I was struck by this section of a report by Politico’s Eric
Geller involving the deletion of Secret Service messages
related to the January 6 insurrection at the U.S. Capitol:
The phone resets occurred as the Secret Service was implementing
a new mobile device management (MDM) platform, a technology that
employers use to centrally manage and preserve emails, photos and
other data stored on employees’ phones. Apple’s iMessages cannot
be backed up by this system, because they are encrypted and
stored on users’ devices, unlike regular text messages.
This explanation seemed off to me, because while iMessage data is
end-to-end encrypted in transmission and not stored by Apple as a
part of the transmission process, it’s not actually encrypted on
the device itself. Which is why iCloud backups, which are
unencrypted, can contain the entire contents of iMessage
conversations. [...] I ran it by Tom Bridge, Principal Product
Manager at JumpCloud and co-host of the MacAdmins
podcast, in the Six Colors Discord, and here’s what
he had to say.
Ever since this story about wiped Secret Service “text messages” has broken, it has annoyed me greatly to see them repeatedly referred to as “texts”. What type of text messages is essential to any understanding of the story. SMS messages are not encrypted in any way, and thus, one would hope Secret Service agents never send them in the line of duty. It seemingly turns out the deleted messages were sent using iMessage, which — as Bridge explains — is a different ballgame.