By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: February 24, 2024

Saturday, 24 February 2024

‘iMessage With PQ3: The New State of the Art in Quantum-Secure Messaging at Scale’ ★

Apple:

Historically, messaging platforms have used classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. All these algorithms are based on difficult mathematical problems that have long been considered too computationally intensive for computers to solve, even when accounting for Moore’s law. However, the rise of quantum computing threatens to change the equation. A sufficiently powerful quantum computer could solve these classical mathematical problems in fundamentally different ways, and therefore — in theory — do so fast enough to threaten the security of end-to-end encrypted communications.

Although quantum computers with this capability don’t exist yet, extremely well-resourced attackers can already prepare for their possible arrival by taking advantage of the steep decrease in modern data storage costs. The premise is simple: such attackers can collect large amounts of today’s encrypted data and file it all away for future reference. Even though they can’t decrypt any of this data today, they can retain it until they acquire a quantum computer that can decrypt it in the future, an attack scenario known as Harvest Now, Decrypt Later.

To mitigate risks from future quantum computers, the cryptographic community has been working on post-quantum cryptography (PQC): new public key algorithms that provide the building blocks for quantum-secure protocols but don’t require a quantum computer to run — that is, protocols that can run on the classical, non-quantum computers we’re all using today, but that will remain secure from known threats posed by future quantum computers.

A remarkably cogent layman’s overview of some remarkably advanced cryptography. Slots right in with two recent themes here at DF:

• iMessage is inarguably an advanced, wholly independent messaging platform. It speaks only to the ease-of-use of Apple’s Messages app — the only iMessage client — that so many people mistakenly think iMessage is merely SMS with different-colored text bubbles and higher-quality image and video attachments.

• Apple has good reasons not to allow unauthorized third-party clients like Beeper.

Neatest of all is that Apple is rolling out this upgrade to iMessage encryption in the next round of OS updates (iOS/iPadOS 17.4, MacOS 14.4, and WatchOS 10.4 — VisionOS isn’t mentioned in the post) automatically. iMessage users don’t need to do anything other than update their software, and their communications will use the new PQ3 encryption.

One hole in iMessage’s security story is old devices — those that can’t be upgraded to the latest OS. It’s great that Apple devices tend to be useful for years after they’re no longer capable of running the current OS, but that means that iMessage communication is only as secure as the oldest device in the chat. I’m pretty sure the only reason Beeper was able to work at all was exploiting loopholes that existed for supporting older devices.

Another hole remains iCloud backups, which, by default, continue to include iMessage message history using keys that Apple controls — which in turn means keys that Apple can, and does, use to turn over data to law enforcement when issued a warrant. Only using Advanced Data Protection are Messages backups encrypted using only keys stored only on your personal devices. But even amongst Daring Fireball readers — which I think is fair to describe as a savvy audience — only a minority have Advanced Data Protection enabled.

And even if you have Advanced Data Protection enabled, there’s no way for you to know whether the people you communicate with using iMessage have it enabled.

Nvidia Is Crushing It ★

Asa Fitch, reporting for the WSJ:

Chief Executive Jensen Huang described AI as hitting “the tipping point” and indicated demand for the computing power that underlies AI remained astronomical. “Demand is surging worldwide across companies, industries and nations,” he said.

That demand showed up in the company’s results Wednesday. Sales more than tripled in the company’s fiscal fourth quarter from a year earlier and are projected to do so again in the current period. Earnings surged more than eightfold. The results exceeded analyst expectations.

Shares in the company rose 9% in off-hours trading.

That’s a big move for a company with a roughly $2 trillion cap.

In addition to ChatGPT, a number of other popular AI products have started to hit the market in recent months, including digital assistants for coding and business from Microsoft. Nvidia has transformed itself in the space of three years from a company focused on chips that help videogames run faster to the red-hot center of the AI boom.

Sometimes a company is in the right place at the right time for a pivot/industry shift. Apple was doing great in the 2000s, with the iPod and the Mac (especially after the switch from PowerPC to Intel) — and then the iPhone happened. Nvidia was (and remains) undeniably the leader in high-end gaming video cards, but now, truly suddenly, their gaming business is dwarfed by their data center AI hardware business.

Do great work and great things tend to happen. Or in the words of Louis Pasteur, “Chance favors the prepared mind.”

Are Apple’s FineWoven iPhone Cases Shoddy? ★

Joanna Stern, in her weekly newsletter:

There it is, everyone. My iPhone 15 Pro Max’s FineWoven case after five months of use. The edges are peeling, the fabric is scratched up like an old CD and it’s browning like a rotten banana. I’ve been waiting for the CDC to show up at my house to declare it a biomedical concern.

Some of you will say: “JOANNA! How gross are you?” Others — those who bought this case for $59 when it came out in September — will likely say: “Yep. Same issues here.”

Apple made a big eco-friendly deal about the FineWoven case when it was announced alongside the iPhone 15 models in the fall. Replacing the company’s leather cases, Apple said this FineWoven material was “an elegant and durable new textile” and that it was made from 68% “post-consumer recycled content.” Admirable. Except nothing has been fine about the FineWoven case.

The accompanying photo is, in a word, gross. Personally, I like the feel of a new FineWoven case, and used one happily while on a trip to Orlando back in the fall (I like the additional grip of a case — any case — when I’m (a) sweaty and (b) using the camera a lot) but I’ve gone caseless almost the entire time I’ve owned my iPhone 15 Pro. I’ve generally gone caseless with all my iPhones, but even more so with the iPhone 15 Pro because I find the titanium so pleasantly grippy compared to the polished stainless steel of the iPhones X through 14.

But it really does seem, five months in, that FineWoven is a failure, durability-wise, compared to Apple’s previous leather cases. And I am repulsed by Apple’s FineWoven Apple Watch straps — I wish I’d bought a spare leather Magnetic Link strap while they sold them. Setting aside durability, I just find the FineWoven Magnetic Link straps to be cheap-feeling, but they cost $100.

If you own and have regularly used a FineWoven case, I’m running a poll regarding durability/satisfaction on Mastodon, Threads, and Twitter/X.

‘AirPods Extreme’ Was Considered as a Name for AirPods Pro ★

Joe Rossignol, with a fun little post at MacRumors:

In the months leading up to Apple announcing the AirPods Pro in October 2019, the company considered changing the name of the wireless headphones to AirPods Extreme, according to internal information obtained by MacRumors.

The name AirPods Extreme was floated by at least one member of Apple’s leadership team, but the company ultimately decided to move forward with AirPods Pro branding after many employees objected to the change, we have learned.

Apple’s matrix of product-name suffix adjectives — Pro, Max, Ultra, Extreme — usually makes sense, but occasionally doesn’t. “AirPods Pro” is clearly the right name for this product, though. Calling these small earbuds “Extreme” would make no sense side-by-side with AirPods Max. To me, at least, “AirPods Extreme” would be the name for over-the-ear headphones even better than AirPods Max.