Apple has stepped up efforts to protect its iCloud customers, as the technology giant promised it would last month.
Apple now encrypts all inbound and outbound iCloud email, not just email sent between its iCloud users. That means Apple will encrypt all emails sent between @me.com and @mac.com email addresses and third-party email services.
Apple has yet to announce the change, but Google’s transparency website — which discloses the percentage of emails encrypted in-transit between Gmail and other providers — shows Apple’s new security measures are in place.
A report from German news site Heise.de asserts that Apple is using the RC4 encryption algorithm, which is less secure than other encryption methods, like AES encryption. The security community has a lot of problems with RC4, which was designed in 1987. Microsoft recommends disabling RC4 when possible. There is widespread speculation that the NSA can reliably crack RC4.
So, while more encryption is a step in the right direction for Apple, security-conscious folks may still want to stay away from iCloud email.