iHaters of the NSA, take note: it looks like iMessage has a security hole that rhymes with iCloud.
“If you can recover your recent iMessages onto a new iPhone – as I was able to do in an Apple store this afternoon – then Apple isn’t protecting your iMessages with your password or with a device key. Too bad. […]”
“The sad thing is there’s really no crypto to understand here. The simple and obvious point is this: if I could do this experiment, then someone at Apple could have done it too. Possibly at the request of law enforcement. All they need are your iForgot security questions, something that Apple almost certainly does keep. (Cryptography Engineering Blog)”
It looks like I will not be renewing my iCloud account now.
Fortunately I have Dropbox (to back up my media files) as well as Silent Circle for secure calling (SMS & voice).
Note: Silent Circle has launched apps for iOS as well as Android. Sadly they have no plans for either Blackberry or Windows Phone.
Although I’ll continue to use iMessage, I’ll no longer use it for private messaging as I suspect the NSA has already reversed engineered Apple’s iSecurity without the assistance of the robed masters in black (aka federal judges).
