Exactly what iCloud data can be decrypted? I do not believe the backups can be decrypted by apple just like iTunes backup with a strong password cannot be decrypted.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Ahead of CES, Apple Puts Up Billboard Touting Privacy in Las Vegas
- Thread starter MacRumors
- Start date
- Sort by reaction score
Strengths?? You dont think they use your data for marketing purposes? I
No, this is actually what Apple does. See above. It's in their privacy policy.
[doublepost=1546711499][/doublepost]
They aren't an ad company like Google is. They were, with iAd, until nobody wanted to advertise on there because Apple wasn't giving them enough user data.
[doublepost=1546711608][/doublepost]
Backups aren't end-to-end encrypted. https://support.apple.com/en-us/HT202303
They can't end-to-end encrypt anything you'd need to access again after resetting your password without a device on hand. If a password reset capability is there, then Apple has a way in too.
This part on iMessage is also interesting. I hadn't seen it before.
Overall, I'm happy with Apple's stance. They're very clear about how they secure your data. They're clear that they can't feasibly prevent themselves from accessing some of it.
Last edited:
All of it.
Apple holds the crypto keys to your iCloud back ups and as long as they hold them they can be compelled to hand them over by law enforcement.
In the San Bernardino case Apple provided the FBI with the iCloud data from the iPhone 5c used by the shooter, the issue was they wanted the data on the phone also which was locked with a passcode, the code could not be brute forced as iOS can be set up erase the phone after ten incorrect passcode entries.
The only way to have fully encrypted iPhone back ups is to turn iCloud off and back it up encrypted to iTunes.
You guys are gullible if you think Apple isnt using your data to make money and marketing. Yes Google is a search engines that makes money with ads and things like that. But your android and data that used on Google services is actually encrypted.
"your android and data that used on Google services is actually encrypted" doesn't comfort me at all since Google has the key to all that, except the Android device itself. And many Android devices don't encrypt their data either. They were late to the game on that.
Google definitely collects more data too. Compare the privacy policies for Google Maps, Gmail, etc. Gmail literally says that they look at your emails to target ads at you. Google's ads give third parties the ability to track your browsing. If you think Apple does that, it's nothing but a conspiracy theory.
[doublepost=1546714442][/doublepost]
If an engineer at a big tech company blamed successful hacking on users specifying stupid passwords, I'd have him fired for blaming others for his bad decisions.
1. The servers shouldn't allow thousands of guessing attempts.
2. The signup page shouldn't allow weak passwords. This can be hard to enforce, but it ought to catch "123456" or anything in a human language dictionary.
3. It's called a "passWORD." People might think it should be a word. Most people in the world don't understand key entropy.
This is a moot point anyway. iCloud accounts were hacked because the passwords were already known to begin with, via phishing. Apple can attempt to mitigate that, but it's reasonable that some will succeed still.
Last edited:
You have a citation for decryption of icloud backups? Just curious.
[doublepost=1546714708][/doublepost]
So icloud backs are end to end encrypted. Interesting.
The iCloud backups are not end to end encrypted. That's how you're able to access your iMessage if you lose your password and devices. They store a spare key in the iCloud backup.
The support link shows shows end to end encryption by AES 128 bit encryption minimum for icloud backups. The question of whether apple can decrypt the backups is what is on the table.
One might be worse than the other, but the fact remains that Apple is a major player in the user data business .
And that includes sharing and trading data with third parties .
In recent investigations on FB , Google etc. Apple is always involved ; how else would the make their billions , selling iPhones ?
None of Apple's ads and claims have ever been about user data, only about the 'privacy' of not getting hacked by a pimply 12 year old .
It's marketing , and a deceptive play of words .
These tech companies all give data to third parties and apples privacy policy does mention it. For example, apple gives data to the third party cellular carrier. But other than that apple doesn't use your data for random ads. Apple says in it's privacy policy that they admit to using your data for app store recommendations and maybe other apple products.
If all google did was use my data to sell google services, I would have no issues.
I'm not sure what investigations you're talking about. How do they make their billions? They disclose that, and most of it is iPhones. You say they're secretly selling data, but I don't know what proof you have.
Also, the kid who hacked Apple didn't gain access to any user data. Yes, it was bad, but he only got some encrypted files. IMO the biggest threats to privacy aren't weak links in security but the ways your data can be collected, and Apple's platforms are the best about that. Anyone with a social network will inevitably leak data through some mishap, and Google joined that club to compete with FB.
Last edited:
just because apple doesnt make money from ads - apple isnt an ad-company. this is also the reason why they can use this market trick to play hero on this area. But... there is a big BUT that apple doesnt use when they are marketing them as a hero: they dont mention how developers use your data once you install an app from appstore. Bloomberg article was good about it.
You already lost when you showed you didn’t grasp hacking in your first post. Just stop digging. This second post basically says it’s your homebuilder’s fault you left your windows open when you went on vacation and got robbed.
The article is nonsense. It's all about how devs ask for access to data, then users grant it, then – oh no – the devs can do anything with the data. As if Apple could magically control information that's already been given. We haven't reached that milestone in quantum computing. Best quote:
It's called the entire permissions model they've built where apps have to ask for basically everything, whether the app was made by third party dev or Apple.
Last edited:
iCloud back ups are encrypted but Apple holds the keys to decrypt can and will decrypt them for law enforcement.
As with all things Apple the support document is creatively worded to imply that the data is encrypted and no has access to it.
Apple frequently provides iCloud data to law enforcement as broken down by cult of Mac here..
https://www.cultofmac.com/550689/apple-frequently-forced-to-give-customer-icloud-data-to-police/
They are/have even built a portal to facilitate requests for user data as per Business Insider
https://www.businessinsider.com/app...-data-from-users-full-letter-2018-9?r=US&IR=T
Apple gives you the ability to restrict what apps have access to. But you raise a good point and the same thing applies across the internet: to android apps, to other android phone manufacturers, to websites that you browse on your devices, etc.
Unfortunately apps have to be treated (or thought of) as hostile since you don't know if the developer has scruples. But that still doesn't negate that Apple Inc. is working to keep your data private and not use your data against you.
Yep, knew about the portal. Dinging apple as some have done, for providing information to law enforcement is a bit off-base. But for me, I wish there was an option to for a user input passcode for icloud backups, same as for itunes backups. (That's assuming the information in that article is accurate, don't want law enforcement to get your stuff, turn off icloud. But for the masses there is more downside than upside, imo.)
Depends what it is and how clear they are about what data is and isn't available. Apple is more careful about user data than most big tech companies but that isn't saying much. They're certainly very careful in their wording about this kind of thing.
"What happens on your iPhone stays on your iPhone" should read .. "What happens on your iPhone stays on your iPhone stays on your iPhone, as long as none of it is backed up to iCloud and then requested via the handy portal we made for them"
Doesn't sound as catchy on the billboard though.
What a disrespectful respond. Same respond Apple is giving to it’s customer base. In my opinion it’s past time to deliver and start listening to other opinions before it’s too late.
[doublepost=1546721351][/doublepost]
So true! It’s the new marketing mantra. Blackberry used it too when they felt the pressure.
The fact that the label "apple fanboys" are even mentioned, means your post is a stereotypical gross generalization.