Apple and iMessage Metadata (@samfbiddle, @theintercept)
Sam Biddle at The Intercept, “Apple Logs Your iMessage Contacts — and May Share Them With Police”:
Every time you type a number into your iPhone for a text conversation, the Messages app contacts Apple servers to determine whether to route a given message over the ubiquitous SMS system, represented in the app by those déclassé green text bubbles, or over Apple’s proprietary and more secure messaging network, represented by pleasant blue bubbles, according to the document. Apple records each query in which your phone calls home to see who’s in the iMessage system and who’s not.
Is this really news? Not for people versed in iMessage architecture, no.
While the first clause of The Intercept headline is true, the second is speculation, but likely also true. We know that law enforcement agencies routinely request data from Apple and other companies, and if Apple typically did not comply, we would probably have heard about it either from a government leak, or from Apple itself touting its principled stand on privacy. Remember, the FBI made a grand spectacle of Apple’s resistance to helping unlock the iPhone used by the San Bernardino shooter earlier this year, so it’s hard to believe they wouldn’t do it again if given another pretense (I use that word deliberately, since it appears the FBI’s long-term objective regarding encryption is to weaken it, an effort which will likely be restarted with another court battle).
When the case this past summer was reported in which authorities identified and arrested a torrent owner using, at least in part, iTunes purchase activity, I mentioned something that is widely known, “authorities can still determine a lot just by examining call, messaging, and other connection-related metadata and traffic analysis.” The logs mentioned in the article have this type of information, but if Apple decided not to share this data, it is very likely that government surveillance of network traffic could intercept it as it travels between a device and network routers and servers. Asking Apple for it would be much easier, though.