Hacker News: Dear Apple: Add "Disappearing Messages" to iMessage

Source URL: https://blog.cryptographyengineering.com/2025/03/01/dear-apple-add-disappearing-messages-to-imessage-right-now/
Source: Hacker News
Title: Dear Apple: Add "Disappearing Messages" to iMessage

Feedly Summary: Comments

AI Summary and Description: Yes

**Summary:** The text critiques the security features of Apple’s iMessage, specifically its lack of a disappearing messages feature which is standard in many other messaging apps. This oversight poses privacy risks as messages are stored indefinitely unless manually deleted, increasing the potential for unauthorized access. The post underscores the importance of privacy in messaging and makes a strong case for Apple to adopt features that safeguard user communications.

**Detailed Description:**
The blog post discusses the intersection of cryptography, privacy, and the need for better user communication security, focusing primarily on Apple iMessage. Key points include:

– **Job of Cryptographers:** The author emphasizes the practical application of cryptography in enabling secure communication rather than solely solving theoretical problems.

– **Concerns Among Federal Employees:** Many are worried about losing their jobs due to their online communications, highlighting how fears about privacy extend to even private messages.

– **iMessage Security Overview:**
– iMessage encrypts messages end-to-end, ensuring that Apple cannot read the messages.
– The system is designed to provide post-quantum security, assuring users against future threats from quantum computing.

– **Key Vulnerabilities:**
– iMessages remain on devices indefinitely unless deleted, which can lead to privacy breaches.
– The default iCloud backup setting stores iMessages, creating a permanent record accessible if a device is compromised.

– **Contrast with Other Messaging Apps:**
– Highlighting how competitors like WhatsApp and Signal incorporate disappearing messages, allowing users to have temporary conversations that self-delete after a set period.
– This feature enhances user confidence that sensitive discussions won’t linger on devices or in backups.

– **Apple’s Unique Position:** The post expresses frustration over Apple’s failure to implement disappearing messages, questioning the company’s priorities when focusing on features like post-quantum encryption while neglecting basic privacy needs.

– **Technical Notes and Recommendations:**
– Users can adjust the “Keep Messages” setting to reduce message retention but still need to be concerned about conversation partners retaining copies.
– Turning on Apple’s Advanced Data Protection can enhance the security of backups.
– Misleading advertising about iMessage’s security is critiqued, specifically about the implications of Messages in iCloud.

The article calls for Apple to align its features with industry standards for private communication, stressing that users deserve tools that genuinely protect their conversations. The implications for security and compliance professionals revolve around understanding the necessity for improving user privacy and the importance of effectively communicating these features to users, ensuring they can maintain secure communications within their organizations.