Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
You've accused people of being deliberately misleading in this thread yet the bold part of your post is misleading also.

Apple can and will provide iCloud data to law enforcement. Lets be very clear on that.
Exactly what iCloud data can be decrypted? I do not believe the backups can be decrypted by apple just like iTunes backup with a strong password cannot be decrypted.
 
Kudos to Apple for cleverly exploiting their strongest feature.

And so true in comparison. :rolleyes:
 
It's a clever play on "What happens in Vegas, stays in Vegas."

I think it's smart of Apple to promote one of its strengths compared with the other big players. I'm always astounded at the number of consumers who don't pay attention to their own privacy and the use of their personal information. Perhaps this ad will get the attention of some of them.

Strengths?? You dont think they use your data for marketing purposes? I
 
  • Like
Reactions: barmann
That's what Android friends like to say. With privacy/security, however, Apple has entire future fields of development, so I don't think they're as stupid as you'd expect them to be.
No, this is actually what Apple does. See above. It's in their privacy policy.
[doublepost=1546711499][/doublepost]
Strengths?? You dont think they use your data for marketing purposes? I
They aren't an ad company like Google is. They were, with iAd, until nobody wanted to advertise on there because Apple wasn't giving them enough user data.
[doublepost=1546711608][/doublepost]
Exactly what iCloud data can be decrypted? I do not believe the backups can be decrypted by apple just like iTunes backup with a strong password cannot be decrypted.
Backups aren't end-to-end encrypted. https://support.apple.com/en-us/HT202303
They can't end-to-end encrypt anything you'd need to access again after resetting your password without a device on hand. If a password reset capability is there, then Apple has a way in too.

This part on iMessage is also interesting. I hadn't seen it before.
Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn't stored by Apple.

Overall, I'm happy with Apple's stance. They're very clear about how they secure your data. They're clear that they can't feasibly prevent themselves from accessing some of it.
 
Last edited:
Exactly what iCloud data can be decrypted? I do not believe the backups can be decrypted by apple just like iTunes backup with a strong password cannot be decrypted.

All of it.

Apple holds the crypto keys to your iCloud back ups and as long as they hold them they can be compelled to hand them over by law enforcement.

In the San Bernardino case Apple provided the FBI with the iCloud data from the iPhone 5c used by the shooter, the issue was they wanted the data on the phone also which was locked with a passcode, the code could not be brute forced as iOS can be set up erase the phone after ten incorrect passcode entries.

The only way to have fully encrypted iPhone back ups is to turn iCloud off and back it up encrypted to iTunes.
 
  • Like
Reactions: ipponrg and fairuz
No, this is actually what Apple does. See above. It's in their privacy policy.
[doublepost=1546711499][/doublepost]
They aren't an ad company like Google is. They were, with iAd, until nobody wanted to advertise on there because Apple wasn't giving them enough user data.
[doublepost=1546711608][/doublepost]
Backups aren't end-to-end encrypted. https://support.apple.com/en-us/HT202303
They can't end-to-end encrypt anything you'd need to access again after resetting your password without a device on hand. If a password reset capability is there, then Apple has a way in too.

This part on iMessage is also interesting. I hadn't seen it before.


Overall, I'm happy with Apple's stance. They're very clear about how they secure your data. They're clear that they can't feasibly prevent themselves from accessing some of it.

You guys are gullible if you think Apple isnt using your data to make money and marketing. Yes Google is a search engines that makes money with ads and things like that. But your android and data that used on Google services is actually encrypted.
 
You guys are gullible if you think Apple isnt using your data to make money and marketing. Yes Google is a search engines that makes money with ads and things like that. But your android and data that used on Google services is actually encrypted.
"your android and data that used on Google services is actually encrypted" doesn't comfort me at all since Google has the key to all that, except the Android device itself. And many Android devices don't encrypt their data either. They were late to the game on that.

Google definitely collects more data too. Compare the privacy policies for Google Maps, Gmail, etc. Gmail literally says that they look at your emails to target ads at you. Google's ads give third parties the ability to track your browsing. If you think Apple does that, it's nothing but a conspiracy theory.
[doublepost=1546714442][/doublepost]
Some would. Those that abhor ever taking personal responsibility for their actions. And instead go through life whining and blaming others for their bad decisions and the consequences that result.

Seems to be a lot of that going around.
If an engineer at a big tech company blamed successful hacking on users specifying stupid passwords, I'd have him fired for blaming others for his bad decisions.
1. The servers shouldn't allow thousands of guessing attempts.
2. The signup page shouldn't allow weak passwords. This can be hard to enforce, but it ought to catch "123456" or anything in a human language dictionary.
3. It's called a "passWORD." People might think it should be a word. Most people in the world don't understand key entropy.

This is a moot point anyway. iCloud accounts were hacked because the passwords were already known to begin with, via phishing. Apple can attempt to mitigate that, but it's reasonable that some will succeed still.
 
Last edited:
All of it.

Apple holds the crypto keys to your iCloud back ups and as long as they hold them they can be compelled to hand them over by law enforcement.

In the San Bernardino case Apple provided the FBI with the iCloud data from the iPhone 5c used by the shooter, the issue was they wanted the data on the phone also which was locked with a passcode, the code could not be brute forced as iOS can be set up erase the phone after ten incorrect passcode entries.

The only way to have fully encrypted iPhone back ups is to turn iCloud off and back it up encrypted to iTunes.
You have a citation for decryption of icloud backups? Just curious.
[doublepost=1546714708][/doublepost]
No, this is actually what Apple does. See above. It's in their privacy policy.
[doublepost=1546711499][/doublepost]
They aren't an ad company like Google is. They were, with iAd, until nobody wanted to advertise on there because Apple wasn't giving them enough user data.
[doublepost=1546711608][/doublepost]
Backups aren't end-to-end encrypted. https://support.apple.com/en-us/HT202303
They can't end-to-end encrypt anything you'd need to access again after resetting your password without a device on hand. If a password reset capability is there, then Apple has a way in too.

This part on iMessage is also interesting. I hadn't seen it before.


Overall, I'm happy with Apple's stance. They're very clear about how they secure your data. They're clear that they can't feasibly prevent themselves from accessing some of it.
So icloud backs are end to end encrypted. Interesting.
 
You have a citation for decryption of icloud backups? Just curious.
[doublepost=1546714708][/doublepost]
So icloud backs are end to end encrypted. Interesting.
The iCloud backups are not end to end encrypted. That's how you're able to access your iMessage if you lose your password and devices. They store a spare key in the iCloud backup.
 
The iCloud backups are not end to end encrypted. That's how you're able to access your iMessage if you lose your password and devices. They store a spare key in the iCloud backup.
The support link shows shows end to end encryption by AES 128 bit encryption minimum for icloud backups. The question of whether apple can decrypt the backups is what is on the table.
 
Google definitely collects more data too. Compare the privacy policies for Google Maps, Gmail, etc. Gmail literally says that they look at your emails to target ads at you. Google's ads give third parties the ability to track your browsing. If you think Apple does that, it's nothing but a conspiracy theory.

One might be worse than the other, but the fact remains that Apple is a major player in the user data business .
And that includes sharing and trading data with third parties .

In recent investigations on FB , Google etc. Apple is always involved ; how else would the make their billions , selling iPhones ?

None of Apple's ads and claims have ever been about user data, only about the 'privacy' of not getting hacked by a pimply 12 year old .
It's marketing , and a deceptive play of words .
 
One might be worse than the other, but the fact remains that Apple is a major player in the user data business .
And that includes sharing and trading data with third parties .

In recent investigations on FB , Google etc. Apple is always involved ; how else would the make their billions , selling iPhones ?

None of Apple's ads and claims have ever been about user data, only about the 'privacy' of not getting hacked by a pimply 12 year old .
It's marketing , and a deceptive play of words .
These tech companies all give data to third parties and apples privacy policy does mention it. For example, apple gives data to the third party cellular carrier. But other than that apple doesn't use your data for random ads. Apple says in it's privacy policy that they admit to using your data for app store recommendations and maybe other apple products.

If all google did was use my data to sell google services, I would have no issues.
 
One might be worse than the other, but the fact remains that Apple is a major player in the user data business .
And that includes sharing and trading data with third parties .

In recent investigations on FB , Google etc. Apple is always involved ; how else would the make their billions , selling iPhones ?

None of Apple's ads and claims have ever been about user data, only about the 'privacy' of not getting hacked by a pimply 12 year old .
It's marketing , and a deceptive play of words .
I'm not sure what investigations you're talking about. How do they make their billions? They disclose that, and most of it is iPhones. You say they're secretly selling data, but I don't know what proof you have.

Also, the kid who hacked Apple didn't gain access to any user data. Yes, it was bad, but he only got some encrypted files. IMO the biggest threats to privacy aren't weak links in security but the ways your data can be collected, and Apple's platforms are the best about that. Anyone with a social network will inevitably leak data through some mishap, and Google joined that club to compete with FB.
 
Last edited:
  • Like
Reactions: Morgenland
But other than that apple doesn't use your data for random ads.

just because apple doesnt make money from ads - apple isnt an ad-company. this is also the reason why they can use this market trick to play hero on this area. But... there is a big BUT that apple doesnt use when they are marketing them as a hero: they dont mention how developers use your data once you install an app from appstore. Bloomberg article was good about it.
 
  • Like
Reactions: 9081094
Whatever, the iCloud backups were compromised and data stolen.... And who's to say it's never gonna get hacked or compromised in some way in the future. You can't.

You already lost when you showed you didn’t grasp hacking in your first post. Just stop digging. This second post basically says it’s your homebuilder’s fault you left your windows open when you went on vacation and got robbed.
 
just because apple doesnt make money from ads - apple isnt an ad-company. this is also the reason why they can use this market trick to play hero on this area. But... there is a big BUT that apple doesnt use when they are marketing them as a hero: they dont mention how developers use your data once you install an app from appstore. Bloomberg article was good about it.
The article is nonsense. It's all about how devs ask for access to data, then users grant it, then – oh no – the devs can do anything with the data. As if Apple could magically control information that's already been given. We haven't reached that milestone in quantum computing. Best quote:
If Apple wants to truly be an advocate for consumer privacy, it could take the lead in building a better system—one that lets its customers more directly control who has their data
It's called the entire permissions model they've built where apps have to ask for basically everything, whether the app was made by third party dev or Apple.
 
Last edited:
  • Like
Reactions: I7guy
You have a citation for decryption of icloud backups? Just curious.
[doublepost=1546714708][/doublepost]
So icloud backs are end to end encrypted. Interesting.

iCloud back ups are encrypted but Apple holds the keys to decrypt can and will decrypt them for law enforcement.

As with all things Apple the support document is creatively worded to imply that the data is encrypted and no has access to it.

Apple frequently provides iCloud data to law enforcement as broken down by cult of Mac here..

https://www.cultofmac.com/550689/apple-frequently-forced-to-give-customer-icloud-data-to-police/


They are/have even built a portal to facilitate requests for user data as per Business Insider

https://www.businessinsider.com/app...-data-from-users-full-letter-2018-9?r=US&IR=T
 
just because apple doesnt make money from ads - apple isnt an ad-company. this is also the reason why they can use this market trick to play hero on this area. But... there is a big BUT that apple doesnt use when they are marketing them as a hero: they dont mention how developers use your data once you install an app from appstore. Bloomberg article was good about it.
Apple gives you the ability to restrict what apps have access to. But you raise a good point and the same thing applies across the internet: to android apps, to other android phone manufacturers, to websites that you browse on your devices, etc.

Unfortunately apps have to be treated (or thought of) as hostile since you don't know if the developer has scruples. But that still doesn't negate that Apple Inc. is working to keep your data private and not use your data against you.
 
iCloud back ups are encrypted but Apple holds the keys to decrypt can and will decrypt them for law enforcement.

As with all things Apple the support document is creatively worded to imply that the data is encrypted and no has access to it.

Apple frequently provides iCloud data to law enforcement as broken down by cult of Mac here..

https://www.cultofmac.com/550689/apple-frequently-forced-to-give-customer-icloud-data-to-police/


They are/have even built a portal to facilitate requests for user data as per Business Insider

https://www.businessinsider.com/app...-data-from-users-full-letter-2018-9?r=US&IR=T
Yep, knew about the portal. Dinging apple as some have done, for providing information to law enforcement is a bit off-base. But for me, I wish there was an option to for a user input passcode for icloud backups, same as for itunes backups. (That's assuming the information in that article is accurate, don't want law enforcement to get your stuff, turn off icloud. But for the masses there is more downside than upside, imo.)
 
Ah, the privacy card. I think it's turning into a euphemism for lack of any innovation and grossly overcharging for what's being offered. "Privacy" is now the 'it just works" for Apple fanboys.
 
  • Like
Reactions: 9081094
Yep, knew about the portal. Dinging apple as some have done, for providing information to law enforcement is a bit off-base. But for me, I wish there was an option to for a user input passcode for icloud backups, same as for itunes backups. (That's assuming the information in that article is accurate, don't want law enforcement to get your stuff, turn off icloud. But for the masses there is more downside than upside, imo.)

Depends what it is and how clear they are about what data is and isn't available. Apple is more careful about user data than most big tech companies but that isn't saying much. They're certainly very careful in their wording about this kind of thing.

"What happens on your iPhone stays on your iPhone" should read .. "What happens on your iPhone stays on your iPhone stays on your iPhone, as long as none of it is backed up to iCloud and then requested via the handy portal we made for them"

Doesn't sound as catchy on the billboard though.
 
You're quoting the experts from Bloomberg, right?
[doublepost=1546694418][/doublepost]
If you are 'average user' pls. stop talking. Because then you can only babble like a student in the schoolyard.
What a disrespectful respond. Same respond Apple is giving to it’s customer base. In my opinion it’s past time to deliver and start listening to other opinions before it’s too late.
[doublepost=1546721351][/doublepost]
Ah, the privacy card. I think it's turning into a euphemism for lack of any innovation and grossly overcharging for what's being offered. "Privacy" is now the 'it just works" for Apple fanboys.
So true! It’s the new marketing mantra. Blackberry used it too when they felt the pressure.
 
Ah, the privacy card. I think it's turning into a euphemism for lack of any innovation and grossly overcharging for what's being offered. "Privacy" is now the 'it just works" for Apple fanboys.
The fact that the label "apple fanboys" are even mentioned, means your post is a stereotypical gross generalization.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.