Saagar Jha
(replying to Saagar Jha)
@_tim______ @enefekt If someone said “our threat model is that an attacker has access to your iMessage conversations” and they went on to say “we think it’s hard for them to get a *specific* message from your phone, without exfiltrating all of them” you’d be go “wtf”
Saagar Jha
(replying to Saagar Jha)
@_tim______ @enefekt You’d think that was an awful threat model–attackers have access already! But that’s exactly what they’re starting from here. And mind you, their protection is “we think we’d find them if they did a broad attack” not “it’s technically infeasible to do this”