I didn't lie about it. I was misinformed. I read an article that didn't expound on the details. They mentioned nothing about the 10 minute limit. Found a lot of articles explaining what you mentioned, though. Thanks for clarifying. And yes, crippling AirDrop's functionality is definitely not good.
Hiring lawyers or taking it to the supreme court won‘t prevent or recover the potential loss of government contracts. Apple has shown that they’re „flexible“ and working with governments when enough money is at stake.
…maybe government indeed doesn‘t require Apple’s keys anymore to access iCloud data.
Hi Apple Marketing. This is based on research and facts by security researchers.
Apple today announced the launch of an Advanced Data Protection feature that expands end-to-end encryption to additional data stored in iCloud, including iCloud Backup, iCloud Drive, Reminders, Notes, and more. With the launch of the feature, Apple's Craig Federighi did a quick interview with The Wall Street Journal's Joanna Stern to discuss the change, and other new security features that are coming in the future.
Federighi said that expanding iCloud end-to-end encryption took a long time to implement because Apple needed to "build toward the moment" and prove the technology.With end-to-end encryption expanding to most iCloud services, should an attacker get access to iCloud data, there would be no way to decrypt it. As a downside, it will prevent information from being accessible on iCloud.com, which is why it is an opt-in feature that can be enabled or disabled dependent on the level of security and convenience each iPhone user desires.
As for data recovery, Federighi explains that a person who has Advanced Data Protection enabled that loses access to their device and forgets their iCloud password would need to have established a recovery key or a Data Recovery Contact to get access to their content.Advanced Data Protection will not allow law enforcement officials to access data like iCloud backups or photos, something that is possible now with unencrypted iCloud backups. When asked if Apple considered this when implementing Advanced Data Protection, Federighi basically said that the benefits outweigh the negatives as it provides protection to government officials who might be targeted by foreign adversaries.
Federighi said that rumors that iCloud backups were once scrapped because it would harm law enforcement investigations were untrue, and that the impact on law enforcement was not a consideration when implementing Advanced Data Protection. Federighi said the only way to keep customer data safe is to stay "one step ahead" of the attackers with features like Advanced Data Protection.
Federighi's full interview can be watched up above, and more information on Advanced Data Protection can be found in our dedicated article on the feature. Apple today also announced new iMessage and Apple ID security enhancements, and said that it had scrapped plans to detect known Child Sexual Abuse Material stored in iCloud Photos.
Article Link: Apple's Craig Federighi Discusses Expanded iCloud End-to-End Encryption
End to End encryption has always been in place. However, the storage space has not been encrypted. There is much talk on this forum about E2E, but it's actually the storage space being encrypted that is new. Not so long ago we had the CSAM (forget the name) issue where Apple wanted to move the scanning for bad images to devices, off of the servers - and in this way, it would become possible for Apple to encrypt their servers (Apple cannot scan their encrypted servers). This really makes me wonder if they have ended up with this scanning on devices after all - since Apple is required by law to scan their server data (so makes sense they are still doing it, though via the devices instead).
"Advanced Data Protection for iCloud will be available to U.S. users by the end of the year and will start rolling out to the rest of the world in early 2023"
Could it be that they are actually listing to feedback from their users....?
Government pressure is a good reason
I meant as a user why would you want your data encrypted if you didn't care about privacy.
I never said they got caught. Being caught implies they were doing something hidden. They were very open about scanning users photos. If someone is sorting through your files then it's not private at all. Regardless of the alleged reason.
Did they? I haven't read anything from Apple saying they decided not to go ahead with it. Maybe I missed something? As far as I know it's up and running on iOS 16 and maybe macOS?
It doesn't matter if it's encrypted in China. Guess who controls the iCloud servers in China...
You can’t as SMTP by default is not secure. You have to have both sides using additional software like PGP to have E2EE for mail.
Yes, I know. But they need to add PGP encryption options to Mail, the ability to send encrypted mail, and the inability for Apple to read Mail contents, headers, etc. like services such as ProtonMail ... is what I'm referring to. I know SMTP is not secure. But Apple needs to take Mail security to the next level if they are serious about encryption.
I think it’s a lot than just enabling Mail to use PGP. The fact that iCloud mail and I think ProtonMail allows a web-based mail access means that the email service provider has your email stored in server that could be decrypted. So while ProtonMail can claim secure email if done via client apps, I don’t think they can claim that when reading emails via their web-apps. I may be wrong here, but it doesn’t look like ProtonMail is as secure as you think it is. All the secure email stuff goes out the window if a copy of your email is stored in server when it can be read via the web app.
