Apple Makes iCloud Safari Bookmarks End-To-End Encrypted [Updated]

[MacRumors]

Apple has toggled end-to-end encryption for Safari bookmarks in iCloud, further expanding the type of user data that the company fully encrypts, offering the highest level of privacy and data protection.

Spotted on Reddit, an update to Apple's "iCloud security overview" page has indicated that alongside Safari tabs and history, Safari bookmarks are now end-to-end encrypted, meaning no one, not even Apple, can access users' saved Safari bookmarks. Based on the timing of the update, Apple likely did this change around the release of iOS and iPadOS 15. Apple didn't respond to a request for comment.

With Safari bookmarks now an added data point that's end-to-end encrypted, what remains not end-to-end encrypted is worth noting. iCloud backups, for example, are only protected using 128-bit AES encryption, alongside Photos, Reminders, Notes, and more. In recent months, Apple has come under pressure to make iCloud Photos and iCloud backups fully end-to-end encrypted, but the company has yet to make those changes.

Update Following our report from yesterday, Apple has updated its support page to indicate that Safari bookmarks are not actually end-to-end encrypted, and instead just protected using a standard "minimum of 128-bit AES encryption." While bookmarks remain not end-to-end encrypted, Safari Tab Groups now are.

Article Link: Apple Makes iCloud Safari Bookmarks End-To-End Encrypted [Updated]

 

[DinkThifferent]

*Looks over newspaper from comfortable chair*

They hadn't done that already?

 

[SirAnthonyHopkins]

Great, now just make Safari usable again after the latest update and the tab bar disaster please!


Sent from my Firefox.

 

[TFK.]

We need a higher option iCloud storage.. A 200GB to a 2TB is a big jump in cost.. We need a middle ground @Apple

 

[Sammy in SoCal]

“In recent months, Apple has come under pressure to make iCloud Photos and iCloud backups fully end-to-end encrypted, but the company has yet to make those changes.”

RIGHT. Because they’re still in a holding pattern to completely invade the privacy of those things. What’s it called again? CSCAM?

 

[thenewperson]

We need a higher option iCloud storage.. A 200GB to a 2TB is a big jump in cost.. We need a middle ground @Apple

Hopefully they tackle that paltry 5GB free storage since that's a more pressing need. I feel like 25GB would be good, though it'd make the 50GB option look worse, but then they're free to upgrade that too ¯\_(ツ)_/¯

 

[Danoc]

I can now bookmark infowars.com in peace. 😆

 

[Cybbe]

Fine. Now please find a way of encrypting iMessage in the cloud. That's where there are serious privacy implications as Apple, and by extension any government authority, has full access.

 

[contacos]

We need a higher option iCloud storage.. A 200GB to a 2TB is a big jump in cost.. We need a middle ground @Apple

Indeed! That jump is ridiculous, not only in unnecessary storage for me but also the price jump is crazy. Its an increase by almost 5. 500 GB would last me another 5+ years. 3,99 EUR option. Thanks!

Also so much troubleshooting and wasted work force hours could be avoided if the backup would at least fit. 5 GB is not it. So many people are simply too cheap to upgrade their storage and then complain and demand their lost data to magically be restored, leading to long arguments for the support staff. If anything, make it 5 GB per Device. Link another device to your iCloud account? Here is another 5 GB of storage

 

[Ritsuka]

Fine. Now please find a way of encrypting iMessage in the cloud. That's where there are serious privacy implications as Apple, and by extension any government authority, has full access.

iMessage in the cloud is already end-to-end encrypted. But you have to disable iCloud Backup to avoid storing the encryption key on iCloud (all these info are in the iCloud white paper on the Apple website anyway)

 

[cyanite]

RIGHT. Because they’re still in a holding pattern to completely invade the privacy of those things. What’s it called again? CSCAM?

No, not because of that. That form of scanning would work regardless of whether the content is afterwards end-to-end encrypted.

Fine. Now please find a way of encrypting iMessage in the cloud.

Well, iMessage in the cloud is already end-to-end encrypted...but: If you also use iCloud backup, a copy of the key is included in that backup. And the backup isn't end-to-end encrypted.

 

[sdz]

We need iCloud drive / backup e2e encrypted. So I can throw away my local NAS.

 

[_Spinn_]

This is a good move though I’m surprised this wasn’t already a thing.

 

[sinoka56]

No, not because of that. That form of scanning would work regardless of whether the content is afterwards end-to-end encrypted.


Well, iMessage in the cloud is already end-to-end encrypted...but: If you also use iCloud backup, a copy of the key is included in that backup. And the backup isn't end-to-end encrypted.

You need to make sure that the other party also doesn't use iCloud backup.

 

[matrix07]

We need a higher option iCloud storage.. A 200GB to a 2TB is a big jump in cost.. We need a middle ground @Apple

Agree. 1TB at $4.99 would be quite popular.
I’ll go Apple One Premiere route in a few months anyway.

 

[polyphenol]

Hopefully they tackle that paltry 5GB free storage since that's a more pressing need. I feel like 25GB would be good, though it'd make the 50GB option look worse, but then they're free to upgrade that too ¯\_(ツ)_/¯

I don't mind paying for 50GB.

But I'd prefer the option to pay once a year instead of every month.

 

[nikusak]

“In recent months, Apple has come under pressure to make iCloud Photos and iCloud backups fully end-to-end encrypted, but the company has yet to make those changes.”

RIGHT. Because they’re still in a holding pattern to completely invade the privacy of those things. What’s it called again? CSCAM?

You are totally wrong.

In-device CSAM check (which is done only if you use iCloud Photos) is the only way for us to have fully encrypted iCloud Photos.

Google, Microsoft, etc. check your files against known illegal material by comparing hashes too - but they do it in the cloud, and that requires that your files are unencrypted in the cloud at the time of hash calculation.

There is no way to do the check in the cloud if iCloud is fully encrypted. So, checking the hash in the device when uploading is the way to go.

Why does Apple have to do this?

Because everybody else does it and it’s likely that there is also US/EU level legislation coming which requires cloud providers to keep illegal porn out.

 

[cute-ladybug-2019]

Good news, thanks Apple. And please fix bugs.

 

[JippaLippa]

I hope reminders and notes will be made fully encrypted soon, especially the latter, as notes can include quite sensitive information.

 

[korowa.tarig]

The latest update has made Safari unusable .. many have had to take it off their machines as it has become a security risk.
I've never had an Apple application crash my machine before this.
First rule of management Tim, everything is your fault. Steve wouldn't have allowed this dodgy upgrade to get released.
For a company that charges top dollar for security and privacy.. this is very disappointing.

Sent via Brave

 

[zapmymac]

I really wish “notes” was E2E as a whole. I know you can lock each note individually though, bouncing between 1password and “notes” is not efficient

 

[heystu]

I hope reminders and notes will be made fully encrypted soon, especially the latter, as notes can include quite sensitive information.

It hadn't ever occurred to me that Notes wasn't encrypted! Will have to start thinking more carefully about locking them...thanks!

 

[Mac Fly (film)]

And then they scan your phone. Amirite?

 

[nikusak]

And then they scan your phone. Amirite?

Yes, if you use iCloud Photos.

Which one do you prefer:

a) In-device hash check (it’s NOT image recognition) and fully encrypted iCloud

or

b) No in-device hash check but having the check done in iCloud instead which means that you can’t have fully encrypted iCloud.

?

 

[antiprotest]

I want my photos end to end encrypted.