You weren’t aware that Apple can turn over anything in iCloud to LE? If that bothers you, turn off iCloud. Easy-peasy. Of course with 2fa turned in, your iCloud contents are fairly safe these days unless you open them up yourself.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
EFF Calls on Apple to Let Users Encrypt iCloud Backups as Part of 'Fix It Already' Initiative
- Thread starter MacRumors
- Start date
- Sort by reaction score
This is why I think everyone should use iMazing or iTunes to do backups over wifi. The backup (encrypted) takes place every night when you charge your iPhone. It's awesome. I don't see the purpose of using iCloud for full device backups unless you don't own a PC or Mac.
Why do I think of the guy with a bitcoin collection that was worth $65 million, and when his computer crashed, he took out the hard drive the key was on, put it on the shelf -- anyway, he took the wrong drive, and through the right one away. Young man, not senile. Lost $65 million. If this is a "feature", it's one that will be used by the paranoid and the criminals. I'd much rather have a way of recovering my data. Cops can look through all they want, they're not going to find anything.
Yes, there is always a danger an of over-intrusive agency. But they can only be fought by the usual means of democratic protests and, you know, elections. Protecting the self and not supporting "the rule of law" is what happens in dictatorships. "I'm all right, Jack."
Yes, there is always a danger an of over-intrusive agency. But they can only be fought by the usual means of democratic protests and, you know, elections. Protecting the self and not supporting "the rule of law" is what happens in dictatorships. "I'm all right, Jack."
Apple could reduce such frivolous law suit by doing what AT&T does by requiring binding arbitration for end user complaints.
Simple solution that would allow users to still do a forgotten password, yet leave the dominion outside of whichever country the iCloud backup is stored. Allow the users to backup their encryption key to a 3rd party cloud (AWS, Azure, Google, etc, etc).
All companies have to comply with lawful access (it's the world we live in today) - but if the "forgotten password key" is stored in a 3rd party cloud that the primary backup provider has no knowledge of, then they can't foreclose that information.
(within iOS, that 3rd party cloud credentials / path could be held in the Secure Enclave of the device).
All companies have to comply with lawful access (it's the world we live in today) - but if the "forgotten password key" is stored in a 3rd party cloud that the primary backup provider has no knowledge of, then they can't foreclose that information.
(within iOS, that 3rd party cloud credentials / path could be held in the Secure Enclave of the device).
1-I was aware they can hand it over encrypted, but I was not aware they could de-crypt iMessages and hand it over. Whats the point of encryption then?
2-Are you saying Apple can't access your account if it has 2FA?
No, I'm saying others can't access your account with 2FA. I'm saying if you want to, you can disable icloud.
iMessages are end-to-end encrypted, so Apple can't provide in clear text.
Look here for what is end-to-end encrypted: https://support.apple.com/en-us/HT202303
I'm guessing late John Perry Barlow (RIP), founder of the EFF, would fully support and be proud of this demand.
Hopefully Apple, with all the bluster Cook has put forth regarding privacy lately, will adopt this policy.
Hopefully Apple, with all the bluster Cook has put forth regarding privacy lately, will adopt this policy.
Or use an option like Signal messenger that is both open source (ie verifiable) and includes true end to end encryption. Options like Signal don't rely on centralized servers and instead establish direct communication between the sender and receiver. I trust Apple over some other corporations (for now) but why place your trust in a for profit company when free and open source options are available?
so do I, but that's becomes counter-intuitive in some cases too. When you have encryption, its never an easy ride.
The problem with signal is inertia. My extended family numbers about 40 and mostly iphones. I personally don't care that the apple can turn over icloud information to LE with proper documentation.
If this is something that one wants to guard against, turn off icloud or use signal.