Apple iCloud Azure use tested, confirmed

Last week, we posted some screenshots showing what appeared to be Apple’s new iCloud-backed iMessage using Azure (and Amazon) services for hosting. Since then, GigaOM ran the screenshots through three “cloud and networking experts at major companies” and the trio dismissed our claims.

Looking at the screenshots, it’s obvious Charles was used to dump iCloud traffic. Working with Within Windows blogger Rafael Rivera, we were able to set up a similar configuration with proper SSL sniffing capabilities — a set up that cloud and networking experts could have set up in minutes.

We sent an image from and to iPhones running a beta copy of iOS 5. The resulting traffic showed, quite clearly, the use of Azure services for hosting purposes. We don’t believe iCloud stores actual content. Rather, it simply manages links to uploaded content. (Caveat: iCloud is currently in beta, and details may change.)

A walkthrough of the transaction and a raw dump is available. (Because of the sensitive content passed back and forth, complete packet dumps cannot be made available.)

  • User attaches an image and clicks Send
  • Device connects to p##-content.icloud.com and asks for ‘authorization’
  • Device receives CDN Blob storage URL(s), keys (in this case, Azure)
  • Device connects to CDN Blob storage and uploads image as per instruction
  • Device connects to p##-content.icloud.com again and reports completion with metric data

While this session exclusively used Azure for CDN Blob storage purposes, we have seen Amazon use as well.

Update: We corrected an incorrect tie between Azure’s CDN and Blob storage. Thanks to a guest reader for pointing that out.