User Tag List

  1. Akshay Masand's Avatar

    It has been announced recently that Apple will be creating an in-transit encryption solution for the email domains. This will give extra protection to iCloud customers sending and receiving messages from users on other providers. A statement released by NPR noted Apple’s initiative after they ran a report on the blogs looking at what big tech firms do to protect its users’ data privacy. The story was based on a survey company called Electronic Frontier Foundation. They asked big companies like Google, Facebook, Twitter, Apple, and AT&T about their encryption policy in their products. The firms were asked if they followed a five-step plan that EFF deemed safe that kept consumer data private. HTTPS, HSTS, STARTTLS, forward secrecy, and encryption of email is what EFF is looking for while in transit.

    Apple’s iMessage supports end-to-end encryption, however, their other text based methods are not as secure. Others who use Apple’s iCloud email service also receive similar iMessage protection, but only when conversing with other iCloud users. As of right now though, there are no encryption methods used for emails in transit between providers like Google.

    According to Apple:

    After we published, the company told us this would soon change. This affects users of and email addresses.
    Apple has yet to announce when they plan on releasing end-to-end email encryption with other service providers outside of iCloud. Google has already released specifics on who supports in-transit encryption and who do not. Their Safer Email transparency has shown that iCloud accounts are unencrypted. Apple has not made any statements as to when they plan on upgrading emails sending and receiving from those domains.

    Source: NPR, Electronic Frontier Foundation
    Last edited by Akshay Masand; 2014-06-14 at 07:40 AM.

    Twitter: @AkshayMasand
    2014-06-14 07:36 AM