Untappable Apple or DEA Disinformation?

Tech news site CNET has an interesting, but I suspect somewhat misleading, story today suggesting that text messages sent via Apple’s iMessage service—an Internet-based alternative to traditional cell phone SMS text messages—are “impossible to intercept” by law enforcement. Yet that is not quite what the document on which the story is based—an “intelligence note” distributed to law enforcement by the Drug Enfrocement Administration—actually says.

The DEA memo simply observes that, because iMessages are encrypted and sent via the Internet through Apple’s servers, a conventional wiretap installed at the cellular carrier’s facility isn’t going to catch those iMessages along with conventional text messages. Which shouldn’t exactly be surprising: A search of your postal mail isn’t going to capture your phone calls either; they’re just different communications channels. But the CNET article strongly implies that this means encrypted iMessages cannot be accessed by law enforcement at all. That is almost certainly false.

As cryptographer and computer scientist Matthew Green observes, there is a simple and intuitive way to test whether Apple (or any cloud storage provider) has the capability to access a user’s encrypted content stored in the cloud—as Apple’s iMessages are: The “mud puddle test.” If you slip in a mud puddle, destroying your iPhone (along with any locally stored encryption keys) and forgetting your passwords as a result of the bump on the head, can you still recover your data? Can you, for instance, log in from a Web browser, reset your password, and then restore your content to a new device? If you can—and with Apple’s iCloud services, you can—then the cloud provider must itself hold the keys to unlock that data. So iMessages may not be interceptable from a suspect’s cell carrier, but Apple has to be capable of handing them over when the authorities come knocking with a warrant. In fact, all Apple has to do is provide the cops with an appropriate authentication token and they should, in principle, be able to turn an ordinary iPhone into a de facto clone of the suspect’s own device—so that iMessages show up on the police phone in realtime just as the suspect receives or sends them.

In fact, there’s another big way in which iMessages should be much more convenient and useful to police than conventional text messages. As law enforcement has long complained, most cell carriers store ordinary SMS messages for a few days after they’re sent at most—and some don’t retain message content at all. That means police aren’t able to read through a suspect’s historical messages even if they obtain a search warrant—only new ones. Apple’s iMessages, however, are stored indefinitely—which is a lot more useful if you’re trying to investigate a crime that’s already occurred. That means cops should be absolutely overjoyed if drug dealers or other criminals start using iMessage instead of SMS.

Which brings us to the question of why, exactly, this sensitive law enforcement document leaked to a news outlet in the first place. It would be very strange, after all, for a cop to deliberately pass along information that could help drug dealers shield their communications from police. One reason might be to create support for the Justice Department’s longstanding campaign for legislation to require Interent providers to create backdoors ensuring police can read encrypted communications—even though in this case, the backdoor would appear to already exist.

The CNET article itself discusses this so-called “Going Dark” initiative. But another possible motive is to spread the very false impression that the article creates: That iMessages are somehow more difficult, if not impossible, for law enforcement to intercept. Criminals might then switch to using the iMessage service, which is no more immune to interception in reality, and actually provides police with far more useful data than traditional text messages can. If that’s what happened here, you have to admire the leaker’s ingenuity—but I’m inclined to think people are entitled to accurate information about the real level of security their communication enjoy.