Reminder: the E2E encryption in WhatsApp and iMessage is backdoored, and cannot be trusted:
@ilumium if the device running imessage escrows the e2e keys to the same org as runs the imessage relay servers, using keys that are known to that org (i.e. icloud backup is not e2e, and backs up the imessage keys), then that's an e2e backdoor.
in an actual e2e system, you can't get message content without getting the endpoint keys from the endpoints. apple escrows the keys to icloud.
@ilumium the fbi doc says they can get content of messages. the endpoint escrows the e2e keys. the fbi can get content of messages because the e2e keys are escrowed. that's an e2e backdoor.
@sneak Okay fair enough, but doesn't that mean that it's rather iCloud that is backdoored? If Signal was part of an iCloud backup it would lead to the same outcome, right?
@ilumium iCloud and iMessage are fully integrated. All of the devices that run one run the other; they are released as a cryptographically assured monolith. For all intents and purposes they are the same.
@sneak I agree that both apps' security and privacy promises cannot be trusted but to say their e2ee is backdoored doesn't seem to be quite what the FBI document says, does it?