It was recently reported that iMessage had caused a snag in the Drug Enforcement Administration’s ability to intercept text messages. Citing iMessage’s end-to-end encryption as the cause, the DEA stated that "iMessages between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider." On the surface, this seems reassuring to iMessage users that their conversations can’t be intercepted. But is it possible that we’re giving a little too much credit to the DEA when they say iMessages are “impossible to intercept”?
Security researcher Moxie Marlinspike reminded us that the government has had their snooping efforts stymied by less sophisticated systems. The message to be read here is not that iMessage can’t be cracked by the government. The context of the DEA letter seems to be that they were attempting to intercept text messages, noticed some messages missing, and realized it was iMessages that weren’t going through the carrier. Because iMessages go through Apple and are encrypted, the DEA was not equipped to intercept those messages.
With the current state of things, communication over iMessage is definitely a safer bet than SMS if you’re hoping for your communications to remain confidential. This doesn’t mean that the government is incapable of decrypting the messages, or that they won’t be able to acquire these messages from Apple with a warrant. iMessage is a wonderful system that greatly enhances messaging on iOS devices and is quite sufficient for the vast majority of users. But at the end of the day, if you’re dealing with extremely sensitive information such that you’re worried about the government intercepting your communications, your best bet will be looking for a system that doesn’t require you to blindly trust a third party with handling all of the encryption.