Obviously this system has limitations and entirely relies on your ability to trust Apple. But there's quite a few things to consider here:
* Text messages and most other chat protocols require that you trust multiple hardware vendors, multiple software vendors, and multiple telcos. By comparison, iMessage only requires that you trust a single company, Apple.
* As long as the operating system and messaging software is closed source, it would be impossible to eliminate the requirement to trust Apple anyway. If you really need serious security, you shouldn't be relying on any closed source third party systems, period.
* This is about as secure as it could ever get without requiring users to be educated about security principles. Given that iMessage is foremost a seamless alternative to text messages, it's difficult to imagine how they could make it more secure without compromising utility.
* The implementation details mean that any Government snooping must be done with Apple's knowledge, and will require the blessing of Apple's legal department. This might not be a particularly high bar to cross, but it does mean that Governments aren't running rampant, analyzing every message sent.
* The United States government isn't the only bad actor out there. The level of security appears to be extremely good against entities that hold no sway with Apple's legal team. It's also presumably impervious to a hostile network, or hostile foreign governments.
> * Text messages and most other chat protocols require that you trust multiple hardware vendors, multiple software vendors, and multiple telcos. By comparison, iMessage only requires that you trust a single company, Apple.
This is incorrect. It requires you to trust Apple, every company who operates a CA, every government who can compel any CA to mint a certificate (read: you trust the Turkish and Chinese governments), your IT department, and any hacker who has access to any of those. If you didn't install the patch this week, and for the last year and a half, it required you to trust everyone on every network segment you have ever connected to from any Apple device.
> * This is about as secure as it could ever get without requiring users to be educated about security principles. Given that iMessage is foremost a seamless alternative to text messages, it's difficult to imagine how they could make it more secure without compromising utility.
It could very easily be more secure. For example, certificate pinning would be a decent start. It could also allow users to view key fingerprints if they choose to. Many users wouldn't understand the purpose of that exercise, but at least the option exists. More paranoid users could enable warnings if a user's key changes. See also: Whisper Systems
> * The implementation details mean that any Government snooping must be done with Apple's knowledge, and will require the blessing of Apple's legal department. This might not be a particularly high bar to cross, but it does mean that Governments aren't running rampant, analyzing every message sent.
Incorrect, as explained above. There are attacks that do not require governments nor do they require any assistance or blessing from Apple.
> * The United States government isn't the only bad actor out there. The level of security appears to be extremely good against entities that hold no sway with Apple's legal team. It's also presumably impervious to a hostile network, or hostile foreign governments.
It's not impervious to hostile networks if those networks include your corporate IT network or if you have used it in the past year and a half on any network. Even with the latest patches, it is not impervious to hostile foreign governments. Check your browser's CA list and take a look at how many different countries are in there. For a more complete list, take a look at this: https://www.eff.org/files/colour_map_of_CAs.pdf
Every one of your objections relies upon the assertion that iMessage is vulnerable to certificate forging attacks. Do you have a citation? Has this been demonstrated, or is it theoretical?
Among other things, the system requires you to not only trust Apple, but the hardware of the device itself. In particular, the random number generator in the iPhone/iPad, since the keys are generated on the device.
* Text messages and most other chat protocols require that you trust multiple hardware vendors, multiple software vendors, and multiple telcos. By comparison, iMessage only requires that you trust a single company, Apple.
* As long as the operating system and messaging software is closed source, it would be impossible to eliminate the requirement to trust Apple anyway. If you really need serious security, you shouldn't be relying on any closed source third party systems, period.
* This is about as secure as it could ever get without requiring users to be educated about security principles. Given that iMessage is foremost a seamless alternative to text messages, it's difficult to imagine how they could make it more secure without compromising utility.
* The implementation details mean that any Government snooping must be done with Apple's knowledge, and will require the blessing of Apple's legal department. This might not be a particularly high bar to cross, but it does mean that Governments aren't running rampant, analyzing every message sent.
* The United States government isn't the only bad actor out there. The level of security appears to be extremely good against entities that hold no sway with Apple's legal team. It's also presumably impervious to a hostile network, or hostile foreign governments.