Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
64,986
33,165


Apple today shared a study conducted by MIT professor Dr. Stuart Madnick that found 2.6 billion personal records were compromised by data breaches in the past two years. The study was commissioned by Apple, but the cover page says that the "conclusions and opinions expressed are exclusively those of the author."

Apple-advanced-security-Advanced-Data-Protection_screen-Feature-Purple.jpg

Apple provided an overview of the study in its press release:
The report illustrates that the historic threats to user data that saw the number of data breaches nearly triple between 2013 and 2022, compromising 2.6 billion records over the course of two years, are only getting worse in 2023. In the U.S. alone, there were nearly 20 percent more breaches in just the first nine months of 2023 than in any prior year. The target for cybercriminals was very clear, with a 2023 survey finding that over 80 percent of breaches involved data stored in the cloud. This is after attacks targeting cloud infrastructure nearly doubled from 2021 to 2022.
Additional details can be found in the study: "The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase."

Apple says the study's findings emphasize the need for end-to-end encryption, which iCloud already provides for 14 data categories by default. For users looking for additional protection, Apple offers an optional feature called Advanced Data Protection, which increases the number of iCloud data categories covered by end-to-end encryption to 23, including iCloud Backup, Notes, Photos, Voice Memos, and more."Bad actors continue to pour enormous amounts of time and resources into finding more creative and effective ways to steal consumer data, and we won't rest in our efforts to stop them," said Apple's software engineering chief Craig Federighi.

Article Link: Apple Promotes iCloud's Advanced End-to-End Encryption Feature as Data Breaches Increase
 

Unregistered 4U

macrumors G4
Jul 22, 2002
10,449
8,473
On the one hand, I’m inclined to trust Apple to have the best user data protections anyone could need.

On the other, I believe they’re so arrogant they would never disclose if a data breach actually happened.
They wouldn’t have to. Even Apple even has the appearance of a data breach (like customers pwning themselves by providing their login credentials to third parties) it would be EVERYWHERE news. Apple + “literally anything” = viral.
 

ChrisA

macrumors G5
Jan 5, 2006
12,827
2,029
Redondo Beach, California
End-to-end encryption works only for data that only the end-user of the phone or computer needs to see. It is great for keeping my iPhone backup private so Apple or anyone else can't see it.

But what if I want to order socks from Amazon? Amazon needs to know the size of my feet and where I want the socks delivered. There is no point in end-to-end encrypting the details of my order. This is why data breaches can't be fixed with such a simple solution. Sometimes we need to send information in a readable way.

This is not to say the problem is unsolvable but that a simple fix can't work. The solution still involves encryption but it will be encrypted multiple times and only in plaintext form while actively being used by an authorized agent. This is hard to get right but should be possible.
 

ChrisA

macrumors G5
Jan 5, 2006
12,827
2,029
Redondo Beach, California
So are there any drawbacks to enabling ADP?
Yes. If you forget the password the data is gone forever. There is no way to click "I forgot my password" and set a new one. If you are incapacitated your family will never be able to access the data. You would need to come up with some secure method of storing the key locally.

However, if you let Apple have the password, you can recover it if you somehow prove to Apple who you are. Apple's standard of proof is rather low but it is a compromise to usability.
 

NightfallOrchid

macrumors member
Feb 19, 2019
47
82
Does ADP perform worse depending on your geographic location?

I've tried turning it on several times. But it always causes a major slowdown when just browsing the Internet, sometimes to the point where I question if my internet connection has dropped entirely.

Is there some setting I've overlooked or is this how it's supposed to work?
That has nothing to do with ADP, which only encrypts the data in your iCloud. You’re probably thinking of Private Relay, which kind of works like a VPN, more or less.
For me iCloud Relay causes a negligible slowdown. For example, I just tried speedtest.net in my home WiFi and I got 440 Mbps with Private Relay turned off, and 420 Mbps when activated. That might actually be different depending on geographical location, though…
 

jaytv111

macrumors 65816
Oct 25, 2007
1,010
830
So are there any drawbacks to enabling ADP?
You need all devices to run a certain version of iOS, MacOS, and HomeOS, you can't have old devices on your account with outdated software.

If you lose all your login credentials and devices and recovery keys your account can't be recovered. With ADP off Apple can give your account back, so you have to be conscientious of the fact that you cannot lose everything and get your data back.
 
  • Love
Reactions: zapmymac

Unregistered 4U

macrumors G4
Jul 22, 2002
10,449
8,473
But what if I want to order socks from Amazon? Amazon needs to know the size of my feet and where I want the socks delivered. There is no point in end-to-end encrypting the details of my order. This is why data breaches can't be fixed with such a simple solution. Sometimes we need to send information in a readable way.

This is not to say the problem is unsolvable but that a simple fix can't work. The solution still involves encryption but it will be encrypted multiple times and only in plaintext form while actively being used by an authorized agent. This is hard to get right but should be possible.
There’s a particular section of all our lives that, as long as certain things like addresses are good to have public (so emergency services can arrive if needed), people and companies will count on the fact that the data is public. I think there are diminishing returns when the goal is to encrypt electronically that data which can readily be discovered non-electronically. Amazon may know the size of your feet and your address, but if you use something like Apple Pay, they don’t know the FAR more critical data which is your card number.
 

xpxp2002

macrumors 65816
May 3, 2016
1,196
2,849
This still doesn't work if you need iCloud for Windows, does it? If not, it's kind of a non-starter for me, and I'm sure a lot of other people.
It is supposed to. But I've had mixed results with my iCloud Drive and Photos getting out of sync on the Windows machine. I had to sign out on the PC and sign back in to get everything re-synced last week. Then again, that might just be Apple's lackluster support for Windows in general and not specific to ADP.

https://support.apple.com/en-us/108756

Requirements​

To turn on Advanced Data Protection for iCloud, you need:

  • An Apple ID with two-factor authentication.
  • A passcode or password set for your device.
  • At least one account recovery contact or recovery key. If you don't already have one, you'll be guided to set one up when you turn on Advanced Data Protection.
  • Updated software on all of the deviceswhere you're signed in with your Apple ID:
    • iPhone with iOS 16.2 or later
    • iPad with iPadOS 16.2 or later
    • Mac with macOS 13.1 or later
    • Apple Watch with watchOS 9.2 or later
    • Apple TV with tvOS 16.2 or later
    • HomePod with software version 16.0 or later
    • Windows computer with iCloud for Windows 14.1 or later
 
  • Like
Reactions: zapmymac

xpxp2002

macrumors 65816
May 3, 2016
1,196
2,849
Yes. If you forget the password the data is gone forever. There is no way to click "I forgot my password" and set a new one. If you are incapacitated your family will never be able to access the data. You would need to come up with some secure method of storing the key locally.

However, if you let Apple have the password, you can recover it if you somehow prove to Apple who you are. Apple's standard of proof is rather low but it is a compromise to usability.
No. You are forced to select a recovery contact or generate a recovery key when you enable ADP. You can recover the data yourself with that key or use your recovery contact to access the recovery key, which remains unknown to Apple.
 

killawat

macrumors 68000
Sep 11, 2014
1,961
3,608
ADP is a superb option. Some people may be put off by the cost of the hardware tokens required to secure the account but less than $100 to significantly improve the security of your account is a great deal. Make sure to get NFC tokens ! USB ones will work but NFC ones work much easier with iPhone.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.