Enable End-to-End Encryption for Your iCloud Backups

[Aeronauts]

On my Mac, and not synced to the cloud.

Couldn’t someone just hack into your computer? Is local storage any safer than cloud storage when we spend so much time connected online.

 

[Love-hate 🍏 relationship]

On my Mac, and not synced to the cloud.

I would think there are more chances of compromise on a Mac than on an iPhone tbh

 

[gank41]

Couldn’t someone just hack into your computer? Is local storage any safer than cloud storage when we spend so much time connected online.

It’s much easier for a hacker to gain access to lots and lots of people’s data at once as opposed to cherry picking data person by person.

 

[Avenged110]

The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar because of the need to interoperate with the global email, contacts, and calendar systems.

Lol I get it, but other than Reminders, Mail and Calendar are the only parts of iCloud I actually use.

 

[Aeronauts]

It’s much easier for a hacker to gain access to lots and lots of people’s data at once as opposed to cherry picking data person by person.

I don’t think there is much we can do to protect ourselves from large scale data breaches.

 

[Martin Bland]

Not everyone has your level of paranoia. None of the 10 things this encrypts do I care whatsoever if someone sees. I always wonder what people talk about when they chat on encrypted apps? Criminal activity? Sexting? What? Why does everything need to be encrypted? Some data needs to be encrypted for sure, but for most people, most of this doesn't need to be so having this ON by default, as you suggest, is not a good idea.

If you don’t care, please post it all here. We are curious to see what you don’t have to hide. It will be fun. And you have nothing to hide.

 

[gank41]

I don’t think there is much we can do to protect ourselves from large scale data breaches.

There is not. And most important data about most everyone has already been leaked. Just a matter of a hacker with the right information to piece it all together.

 

[AbSoluTc]

I just tried to activate it on my partner’s iphone and it tells me that she needs to update her Windows iCloud app to the newest version. Though it is already the newest at 15.3. I understand this should work with Windows as well she is on windows 11. Does anyone have an idea whats wrong here?

Same issue here. I uninstalled it for the time being and activated the protection. I went to set it back up on my Windows 11 machine but I can't do it remotely as I need to authenticate with my YubiKey. I'll try when home and update. See if anything I changed helps.

 

[FlyingDutch]

I keep absolutely nothing of interest on my phone, no passwords, no banking or payment apps, no social media, but still keep this enabled, as should everyone.

At this point, it should be on by default, with a slew of warnings and "are you sure?" click boxes before disabling.

I have some personal data on my iPhone, but i was surprised to know this is not on by default. I turned it on immediately.

Not everyone has your level of paranoia. None of the 10 things this encrypts do I care whatsoever if someone sees. I always wonder what people talk about when they chat on encrypted apps? Criminal activity? Sexting? What? Why does everything need to be encrypted? Some data needs to be encrypted for sure, but for most people, most of this doesn't need to be so having this ON by default, as you suggest, is not a good idea.

It is not paranoia. As of today you don’t know who is exploiting your data. Defaulting on is a good thing. There is no downside in keeping it on.

 

[chipchen]

So does this mean that when we restore from an encrypted iCloud backup we won't have to re-enter passwords for nearly every dang app/account again?

 

[FlyingDutch]

If you forget your password, or your account gets compromised, you are permanently locked out of you data without any chance of retrieval by Apple or otherwise.

Your Apple account is very hard to be compromised with a 2 factor authentication.

apple uses and sells all of your data. does it really matter?

No they don’t.
Apple is not Google or Meta.

 

[UnusedLoginID]

Great… unless you live in the UK …or China!

 

[TJFDenver]

My 2012 mbp retina 16/768 works great on the latest Mac OS release thanks to OCLP

 

[Trausner]

Same issue here. I uninstalled it for the time being and activated the protection. I went to set it back up on my Windows 11 machine but I can't do it remotely as I need to authenticate with my YubiKey. I'll try when home and update. See if anything I changed helps.

Please keep me updated on your progress. It seems like one needs to reset the iCloud app for windows and re sync everything. She has 2 TB of stuff on there…

 

[Sully]

If you forget your password, or your account gets compromised, you are permanently locked out of you data without any chance of retrieval by Apple or otherwise.

When I turned this on the system generated an encryption key that I saved with my important documents. My understanding is that this encryption key will give me access to my data if I forget my password.

 

[svish]

Good article. Have turned it on since the day it was made available. End to end encryption must be enabled by default.

 

[TVreporter]

So to use this properly, do all devices have to have an updated OS? If one doesn’t (like my older iMac), will it still work per se on the other devices?

 

[Sully]

So to use this properly, do all devices have to have an updated OS? If one doesn’t (like my older iMac), will it still work per se on the other devices?

Correct. All devices on the same AppleId must be on an updated OS - Sonoma or higher.

 

[jdawgnoonan]

I used advanced data protection, but the problem was that I also use Linux. Apple claims that one can access things like the iCloud Photos and other protected data by granting an exception, but there exception process does not work. Thus I turned the feature off.

 

[mjs916]

Is there any technical disadvantage of enabling advanced data protection, like slower data retrieval, etc?

Someone already answered about losing your recovery key. In addition to that, you no longer have access to the encrypted iCloud data at iCloud.com via a browser.

You can turn this access back on, for the devices signed into your account.

Apple’s Security site has a good explanation of how Advanced Data Protection works. I don’t think there are any noticeable drawbacks due to the encryption like sync speed, etc.


Lose your Recovery Key or fail to setup a recovery contact and you are locked out permanently. Apple cannot help you since the encryption renders all of your data a garbled mess to them.

 

[mjs916]

So to use this properly, do all devices have to have an updated OS? If one doesn’t (like my older iMac), will it still work per se on the other devices?

If I recall correctly, it refused to turn on for me until I removed an old device from my account. I was actively using this device so I decided against it.

I’m not sure if you can then sign back into the incompatible device after it’s enabled. Does anyone else know?

 

[FlyingDutch]

Someone already answered about losing your recovery key. In addition to that, you no longer have access to the encrypted iCloud data at iCloud.com via a browser.

You can turn this access back on, for the devices signed into your account.

Apple’s Security site has a good explanation of how Advanced Data Protection works. I don’t think there are any noticeable drawbacks due to the encryption like sync speed, etc.


Lose your Recovery Key or fail to setup a recovery contact and you are locked out permanently. Apple cannot help you since the encryption renders all of your data a garbled mess to them.

Yes, but you have TWO recovery options: the key (you can save it in two different locations, for instance) and the recovery contact (a relative ?). Losing contact with both is highly unlikely.

 

[one more]

Someone already answered about losing your recovery key. In addition to that, you no longer have access to the encrypted iCloud data at iCloud.com via a browser.

You can turn this access back on, for the devices signed into your account.

Apple’s Security site has a good explanation of how Advanced Data Protection works. I don’t think there are any noticeable drawbacks due to the encryption like sync speed, etc.


Lose your Recovery Key or fail to setup a recovery contact and you are locked out permanently. Apple cannot help you since the encryption renders all of your data a garbled mess to them.

Yes, that recovery key is a bad option to start with, IMO. I wonder if I could add myself as a recovery contact, as I have two phone lines on the same iPhone, however they share the same Apple ID, so not sure that would work. To ponder…

 

[thefrost]

This won't be for everyone but it's a good feature nonetheless.

 

[SBlue1]

Not everyone has your level of paranoia. None of the 10 things this encrypts do I care whatsoever if someone sees. I always wonder what people talk about when they chat on encrypted apps? Criminal activity? Sexting? What? Why does everything need to be encrypted? Some data needs to be encrypted for sure, but for most people, most of this doesn't need to be so having this ON by default, as you suggest, is not a good idea.

Even if you don't have anything to hide, your hacked data can be used to find another targeted person. A month ago there was a huge data breach of Volkswagen users across all Europe, and hackers were able to find a specific person working for a foreign embassy by simply narrowing down and excluding other open profiles until only one profile was left, the targeted person. So yeah I don't want my data to be used to refine a search.