iMessage not working with Apple Native Protection
today I found iMessage unable to send a message while the Apple Native Privacy Protetion was on. After switching it off, it worked again.
It's is still in Beta phase, therefore reporting the bug...
19 replies
-
I’ve been using this feature since it was introduced and haven’t had any problems with iMessage
-
I have also been using this option from the beginning... more than a year now. Several iOS devices, tons of imessages... not a single problem.
-
Thanks, let me try it again - maybe it was "*icloud-content.com" which is pointed at/resolves to >> "*.content-storage-upload.googleapis.com" , as I had to put that on the allow list.
UPDATE: i just checked the logs, that is the problem and things are working now: "*.content-storage-upload.googleapis.com" - so if you want to use iMessage, you need to give your share of data to goog*le
-
I do not see that icloud-content.com would be resolved to content-storage-upload.googleapis.com.
Actually is an A record and not a CNAME.
Also I am not really sure (do not believe) that Apple would use G services for it.
-
I’m curious if you are outside the US. I recall a different problem with an Apple service and we found it was location dependent. Unfortunately I don’t recall the details, but I do recall the user seeing the problem was in Netherlands while I was in the US and did not see the problem here. We had a thread on Reddit. If you think this could be similar I can try to find it.
-
I am from EU. But if you check here https://dnschecker.org/#A/icloud-content.com (click any LOAD button on the page) the DNS servers all over the world reports the same... but, yes, I don't know from which IP (geo location wise) as a client this site is operating, so I can't be sure.
but I do recall the user seeing the problem was in Netherlands while I was in the US and did not see the problem here.
This is how CDN works.
What does a command line command return at your place?:
nslookup icloud-content.com
-
crssi You are right and I wrote it wrong - "icloud-content.com" does not resolve to it. While sending an iMessage it actually connects DIRECTLY to that Goo*gle service - see the screenshot. and after doing it again this morning, to make a screenshot for this forum, even more Goo*gle services.
Calvin Hobbes yes, I am in EU area.
I think it's time to also bury iMessage, after having burried Whatsapp already ;-) With other messengers this does not happen! Shame on Apple!
-
You are right. I can confirm it now, when blocking content-storage-upload.googleapis.com.
For now only when sending a picture, not for text or audio. Will keep an eye on it.
Crap.
-
crssi BM
Apple uses third part cloud providers, but all data is encrypted before arriving to their servers and the content providers do not have the key. They use them for storage. Google/Amazon have no way to access the data, so there is no reason to be concerned.
https://support.apple.com/guide/security/icloud-overview-secacde2d0da/1/web/1
Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk’s contents, with the keys using SHA-256. The keys and the file’s metadata are stored by Apple in the user’s iCloud account. The encrypted chunks of the file are stored, without any user-identifying information or the keys, using both Apple and third-party storage services—such as Amazon Web Services or Google Cloud Platform—but these partners don’t have the keys to decrypt the user’s data stored on their servers.
If you read into the iOS security guide, you will find that these providers are used for iMessage attachments while normal messages are still send through Apple's servers. Everything is End to End Encrypted.
Just because you see the word Google or Amazon does not mean it is the end of the world. Please think critically and find information before spreading rumors.
Content aside
- 3 yrs agoLast active
- 19Replies
- 401Views
-
4
Following