the key is stored on is vulnerable to attack. Systems processing the data need to decrypt at least bits of the data to process it and the clear text leaks. The implementation is vulnerable to side channel attacks.

As Tuidjy puts it, everybody with a solid CS background can implement a crypto scheme. That person (having a solid CS background) should also know that it is technically impossible to build a 100% save scheme. You only shift the goal posts by using crypto. The best you can get is to the point where they need to install a camera that reads your screen.

Re:Is this technically impossible - no.

[Alarash]

There is a way that you can read the email but Apple can't : encrypting using a private key generated on your user account (much like what the TextSecure Android and iOS application does). If Apple does this, that would be an interesting undocumented feature. (spoiler: they don't do this).

Re:Is this technically impossible - no.

If you call that a proof you must be a religious nut!

Re:Is this technically impossible - no.

The issue is that it's stored in an encrypted format using the users password which is also stored in an encrypted format. Apple has one side of the key, but only the user has the other. Apple could "hack" your password, but they would need that to decrypt. It's the same storage, I believe, that they use on the iPhone if you choose to encrypt it. They say, if you loose your password, you can't recover the data.

So technically what he says is possible.

Now I've never lost my iCloud password, but a way to test what he says is to change the password without entering your previous one (sort of a "forgot my password" link. A "secure" system will give you hints to recover, not just a link to set a new password. If they give you a link to set a new password then that means, somewhere, they have a key that they can use to decrypt the data so that they can re-encrypt it.

Re:Is this technically impossible - no.

This is not true if you understand encryption. Most encryption today requires two keys. While apple could intercept a message as it's coming across on the wire, they can store a message in an encrypted format using one key that can only be retrieved with your password. Even the passwords on the system would be encrypted. So technically it's possible provided apple doesn't monitor the wire itself (which it likely doesn't).

Now I've never lost my iCloud password, but a way to test what he says is to change the password without entering your previous one (using a "forgot my password" link). A "secure" system will give you hints to recover, not just a link to set a new password. If they give you a link to set a new password then that means, somewhere, they have a key that they can use to decrypt the data so that they can re-encrypt it. If they give you hints and then tell you that setting a new password will destroy your existing data (like it does on an encrypted iPhone) then it's probably secure.

Understand too that SOME data (like purchases and such) might be recoverable under the secure setting (because those would be tied to user name rather then encrypted), but the encrypted content would not be recoverable without some sort of unique key (or password) coming from somewhere.

Re:Is this technically impossible - no.

I posted in another post about this same "test".. Do they have that ability? I've never recovered my password from apple so I don't know what's recoverable or not. But if that's the case, you would be right. I know with an encrypted iPhone, that is NOT the case.

It's also possible that apple is using an alternative key. Maybe a wallet id connected to your mac or something. But your right in saying that if you can reset the password without loosing your emails, that they obviously have some way to reverse engineer it.

Re:Is this technically impossible - no.

[HermMunster]

Of course they can read it. They may not make a habit of it, but they do have the capability. If they didn't they would be worthless.

Re:Is this technically impossible - no.

It's very easy to tell what the NSA can crack or not. They won't allow the US to export any technologies that they, themselves, can't crack to other countries. This is why you can't export certain encryption algorithms and why you can export others. Of course, those change every year. :) For local spying with high end encryption, the previous poster is correct. They need to use other means. And they have a LOT of ways to do it, even from measuring magnetic pulses from your keyboard. But they are a lot harder to do then normal mathematical analysis.

Re:Is this technically impossible - no.

One of the things they may do is have a key somewhere in the users hands (on a mac or an iphone or something), and use those keys. If the NSA wanted the data then, apple could give them the encrypted data, but they would need to get a search warrant to obtain the computer or the iPhone since it's in the users possession. This is a technicality, it means that apple "could" retrieve the information if they wanted to, but it's likely not covered by any of the Homeland Security domestic spying laws.

Re:Is this technically impossible - no.

I personally don't believe that the NSA can't crack strong encryption.

I'm not quite sure what you are saying. It sounds to me as if you think that there is no encryption strong enough that the NSA cannot crack it. This is completely false.

A simple example is using one time pad encryption. Without the pad, you you cannot even theoretically crack it. Try every possible pad, and you will get every possible message of the proper length - some of them will make perfect sense, so you will not be able to find the right one.

Taking it a bit further, there are encryptions that would take too long to crack, if they are properly executed, and the NSA does not have a backdoor. And by too long, I mean that there is not enough time before the heat death of the Universe.

Hell, I am perfectly sure that I could establish communication with some of my friends from college that could not be cracked, even theoretically. I would have to exchange some information with them in a secure manner before hand, of course. But I would never take the risk of doing something like this. It would attract the wrong kind of attention.

You're wrong. You can always crack it. The question is, how LONG will it take you to crack. If an encryption system will take 20 years to crack by brute force, for instance, it's considered uncrackable. Cracking techniques become "crackable" either through the discovery of an algorithm that can cut this time down, or my advances in computing that can compute faster. The current grade of encryption techniques don't have any known mathematical exploits, so you need to rely on hardware and other techniques to actually "get" the key. But brute force is always an option.

Re:Is this technically impossible - no.

[unrtst]

I agree with you, and I thought i was saying the same thing :-)

Re:Is this technically impossible - no.

I'm writing a new anti-terrorism law that requires ISPs to compress all image files transmitted through their servers. Thanks for the suggestion.

If true thats great

[FrozenToothbrush]

Not sure I believe it.

Re:If true thats great

I believe I'm sure of it.

Re:If true thats great

[binarylarry]

Yeah I can't wait until he starts saying:

"Bono and the Edge totally pulled a fast one on us. Apple has no way of automatically installing horrible music on your devices with your permission."

Re:If true thats great

Apple has no way of automatically installing music on your devices with your permission.

That is a 100% correct statement. If you haven't turned on automatically download music purchases (i.e. permission), nothing installed on anyone device.

Re:If true thats great

[Shadowmist]

Apple has no way of automatically installing music on your devices with your permission.

That is a 100% correct statement. If you haven't turned on automatically download music purchases (i.e. permission), nothing installed on anyone device.

Apparently there were a vocal group of folks having a hissy fit at suddenly finding a U2 album on their iPods after the last keynote.

Re:If true thats great

[NatasRevol]

Free music is the worst thing EVAR!

Re:If true thats great

[ahaweb]

That's like calling spam "free advice".

Re:If true thats great

[NotDrWho]

If it were true, the U.S. government would have already come after them full force. No one tells the U.S. government "No" without serious consequences. Just ask Yahoo.

Re:If true thats great

[binarylarry]

Sure of it, believe I am.

Re:If true thats great

[Tokolosh]

If Apple, Microsoft, Google, Yahoo, Facebook, Twitter, Cisco, Intel and AT&T stood together and told the US government to fuck off (as they are obliged to to), I think the shoe would be on the other foot.

Re:If true thats great

[Bing+Tsher+E]

"I still haven't found what I'm looking for" but I prefer Negativland.

Re:If true thats great

[FrozenToothbrush]

Maybe, I think they're heavily involved in these companies so these things happen more 'naturally' and therefore more acceptable. For example, if a person with close ties to the government is on the board and wants something done then it's normally done. This is how companies work. The other workers can voice dissenting opinions all they want.

Re:If true thats great

[NotDrWho]

Maybe. But they didn't do it when Yahoo was fighting the government alone. So I wouldn't hold my breath.

Lie.

[jddj]

Since when is anyone's SMTP email secure in transit, when is anyone running a mailserver unable to read the mail?

Since when is any company immune from subpoena or contempt of court?

Re:Lie.

[Sockatume]

...because that's not what he actually said. He has previously stated that iMessage and Facetime, by design, can't be intercepted (it's all encrypted client-side); in this new interview he stated that they don't read your email, and that as a general principle they try to design systems so that they can't capture data, or at the very least aren't capturing anything they don't need to do what they're supposed to be doing.

Re:Lie.

Since when is anyone's SMTP email secure in transit, when is anyone running a mailserver unable to read the mail?

Since when is any company immune from subpoena or contempt of court?

Apple cannot read the mail that you store on the server. Apple doesn't sniff your traffic and store it in another location. Once it's delivered, it's encrypted.

Re:Lie.

It just has 207 exploit opportunities to recover key material and send it either to FtMeade or Chelyabinsk*. Or Tel Nof AB.

*to Ivan Bearikov, a highly educated member of the Russkie mafia, who wants a decent job in the aircraft R&D lab, but cannot get it there.

Re:Lie.

[jddj]

Look, where would ./ be if posters read TFA?

Looks to me like the ./ summary is claiming something that the ZDNet article does not. So yeah, not a lie on Cook's part, or not one the ZDNet article demonstrates anyway.

I still wouldn't trust any company not to hand over my information to the government. Lavabit was one hell of an exception, and one geeks the world over should be proud of.

Neither would I trust that email content I didn't personally encrypt with my own keys couldn't be seen by others.

Apple doesn't have to be relaying email for others in order for Apple to be able to see the contents of all SMTP traffic that transits or terminates at their mail servers. SSL for SMTP means nothing if the mail server is pwned or intentionally logging stuff due to a business mandate or government subpoena or pressure.

So Tim Cook didn't tell that particular lie. Good. But "We don't read your email" is an assertion, and one generally impossible to prove true (though more easily possible to prove false, given a certain amount of evidence).

Re:Lie.

[bberens]

This can't be true. Or at least if it is true they have the encryption key. If your password was required to access the e-mail data, then if you lost your password you'd lose access to all of your historical data during a password reset.

Re:Lie.

[ColdWetDog]

It is this. EMAIL IS NOT SECURE. No matter who starts it or finishes it.

If you are using email to do anything but send words of affection to your legally bound, opposite sex, partner (or recipes to anyone), you're doing it wrong.

Remember the bit about email being a postcard?

Re:Lie.

[gripfin]

Apple could I suppose choose to encrypt at rest. But it would be a pretty inefficient mail server. A subpoena after you had stopped using the service and fled to Hong Kong might not turn up anything. I think it's a disingenuously narrow definition of "hacked" being used here. If my cloud ecosystem uses trivial "secret questions" or is brute forcable or has a 2FA system so awful noone uses it, then is an intruder using these weaknesses who comes in through the front door brandishing a real (socially hacked) password not actually regarded as a hacker ? This is all a war of words for mainstream media consumption, remember. Recently I heard that "gmail had been hacked", whereas the actual story was that a rogue (non play store) android app was able to sniff shared memory while the gmail app was logging in. The headline maybe should have been "apps on android can read each other's memory". The target hack could have been headlined "applications in XP can read each other's shared memory, and your whole system is only as strong as the security disciplines applied by your heating subcontractors if you give them access". But the general public can't get their heads round this stuff. I'm also pretty sick of hearing how this is somehow a sign of Apple's specific weakness ("note how it wasn't android") rather the opposite interpretation ("famous people are more likely to be using an iPhone than a Samsung Galaxy S"). Any system made easy to use for the masses is at the mercy of the poor security behaviour of the users. Most of all though, I'm quite surprised to hear frpom all of this that I'm apparently in a minority for NOT using my phone to take / send naked pics. Everyone's doing it, I hear. Who knew ?

Re:Lie.

[gripfin]

(by "the target hack" I meant "the Target hack")

Re:Lie.

[Overzeetop]

Shhh...you're going to muck up the distortion field. They're better off not knowing. It's not like they have any useful information, they're apple users.

Re:Lie.

[gl4ss]

better than that the system allows for password reset by using email(among other methods). so with the data they posses, they can generate access to all the data. that means that any encryption or access blocks or whatever there are, are meaningless from the logical point of "can they read it?"

so they can reset the password without having anything from you - that means they can read everything is in there and can be coerced to do so by legal means.

on some other site it might be worth mentioning that they don't really need to change the password so you wouldn't really notice it either.. they can do whatever they want with the data - nothing required from the account owner.

Re:Lie.

[swb]

You can secure SMTP with TLS, can't you?

Re:Lie.

Not if multiple keys work, such as the answer to security questions. A paper a little while back showed how it is possible to encrypt information in such a way, if One has 2 out of 3 decryption keys, the information can be retrieved.

Re: Lie.

No. TLS secrets the transport layer. The destination mail server has to be able to read it to forward it on. SMTP email is not secure.

Re:Lie.

[gnasher719]

I still wouldn't trust any company not to hand over my information to the government. Lavabit was one hell of an exception, and one geeks the world over should be proud of.

But then Lavabit made the big mistake of being _capable_ of decrypting your data. Once they were _capable_ of decrypting it, that was it, and they started a fight with the government that they couldn't win.

With Apple's iMessage system, they _can't_ read your data. And since they _can't_ read your data, Tim Cook can refuse to give them your data (actually, he can't give them your data anyway because he just can't) without fear of having to go to jail for this refusal. So no heroics needed for Apple. Much better solution than Lavabit.

Re:Lie.

[WuphonsReach]

You can, and I'd guesstimate that about 50% of legit SMTP connections to our server are encrypted with TLS. But that number could also be as low as 10-20% (the 90% of all connections being spam zombies makes it harder to estimate).

I have not tracked the value over time to see if it is going up/down. And our site is not particularly large, so we don't have a good sample to pull from.

Re:Lie.

[gnasher719]

It is this. EMAIL IS NOT SECURE. No matter who starts it or finishes it.

Well, exactly. If you send me an unencrypted email, and it is stored on Apple's servers somehow, and my computer asks Apple's email server for the mail, then Apple has to send the unencrypted email to my computer. In other words, Apple _must_ be able to produce the unencrypted email.

(Hmmh. I wonder if this is right. I wonder if there would be a way with https to store an encrypted mail, which would be decrypted when my computer decrypts the https? But then the NSA could just request my email through https and they could read it? )

Re:Lie.

[Noah+Haders]

he can give NSA all the data he has, but it may be difficult to read. not his fault.

Re:Lie.

Secure if you send messages as encrypted attachments. I doubt that mechanism is used in this case.

Re:Lie.

[Qzukk]

I wonder if there would be a way with https to store an encrypted mail

Short answer: No.
Long answer: SSL makes use of a temporary session key that is calculated between the client and the server at the time of the connection. Once the connection is over that key is (ideally) destroyed. If the email was encrypted with my session key when I sent it to the server (and somehow not decrypted by the server at this point) your session key that you create when you connect to the server won't do the job.

This is what S/MIME is for. The email body (and optionally some headers) is encrypted with a session key which is encrypted with your public key (rather than the server's key). Then it is sent through regular email channels. You receive the email and decrypt the session key with your private key, and use it to decrypt the message.

Re:Lie.

[gnasher719]

Not saying it would be simple. https means: Data is encrypted with a key K and decrypted with the key K', and somehow both sides agree about the key. First, Apple could store your email encrypted with a key A so it can be decrypted with key A'. If they combine A' and K, it could be possible to send the https message to you without ever producing the decrypted message at Apple. Now if Apple didn't store the key A', but some means to combine A' with a (yet unknown) key K, then they couldn't decrypt your message.

Re:Lie.

[AmiMoJo]

If Apple can reset your password and your imessages can still be recovered, they can read them.

Whoops

The partial quote distorts what he said. The "Apple cannot read" part is specifically about iMessage, not email.

Not Hacked?

[rainwater]

Technically it wasn't hacked but Apple's poor security practices for password resets is what led to user's accounts to be compromised.

Re:Not Hacked?

[Sockatume]

Right, it's not iCloud that was hacked, it was individual user accounts. It's the distinction between "the rotary club has been murdered" and "the members of the rotary club have been murdered".

Re:Not Hacked?

Care to elaborate on what you consider poor security practices for password resets or provide proof as to this being the cause?

I have friends and family with poor security practices, and scammers have broken into many of their accounts to fish for money. These have been from @yahoo.com, @gmail.com, and @hotmail.com ... should we blame Yahoo, Google, and Microsoft for those breaches, or should we agree that the users are the ones at fault for picking poor passwords.

Put the blame where it belongs. Primarily on the attackers, and secondary on the users poor security. No amount of work on the part of the service provider can overcome a gullible user who is willing to give his credentials to the prince of Nigeria.

Re:Not Hacked?

[jratcliffe]

Actually, it's more the distinction between "they broke into the bank vault and went through your safety deposit box" and "they pickpocketed you, and used your key and a fake ID to get into your safety deposit box."

Re:Not Hacked?

[idontgno]

If you think like a cell in a Corporate Person, it's a critical distinction.

It's why you can't sentence a corporation to death, as much as it might be deserved.

So, yes. It's a distinction that makes no difference to the user, but every difference to the corporation.

And, at the end of the day, we all know whose interests the corporation is looking out for.

Re:Not Hacked?

[fustakrakich]

It's why you can't sentence a corporation to death...

Ah, but you can. Its charter can be revoked, should we ever vote for people who would do such a thing, but that's not very likely.

Re:Not Hacked?

[mean+pun]

Right, it's not iCloud that was hacked, it was individual user accounts. It's the distinction between "the rotary club has been murdered" and "the members of the rotary club have been murdered".

No, some members of the rotary club have been murdered. (And also some members of the local droid knitting club.)

There is no indication that every iCloud account was hacked, or even that a disproportional number of iCloud accounts were hacked.

Re:Not Hacked?

[mlts]

In reality, the next step up on Internet services is moving to 2FA everywhere. Passwords are easily gotten, but 2FA, though doable, raises the barrier immensely. It means that someone would have to know the user's password and have control of one of their devices. This is far harder than just sifting through a pile of passwords found on a bittorrent dump and trying them on various accounts, or guessing a user's grandma's last name.

I'm sure that if the users that had the pictured compromised had their phones secure and had 2FA on, we wouldn't be inundated about these stories.

Of course, 2FA isn't a perfect solution. Lose access to one's phone number that is used for texting codes, and lose access to the recovery key... and one is hosed big time, be it if they are on Google, Dropbox, Apple, even Yahoo. The ideal would be a vendor neutral keyfob that can be used with everyone's 2FA systems, either as the main means of authentication, or as a tool for recovery, where the keyfob can be stashed somewhere physically secure if there is no other way into an account.

If true thats great

I'm sure I don't believe it.

What infamous PPT?

How long have i been asleep, what powerpoint slides is he referring to?

Re:What infamous PPT?

[Anubis+IV]

The PRISM PowerPoint slides leaked by Snowden.

Poor Apple

[obarthelemy]

It seems they've picked "privacy" as a fighting point vs Google. They don't seem to realize that people either
1- don't care anyway
or
2- care, and know Apple is bullshitting.

Re:Poor Apple

oh, this is an interesting game. You alone get to choose what evidence is admissible in proving apple is bullshitting. I assume if we provide anything that's somewhat concrete then you'll deem that evidence is inadmissible as well?

Re:Poor Apple

[elsuperjefe]

i know right? i totally don't care that Google uses every "key word" of every gmail message i send to enable advertisers to better market their crap to me. i further couldn't care less that Google stores each message forever even after i tell them to delete it. There's no way that could possibly come back to haunt me. They do no evil, so I trust them! just like i trust every big company whose business model depends on the content my personal emails and searches.

Re:Poor Apple

[Cloud+K]

Call me gullible if you wish (given the PRISM leak it'd be fair) but I do actually relatively trust them, and believe that they were probably just as horrified to discover that the NSA had manipulated whoever they managed to manipulate (some engineers most likely) and tightened things up accordingly.
There's always this idea that the more successful a company is, the more Pure Evil they are and basically out to be as scummy as they possibly can. But short of the PRISM thing (which again I personally suspect was probably more a case of the NSA bullying some engineers than them colluding with C-levels) I've not seen much to suggest that Apple are actually evil and out to eat your children. I really can't help wondering if these levels of cynicism are all that good for your mental health - it sucks assuming that everyone is out to get you.

I don't outright 100% trust them of course because that would be silly, which is why I said "relatively". But the relativity between Apple and Google in terms of respecting privacy is a chasm of epic proportions, IMO. Google's C-levels say things like "privacy is dead" and "if you have something to hide you shouldn't be doing it".

There's a huge difference, and it actually IS a very good advantage for them to market - I've been deciding whether to switch back to iOS for my next tablet, and this statement has been enough to seal it.

Re:Poor Apple

[Bing+Tsher+E]

The part that gets me is that Apple thinks that it's a Google or Apple choice. That by tearing down Google they can raise themselves up.

I choose neither.

But Apple has historically promoted the idea of a competitor to their fandom. They utilize an 'Immanual Goldstein is the enemy' model, with regular five minute hate sessions.

I don't think they can maintain their marketing culture without something out there for their fans to feel superior to.

But we can stop caring. We don't have to pick a flag to wave in the air, or at least we don't need to pick one of the corporate logos on our flags.

Re:Poor Apple

[Bing+Tsher+E]

I've been deciding whether to switch back to iOS for my next tablet, and this statement has been enough to seal it.

Oh, come off it. Now you sound like the guy on the radio who says 'I have siding on my house installed by our Sponsor, Adolph's Siding Company.'

Google nor Apple are worthy of our trust. Don't use their email services. Don't use their cloud services.

Don't pretend we all need to choose sides.

Re:Poor Apple

[CowardlyAnomalous]

At least in Apple's case I'm the customer, for Google I'm the product. I buy the products that Apple makes. Google sell to others, their access to me.

Re:Poor Apple

[Cloud+K]

I'll use what I want to, thank you.

Similarly, whether you choose sides (or choose a tinfoil hat and avoid cloud services altogether) is up to you. That's how the world works you see, people make personal decisions, they don't usually take orders off people on the internet.

3 years ago I liked what Google were doing and disliked what Apple were doing so I switched to Google
Now, vice versa.
There's no brand loyalty here, but these happen to be the two biggest mobile OS manufacturers (sorry but Blackberry and Microsoft are irrelevant by comparison IMO) and in direct competition, so damn right I'll pick a side when one is doing something I like and the other is doing something I don't.

Re:Poor Apple

[IamTheRealMike]

Google's C-levels say things like "privacy is dead" and "if you have something to hide you shouldn't be doing it".

Sigh. This has to go down as one of the most commonly manipulated misquotes in history.

Schmidt was saying something along the lines of "privacy is dead" in response to a question about the PATRIOT Act. He was telling it like it is, giving as much of a warning of what was going on as he could without actually doing a Snowden. He wasn't expressing happyness about that state of affairs, just pointing out that US laws give the US government enormous powers over people's personal information. And his last comment (actually "maybe" you shouldn't be doing it) was an observation of the fact that these things are not black and white: there's a small contingent of people who genuinely need nobody at all to know what they're doing for noble political reasons. And then there are all the people who aren't Snowden and are just trying to hack someone else's nude photos.

tanslation for the masses:

[nimbius]

Tim cook, talking head who has only ever held managerial roles in various fortune 100 companies, expels platitudes about the sanctity of the iGalaxy for users who slept through FISA and NSA backdoors and only recently began giving a shit when selfies and nudes were leaked from the magical cloud by notorious hacker 4chan.

Re:tanslation for the masses:

[bmo]

The fact You refer to "4chan" as a "notorious hacker" shows Your interpretation should be presumed erroneous.

And your reading of his message is erroneous, because it was reported in the media that the notorious hacker was indeed "4chan."

--
BMO

Eiffel Tower For Sale

Really cheap. Call me on my iphone at 0800 TELL ME LIES.

What a liar

Everyone knows iCloud was hacked.

They released the fix for the iCloud hack right after the fappening.

Re:What a liar

[Bing+Tsher+E]

"We have always been at war with Eastasia."

I do not believe him.

[QuietLagoon]

I do not believe him when he says Apple cannot access iMessage and FaceTime communications.

Not really a lie

[wiredog]

Apple doesn't run public email servers. At least, I don't think so. Nothing like gmail, anyway. So they aren't transporting your email. Unless they back up your mailbox to iCloud. But iMessage is encrypted, and Apple has stated many times that it can't read that traffic.

Re: Not really a lie

[wues]

You don't know anyone with @me.com or @icloud.com address?

Re:Not really a lie

These all seem to be public email domains.

@icloud.com, @me.com or @mac.com

Re:Not really a lie

[Rick+Zeman]

Apple doesn't run public email servers. At least, I don't think so. Nothing like gmail, anyway. So they aren't transporting your email. Unless they back up your mailbox to iCloud

Yeah, they do run public email servers if you've opted in. Was user@mac.com, then user@me.com, and now user@icloud.com. Just using a device, no, your mail doesn't go to an Apple server unless it's one of their accounts.

Re:Not really a lie

[peragrin]

iCloud.com addresses are required for most of iCloud's services. Without iCloud loses a lot of functionality.

Guess what I don't have

Re:Not really a lie

[dkman]

I was wondering about that, because it's nearly impossible to run a mail host and not be able to read the mail. I believe it is impossible when the mail isn't encrypted end-to-end.
It would also be impossible to offer any kind of spam, junk, antivirus service if you couldn't read the mail.

Since Apple isn't providing mail service, and doesn't proxy everything through it, your iDevice is configured to talk to your mail host. So if Apple could read your email they'd have to be doing something very wrong indeed. So he's essentially saying the same thing as if Google said they couldn't read your work email. Well no s#!t Sherlock, you don't have access to it.

I'm not saying that to Tim Cook, but the way it was reported was stupid.

Re:Not really a lie

[H0p313ss]

iCloud.com addresses are required for most of iCloud's services. Without iCloud loses a lot of functionality.

Guess what I don't have

Not true, you can register with iCloud with another email address, however it will then automatically allocate an iCloud.com address for you, but you don't have to use it nor does it limit the functionality. (This is what I do...)

Re:Not really a lie

iCloud.com addresses are *not* required for any of iCloud's services. I know. I use them, and don't have anything attached to an iCloud.com email address.

iAD http://advertising.apple.com/ since iOS4

[tuppe666]

"With iAD you can get your message out to millions of people worldwide who use Apple products every day. Connect with users as they listen to music on iTunes Radio or while they use their favourite App Network. Find your audience using targeted tools built upon a foundation of registration and media consumption datahttp://www.youtube.com/watch?v... start at 44 Min The idea is you spy on people in Apps not in search, because people spens 97% of their time in apps

Re:iAD http://advertising.apple.com/ since iOS4

The data that Apple grabs is anonymised. The ads would be delivered to you based on your interests, but the advertisers don't actually know who you are. That is, Apple isn't selling your personal data to the advertisers, they're telling the advertisers that they can reach a demographic that you may be a part of based on your app usage.

This differs from the way most data collection and selling works, where they have a profile of exactly you built up through cookies and tracking and references back to your facebook profile and google searches.

Even still, you can opt out of iAd if you choose.

It's the goal.

Anonymous here because I know stuff.

The position of the big techy corps is that they are royally pissed with the government pestering them with secret requests for data that they can't refuse.
They want technology that lets them say to the government "No we can't give you the keys or the data because we can't access it ourselves".

This is a problem cryptographically, particularly in complex communication and storage systems. The key management is a bitch. But it can be done if you have competent cryptographers and crypto implementers on board.

It is no surprise that Apple claim what they claim because it is what they want.

Re:It's the goal.

[Cloud+K]

Whilst you do sound like a channer (no offence - Anonymous is what they call themselves, and your writing style reminds me of one I know, but they do sometimes pretend to "know things") I wish I could mod you up as this is exactly what I'm suspecting as well. I really don't think the corporations are necessarily all Evil Devils out to collude with the NSA and do all sorts of nasty things with the data of individuals.

They're successful financially but surely this doesn't automatically mean they have no conscience.

Re:It's the goal.

I'm only anon and I know stuff because I work for one of the megacorps where this whole issue has been and is being addressed.
When the guv'ment is the enemy, it doesn't help to do your work in public.

I realize Tim Cook is now the face of Apple

[93+Escort+Wagon]

And Charlie Rose isn't a techie. But if you want to really convince the Slashdot audience, it'd be better to have a high-level engineer answering these questions than a guy who's skill is managing the inventory supply chain.

Re:I realize Tim Cook is now the face of Apple

[alvinrod]

If you wouldn't believe Tim Cook, why would you believe anyone else from Apple? They might be able to provide a better technical description of precisely why Apple can't access your information, but does that really matter as to whether or not what they're claiming is true?

Re:I realize Tim Cook is now the face of Apple

[Bing+Tsher+E]

The guy at the top is always a lying sack of shit. There are people tucked away in a lab somewhere that the PR Department would NEVER allow to step in front of a microphone.

You don't know much about corporations, do you?

The old Jackie Mason routine

[superwiz]

Reagan was happy, he was always smiling

They asked him, "what about the defiicit?"

He said, "there is no deficit!"

They told him, "but there is!"

So he said, "so there is."

...

30 years later

There is is no emal theft! But there is!.... waaaait for it.

I believe.

I believe Tim Cook. I also believed General Custer when he said that there weren't enough Indians to defeat the Seventh Cavalry. That's why I've been dead since 1876.

Apple Angels

[ThatsNotPudding]

A thousand angels, parsing the fuck out of every word on the head of a pin.

tanslation for the masses:

The fact You refer to "4chan" as a "notorious hacker" shows Your interpretation should be presumed erroneous.

Poor Apple

Prove Apple is "bullshitting". No, You may not use the incorrect description of "The Fappening" (i.e., "iCloud was hacked") as an example.

hacking

Wasn't the problem these so called secret questions or security questions. I understood that all they needed to do was guess the answers to some secret questions, reset the password of an account and download the iCloud backup. These answers are extremely easy to guess if the victim is a celebrity. One could find that information on wikipedia even.

In that sense these accounts really weren't hacked. How can you break in if the front door is wide open.

I used the same technique to play a prank on friend maybe some 15 years ago. I can't believe people still use these idiotic "secret questions". Whenever I'm required to type in answers for these I just type in the same password.

Considering that twatnozzle Bono's spew to...

our devices that Cook, was too much of a wimp to stand-up against, I'll never trust him again. He just isn't competent if he lets douchebags screw over his company like that. Also, he intentionally didn't allow the release of a tool that worked to remove that attack on our devices so he continues to be clueless about this issue. He didn't allow Apple to release a working version of the SoI removal tool. My old college roommate works for Apple, and he said several eningeers are so pissed about being forced to release a nonworking version of the SoI attack undo tool that they're ready to quit Apple. That company used to be cool until they started allowing others to attack their customers and now they're screwing their engineers.

Bullshit

He never said what You claim He said.

False Headline

[Bob9113]

Tim Cook Says Apple Can't Read Users' Emails,

No he didn't.

Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form." [Cook] claimed if the government "laid a subpoena," then Apple "can't provide it." He said, bluntly: "We don't have a key... the door is closed." He reiterated previous comments, whereby Apple has said it is not in the business of collecting people's data. He said: "When we design a new service, we try not to collect data. We're not reading your email."

He said they cannot read iMessage and FaceTime, and they are not reading your email. That is a very important distinction. It might be one he was hoping you would miss, and you did miss it, but he did not say they can't access your email.

And I'm not blowing sunshine up his skirt. I came here intending to kick him in the balls (metaphorically, of course) for lying, but he didn't.

Pro-tip: If any system includes a password recovery mechanism that allows you to get back messages, then the administrator of the password recovery system can read your back messages.

Re:False Headline

[tlhIngan]

He said they cannot read iMessage and FaceTime, and they are not reading your email. That is a very important distinction. It might be one he was hoping you would miss, and you did miss it, but he did not say they can't access your email.

It makes sense really because he'd be lying if he said he can't access your email.

Because using me.com or icloud.com email? Well damn, that's standard email and I'm fairly certain even if Apple uses SSL, it's standard IMAP or POP protocols, and it's delivered to Apple in plaintext unless you externally encrypt.

Because if Apple could come up with a way to handle email that comes in plaintext and somehow fail to be able to read it, then it's a technology Apple could make money on selling to privacy advocates.

iMessage/FaceTime are Apple-designed and encrypted with user keys and other stuff. It's possible to design a protocol where Apple couldn't recover it even under threat of contempt because at no time is it in plaintext at Apple.

But email? Anyone who sais they can't read it is lying, not just Apple. Short of applying encryption on your message, as far as Apple is concerned, SMTP delivers messages in the clear, optionally wrapped in encryption just for transport. But forwarding it on to the right mailbox etc., it's plain text.

Re:False Headline

[praxis]

iMessage and FaceTime are technologies Apple designed and implemented, and they chose to do it in a different way than e-mail. E-mail uses a plain text protocol and is stored in plain text. While the transport can be encrypted, if one were to encrypt the data on the server it was stored on, one would use a symmetric key, and one would have access to that key. iMessage and FaceTime can be implemented using asymmetric keys and one would not need access to those keys. It makes sense if you as a company want to minimize how much data you hand over to a government: you let devices generate keys that your servers never see.

Middle

Can a man in the middle decrypt the iMessage or FaceTime streams ?

Inaccurate

Tim Cook says they "don't" read your email and "can't" read your iMessages. So presumably, they CAN read emails but choose not to do so.

Re:Inaccurate

[praxis]

Tim Cook says they "don't" read your email and "can't" read your iMessages. So presumably, they CAN read emails but choose not to do so.

Which makes sense as most email clients out in the wild don't encrypt messages, so even if Apple were to encrypt messages stored on the server, they'd be doing it with *their* key, not the users (unless the user used S/MIME or PGP or GPG or what have you). If they want to interoperate with other email providers, they need access to the emails as that's how email works.

Subject & summary disagree

[Aaden42]

Article subject says, “email,” but TFS says, “iMessages.” Those are different things, and the security of them is handled very differently because the mechanism of access is very different.

Apple being unable to access emails is impossible since they must deliver them in plain text to plain-old IMAP clients that don’t support decryption or key storage.

Apple being unable to access iMessage contents is plausible. My understanding of the protocol is something like this:

Alice starts texting Bob’s phone number. Alice’s iDevice contacts Apple’s servers to see if Bob’s phone number is registered with iMessage. If not, Alice’s device sends a plain-old SMS. If it is, Alice’s device receives a list of public keys for each of Bob’s registered iDevices. Alice’s iDevice encrypts the message with a session key, then encrypts that session key to each of Bob’s public keys. Her device transmits the encrypted message to Apple’s servers which then transmit it to each of Bob’s devices as they become accessible. Each of Bob’s registered devices can use its private key to decrypt one of the encrypted session key blocks, then use that to decrypt the message.

The private key to decrypt session keys never leaves Bob’s device. The session key never travels in the clear outside Alice’s or Bob’s devices. Apple can retrieve sender/recipient info (ye olde metadata), but no message contents.

The one gotcha to all of that is that since Apple controls all SSL certs involved in the process, they could MitM attack the process if they so-choose (or were so-ordered). There’s no certificate pinning or checking implemented, so Alice’s iDevice has no way of knowing if the public keys it retrieved for Bob’s iDevices might also include an extra key held by Apple or LEO.

Assuming Apple is compelled to intercept messages from Alice starting at a particular date, messages sent before that date at rest on their server should remain secure (unless they’re lying and are currently MitM or escrowing keys). New messages sent while the MitM was active could be decrypted and provided to LEO. Whether or not they’re performing an MitM at present should be detectable by analyzing the traffic during new device registration or sending messages — IE if Alice checks the keys received and confirms them all with Bob manually (jailbreak most likely required). If they don’t match or there’s an extra key, something’s wrong.

There’s an in-depth protocol analysis of iMessage here: http://blog.quarkslab.com/imes...

Scroll to the bottom for the tl;dr on that analysis. That post also includes proof of concept software to check for an active MitM attack, at least on iMessage for Mac.

tl;dr: Apple is in a trusted position where they could intercept message on a per-user basis if compelled to do so, but the general case of iMessage working as intended leaves messages encrypted on their server with keys they don’t have. I’m not aware of any way that Apple could perform that attack in an undetectable fashion, though performing that detection is well beyond the ability of most users.

Re:Subject & summary disagree

Doesn't this invalidate public keys since you should only use the key if its on your list of keys that you got from a trusted friend.

Re:Subject & summary disagree

[Aaden42]

You’re thinking Web of Trust type public key architecture like PGP/GPG tend to use. That’s a good model among people who know each other well and trust each other (as well as trust each other’s ability to verify keys properly), but it doesn’t scale all that well. It also requires users to do much more work to distribute and verify keys.

iMessage uses a certificate authority model. You delegate all trust to the third party authority (Apple in this case) who you trust to do the work of verifying that keys belong to whom they claim to. Instead of restricting your keys to a list of trusted friends you’ve manually verified, you trust that any key which Apple has signed and provided to you (and hasn’t revoked) was originally provided to Apple by someone who had the user’s iCloud password. It’s a big step up in terms of usability since you don’t need to do the key exchange dance with every person you want to iMessage, but there are significant trade-offs in terms of security.

On the whole (and LEO meddling notwithstanding), Apple’s system does a reasonable job in its role as a CA. You need a user’s iCloud password to provide new keys to the system. As an unfortunate number of famous people recently discovered, relying on password authentication has some limitations, but it’s the best option widely available right now. In any case, the security is reasonably in the user’s hands (again, ignoring LEO for the moment) — you can choose to use long, complex passwords, and Apple will do the RightThing(tm) with them.

The vulnerability in relying on a certificate authority is that they are much more susceptible to coercion by other parties (IE law enforcement). In a Web of Trust model, someone would need to directly compel someone you trust to either turn over their private keys or furnish you with compromised keys that they claim to be safe to use. That must be done on a per-user basis, so requires much more work for LEO to surveil any large number of users. On the other hand, Web of Trust is more susceptible to non-LEO blackmail scenarios. To coin a movie plot, “Here’s a photo of your daughter’s school. Provide this key to all of your trusted confidantes if you want her to get home safe.”

With a certificate authority system, the CA likely has less skin in the game in terms of the security *your* particular messages, and also has significant legal exposure in terms of assets and criminal sanctions. There’s also no possible claim of 5th Amendment protection. The CA can be compelled to produce vulnerable certificates that will appear to come from the surveillance target. They can (technically) do this for a single user or provide the root signing keys allowing LEO to directly produce such certificates without additional involvement from Apple. They can also be legally gagged to prevent them from disclosing this has happened.

The strength in the iMessage implementation is that each iMessage client should be furnished with a complete list of the recipient’s keys and that Apple can’t decrypt messages with the key material it should normally have. That falls apart when Apple is compelled to generate MitM keys for LEO, but there are technical avenues available for detecting that in most cases (unanticipated key change). Those checks essentially degrade back to a Web of Trust model where users must manually authenticate keys with the owner. Most users aren’t savvy enough to perform these checks, and the iMessage infrastructure on iOS devices makes it impossible to do this in-situ without jailbreaking the device. It should be possible to write something that would impersonate an iMessage client and perform the check, but of course if Apple detected the impersonated client, they could provide a different set of certs to that client, defeating the ability to check them.

All told, iMessage is much better than other options available. By design,

Possible to store encrypted email?

[gnasher719]

Hi everyone, maybe someone more clever than me can figure this out: Could it be possible for Apple (or any other company) to store emails in an encrypted form so they can be delivered to me, but cannot be read by the company?

Let's say my email address is gnasher@icloud.com and my password is "Password" You are sending me an unencrypted email (no S/MIME) and it is received by Apple's email server. No matter how encrypted Apple stores the data, when I request my email, Apple has to send me the unencrypted email.

Now let's say Apple creates a public/private key pair for my email address and hashes the private key with my password; that happens the very first time that I ever read any email from their server. From then on, every email intended for me gets encrypted with the public key. Now if someone tries to read my email (for example I myself), they need to send the email address and the password to Apple's email server. Apple uses the password to try to unhash the private key, decrypts the email, and sends it to me.

If Apple never stores my password, they can't read my emails. Of course whenever they decided at time X they want to read my mails, they could read any emails received after time X, or as soon as I tried to download emails again with my password.

Questions;

1. Would that work, technically?
2. Would that work, legally? If Apple got a subpoena, they wouldn't be able at that point to give anyone my emails. Could they be forced to deliver all emails they receive on my behalf after receiving the subpoena, or all emails that I download after receiving the subpoena, or all stored emails once I requested delivery of emails?

Re:Possible to store encrypted email?

It is theoretically possible, but not practical.
As long as there is a password reset function, apple has to store the content in unencrypted form , or at least a form that they could decrypt.

If there is no password reset function, then if the password is lost, the content is also lost, forever.

Since people forget their passwords all the time, and they would be absolutely thunderstruck if their mail was lost forever, this just would never fly.

Re:Possible to store encrypted email?

[praxis]

Even better would be a system such as:

You generate a key pair, give Apple the public key. You manage your own private key.

Then, for each email:

Apple receives the email as plain text from another server (likely via SSL), encrypts it with your public key and stores it on their servers. When you connect to retrieve your mail they send you the encrypted blob that you decrypt via your private key.

Problems are this: first, Apple has a plain text copy of each email you receive and could be asked (nicely or forcefully) to record this somewhere before proceeding with encryption and storage. Second, replies are not encrypted.

Much better for users to manage their own keys and use S/MIME. That's what I do with my friends and Google (my email provider) never sees unencrypted messages from me to any of my friends and vice versa.

Re:Possible to store encrypted email?

[gnasher719]

Your suggestion is a protocol change, so that cannot be implemented without a change in the email client. But if we make such a change, then email senders could also implement the same change:

The sender could ask Apple for your public key. If Apple has your public key, it gives the public key to the sender, the sender encrypts the message with your public key, sends it to Apple who cannot read it, which sends it to you. Oh well, that's called S/Mime :-(

Re:Possible to store encrypted email?

[praxis]

Yes, but it's between your MUA and your server. S/MIME, as far as I know, does not do server-to-sender public key exchange. If I send a signed message to you, then you have my public key and can encrypt messages to me, yes, but you can't get my public key from the server.

Frankly, S/MIME is really the best solution available today. It works with gmail (not web-mail but using a MUA). Most MUAs support it. It's easy to get a free personal S/MIME keypair from a CA. Google, Apple or whoever you use for mail never sees your private key and can't read your messages.

Re:Possible to store encrypted email?

[Aaden42]

This is essentially what Lavabit implemented. The NSA’s response was to compel Lavabit to hand over their SSL private keys so that all traffic to & from their web server could be intercepted. The key material that protects the private key must at some point pass over the wire, and if you can decrypt all traffic in & out, you can compromise the system.

Lavabit chose to go out of business rather than comply.

Land of the Free indeed...

Big Deal after all...

... who wasn't hacked or hijacked by the U.S. government in our last 720 some days. (Left with sour feelings).

Laugh...

[koan]

http://www.wired.com/2014/09/e...

Yea for real

And of course you all like a bunch of sheeple believe the detritus that emanates from the apple orifice ..

Of course they can after all they agreed to assist the NSA ...

   

Smell my vagina!!!

Smell my vagina Tim Cook!!!!

Signed, Kate Upton

Hogwash

If someone forget their password, the messages are not lost for eternity. If they were truly stored in an unretrievable form (that required the user's password to unencrypt them), then a "password reset" would not work at all. The password protection is just used to authenticate the owner of the mail account. As long as you can get authenticated one way or another, the mail can be hacked. Since Apple has a password reset function, it would be trivial for apple on their own or on behalf of law enforcement to get access to emails. Maybe not accessible for apples customer service reps, but certainly their IT guys.

What's not said...

[DriveDog]

What did Cook not say? Did he bluntly say "we cannot read your mail"? Or did he just say "we don't have a key"? A general statement like "There is no way for us to read your mail or provide your mail to anyone else" would have more meaning. Reporters could ignore such statements, or at least every time they print one, point out how it could be misleading.

ok

I was satisfied and stopped at "Apple CEO Tim Cook insists that Apple doesn't read -- in fact, says Cook, cannot read"

BULLSH!T

BULLSH!T

Its not their business model

They are in the business of selling higher end devices. All of their competitors are in the business of selling data. The customer base they are after values privacy. Since they are not in the business of selling data, and their customers are willing to give money to them explicitly because they do not collect information, it only makes good business sense. He has stated elsewhere that they even try to limit how long data like messages is on their servers to prevent the NSA and police for asking for it.

They run a service breaking into devices for police. If you have the device and time you can brute force it.

There are other considerations as well...

https://threatpost.com/apple-c...

https://threatpost.com/researc...

Bulloney

Doesn't / can't... Give me complete control of my iDevice so I can lock Apple out so they can't access the device and I'll believe Cook.

Oh boy

[iamacat]

Think just for a second about how web email works, especially web e-mail that provides fast full content search. Or SMTP from outside systems. Can't read user's e-mail. Riiiight! Maybe with all open source client stack using public keys exchanged out of band.

Tim Cook...

- Moved all hardware production to China.
- Tries every trick to move all my data to the "cloud". (Sorry, no!)
- Morphed the Mac Platform from a content-producing tool to a content-consuming gadget. (Anyone remember iMovie or FCP?)
- Moved from PPC to Intel.
- Moved from Firewire to USB.
- Moved from matte screens to glossy.
- Moved from MBox to proprietary Mail.app format.
- Made the iPhone almost as big and ugly as an iPad.

Oh, but he is nicer to his employees than Jobs was.
And he says Apple doesn't read my mail.
And his farts probably have a lower carbon footprint than mine since he's a vegan or something....

Great guy, really!