iMessage no longer secure? New update shocks 2 billion users
Apple’s iMessage is considered to be a secured way of exchanging information, just like secret conversations in Telegram and Facebook Messenger, it is an end-to-end encrypted app that allows being absolutely sure that no lawmaker or any other agencies have any access to the content of conversations, even when there is allegedly discussing topics related to serious crimes, including child endangerment. But there is a reason to worry since everything is about to change.
However, everything may change soon. Apple’s latest iOS 15.2 beta introduces child safety plans which will monitor sent and received imagery in all the messengers including the encrypted ones in order to detect explicit content.
“Whatever Apple calls it,” EFF warned, “it’s no longer secure messaging… Its compromise on end-to-end encryption is a shocking about-face for users who have relied on the company’s leadership in privacy and security.”
According to the latest Apple’s iMessage update, such a plan is aimed to be enabled for children in a family group. It can be activated by an adult. Previously, the company planned to hide all the explicit content and warn over-13s. As for under-13s, Apple would immediately notify parents if the children ignored the warning and views explicit content anyway. However, the iOS 15.2 beta limits the monitoring process with an on-device warning for any age or minors.
The company claims that the update will not break end-to-end encryption apps. However, it looks like it is exactly what it does. With an on-device compromise, it becomes much easier to break the security of information in transit between devices.
Apple’s proposed iMessage update can basically run device-side AI to analyze content and then warn users if this or other content is identified. According to Apple, it can do this without breaching end-to-end encryption. However, it does exactly what lawmakers have been pushing for—pushing responsibility for policing content onto the platforms, rather than insisting on specific encryption backdoors.