Date: Wednesday, July 16th, 2014, 12:36
Category: iCloud, News, security
Apple looks to be overhauling its iCloud email service security by including end-to-end encryption for messages sent from me.com and icloud.com, according to new data from Google’s Gmail transparency effort and The Unofficial Apple Weblog.
The report suggests that at least 95 percent of the messages sent to Gmail from users of iCloud mail is now encrypted, just one month after Apple initially promised that such a change would be forthcoming.
Apple is using industry-standard Transport Layer Security, or TLS, infrastructure for the encryption. With TLS, both sending and receiving servers as well as the email messages themselves can be verified for authenticity, nearly eliminating the possibility of email being unknowingly intercepted by a third party.
Unfortunately, due to the nature of the public-key cryptography that underpins TLS, both parties must support the feature in order for messages to remain unreadable. Messages sent from iCloud to private mailservers without TLS support, for instance, will still be delivered unencrypted.
The move is the latest in a series of technical alterations and public statements from Apple designed to restore public confidence in the wake of allegations from NSA whistleblower Edward Snowden that the company had cooperated with the U.S. government. Most recently, Apple beat back accusations from Chinese state media that iOS’s location tracking functionality could be mined by foreign governments to reveal sensitive information or “even state secrets.”