Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Also several of the iCloud services are E2E encrypted and designed to withstand adversarial clouds. They talked about it at Blackhat.[1]

Doesn't help things like mail or photos, of course, but it is extremely notable in the China context for one big reason: it does E2E encrypt messages. WhatsApp was banned from China when they implemented this. Apple stands out in this way... although they're probably getting away with it because most Chinese don't use Apple Messages.

[1] https://www.youtube.com/watch?v=BLGFriOKz6U



I suspect that there might be undiscovered software differences between iPhones sold in China and those sold in other markets. The Flag of the Republic of China (Taiwan) is not present on iPhones sold in China. It shows up as a box with a question mark in it.


If you're implying they secretly disabled iMessage encryption for the China locale: No Friggin Way. That would be discovered and publicized instantly.


Not to venture into conspiracy theory territory but the fact that they have the capability in software to modify the phone's behaviour based on which country the device was sold in is concerning enough to me. The Chinese gov. can put pressure on these large multinationals that rely on China's workforce and those companies can't do a great deal about it other than comply.


Yeah but even if they use e2e, which btw was found to be flawed at the protocol design level by prof. Matthew Greene and his team, they also automatically back-up the messages to iCloud with no way to disable that without disabling the whole of icloud. It would sure be nice if they changed that.


This is categorically and demonstrably false. Backing up to iCloud is disabled by default, as is Messages in iCloud. Either can be enabled or disabled as desired with no ill effect on your device or the rest of iCloud usage.


iCloud backup is on by default.


No - setting up an iPhone from new doesn’t even require an iCloud account. If you set up iCloud it will enable backups, but even then you can disable them without disabling ‘all of icloud’ as GP claims.


The fact that iCloud is not required to activate does not change the fact that iCloud is on by default and iCloud backup is also on by default.


Can you elaborate on what you mean by "e2e was found to be flawed"? Is the paper available online?


Commenter probably meant this research[0].

[0] - https://blog.cryptographyengineering.com/2016/03/21/attack-o...


There is the option in Settings to disable storing Messages and Backups in iCloud.


...which does not affect the storing of Messages in device backups into iCloud.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: