The NSA is apparently collecting and storing thirty petabytes of encrypted data per day and that’s likely to include every iMessage sent worldwide. When quantum computers arrive, they will be able to decrypt that data and some estimates put that future uncomfortably close. Real breakthroughs in quantum computing have been made the last year or two.
It’s good to see something is finally being done about that threat. I wouldn’t count on the NSA being the only people with the data either - it’s a goldmine and surely other governments are trying to gain access.
Cool. They can read my ten year old iMessages all they want.
Well good for you. Send them to me as well, I want to read your ten year old iMessages! No? Why not?
lol what?
The timing of this feels very odd given what happened a couple months ago with Beeper mini
Not really, the type of encryption used isn’t necessarily a barrier to interoperability.
Quantum computing is developing quickly, and is a threat to conventional encryption methods. There is a good chance we will see quantum computing break many forms of encryption used today in the near future. As such, most companies developing secure platforms are now embracing quantum-resistant encryption.
This isn’t necessarily (another) attempt to reinforce the walls around the iMessage garden, just Apple being proactive about a potential future security danger. Other messaging platforms will be doing the same, if they are not already.
Yeah and iMessage is used by shitloads of people for all kinds of sensitive stuff. A company like Apple absolutely doesn’t want to be in the headlines when the first salvo of quantum hacks start making the news. This is just them covering their ass.
I think this is one step in ongoing efforts to further enhance the security of iMessage and has nothing at all to do with random topics that the tech press happened to focus on. Contact Key Verification came out in October. Beeper Mini came out in December. One of the third-party security analyses Apple provided for this PQ3 enhancement is dated January 15. I think it’s pretty clear that PQ3’s development long preceded Beeper Mini.
The timing makes sense because Apple is already reworking their messaging software to prepare for RCS support.
They made the decision to rework Messages long before Beeper, but I’m sure that little episode gave them extra incentive to get work done faster.
There is no way they started working on this a couple months ago. It would have years of work.
Quantum or tell me that you fall in the pseudoscientific trap.
This is about them adding post-quantum encryption, which means encryption that could survive an attack using quantum computers.
This is computer science and mathematics, not pseudoscientific crap.
My sentence wasn’t that litteral. It’s pseudoscientific crap marketing. “Quantum security” isn’t “survive attacks using quantum computers”. It’s completely pedantic.
The issue with this usage is that the meaning of the words disappears.
“Quantum security” is a fairly widely accepted term in the industry and it has meaning.
Other terms with the same or similar meaning are quantum cryptography or post-quantum security.
https://www.ncsc.gov.uk/whitepaper/quantum-security-technologies
https://thequantuminsider.com/2023/07/17/quantum-security/
https://www.nomios.com/resources/what-is-quantum-security/
https://www.weforum.org/global_future_councils/gfc-on-cybersecurity/projects/quantum-security/
https://www.hashicorp.com/blog/quantum-security-and-cryptography-in-hashicorp-vault
https://blog.1password.com/passkeys-quantum-computers-encryption/
It’s my point. I never ever wrote the term doesn’t exist nor the term isn’t valid.