Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

FBI can now read your Apple email?

B

Bubble99

macrumors 65816
Original poster
Apple's "Hide My Email" isn't as anonymous as it sounds

Court filings show Apple provided the real address behind alias to the FBI

Federal investigators were able to trace an anonymous email sent using Apple's privacy feature Hide My Email back to its source after Apple provided the real iCloud address linked to the disguised sender, according to newly filed court records. The disclosure offers a rare glimpse into how Apple cooperates with law enforcement requests and what the company can reveal about data generated through its privacy tools. While the move aligns with Apple's longstanding compliance practices, the case highlights the limits of anonymity under the iCloud+ Hide My Email option.

 
Bubble99 said:
Apple's "Hide My Email" isn't as anonymous as it sounds

Court filings show Apple provided the real address behind alias to the FBI

Federal investigators were able to trace an anonymous email sent using Apple's privacy feature Hide My Email back to its source after Apple provided the real iCloud address linked to the disguised sender, according to newly filed court records. The disclosure offers a rare glimpse into how Apple cooperates with law enforcement requests and what the company can reveal about data generated through its privacy tools. While the move aligns with Apple's longstanding compliance practices, the case highlights the limits of anonymity under the iCloud+ Hide My Email option.

Click to expand...

It's private email, not anonymous. People conflate the two.
 
  • Like
Reactions: 01cowherd, Non-Euclidean, turbineseaplane and 7 others
Bubble99 said:
Apple's "Hide My Email" isn't as anonymous as it sounds
Click to expand...
The point of this service isn't to be anonymous, but rather to prevent tracking. If you use a different email for every service, it's harder for these companies that share data to tie you together. Also protects your real email in the case of data leaks.

I don't believe iCloud email is even encrypted, so there's really no protections against the government from Apple's email services.
 
  • Like
Reactions: BigMcGuire, Ericdjensen, MacCheetah3 and 3 others
iCloud is not a private storage service. It's a corporate-mediated storage service operating within legal frameworks that compel disclosure. Apple's marketing about privacy describes their commercial preferences, not their legal capability. Under sufficient legal pressure (which exists), they can and do disclose data.
 
  • Like
Reactions: rb2112
This isn’t news.

kitKAC said:
Has email ever been encrypted?
Click to expand...
No, not really. Modern versions of the protocols (can) have a secure connection, but encrypting the message itself is not part of the standards.

Post Office Protocol - Wikipedia

en.wikipedia.org en.wikipedia.org

Internet Message Access Protocol - Wikipedia

en.wikipedia.org en.wikipedia.org

Some services add a step/layer to encrypt messages and attachments. Although, because it’s not part of the foundational email protocols, the feature requires the sender and receiver to be using the same (or tightly cooperating) service provider(s).


This can also be implemented on a private corporate (workplace) email system.

kitKAC said:
If you don't have Advanced Data Protection switched on.
Click to expand...

iCloud data not covered by Advanced Data Protection​

Because of the need to interoperate with the global email, contacts, and calendar systems, iCloud Calendar, Contacts, and Mail aren’t end-to-end encrypted.
Click to expand...

Advanced Data Protection for iCloud

iCloud uses best-in-class security technologies and employs strict policies to protect user data.
support.apple.com support.apple.com
 
  • Like
Reactions: 01cowherd, PlayUltimate and BigMcGuire
Unless you work for a ‘top secret government agency’ or in a high risk field, i.e. Nuclear what do you have to hide from the FBI….. 😁. Your email would only be requested access if you are deemed to pose a threat or similar.
 
Bubble99 said:
What about Gmail are they encrypted?

I know proton email is encrypted.
Click to expand...
For Gmail users, only...
Available for: Work or school Gmail accounts

For a higher level of security, Gmail supports S/MIME. Imagine S/MIME as a locked briefcase and only you and your recipient have the keys so that:

  • When you send a message, you put it inside the briefcase and lock it with a unique key.
  • The secure mail carrier (S/MIME) transports the briefcase and can’t open it.
  • Only the recipient can open the briefcase with their matching key.
  • Even if someone intercepts the briefcase, they can’t open it without your key.
There are 2 key-management options for S/MIME:

  • Hosted S/MIME: Google securely manages a copy of your key. These messages are marked with a green lock icon
    WmzEOw364ngqLin-wCJv3HD08VRBhfjXKHy5QdOU0MHjvn_HFLocO85chSI3-9usUbU=w36
    , also known as enhanced encryption. Learn about hosted S/MIME.
  • Client-side encryption (CSE): Your organization holds the only copy of the key. Not even Google can open your briefcase. These messages are marked with a blue shield icon
    MhXzlz8GjmXOT6qJSrSQ1tCcXQVGHtczrTJl
    , also known as additional encryption. Learn about Gmail CSE.
Click to expand...

Learn how Gmail encrypts your emails - Gmail Help

When you send a message, Gmail uses encryption to help keep your message private and secure until it reaches the right person. Transport Layer Security (TLS): Standard protection for your emails
support.google.com support.google.com

The first part of Google’s documentation, including TLS, is a little deceptive.
www.beyondencryption.com

TLS Email Encryption, Explained

Learn the essentials of TLS email encryption, its benefits, limitations, and how to implement it effectively for secure email communication.
www.beyondencryption.com www.beyondencryption.com
TLS protects emails in motion between servers.

But it’s not true end-to-end encryption.
Click to expand...

Protection from Eavesdropping and Men-in-the-Middle​

Man-in-the-middle attacks are a global threat.

These attacks happen when a malicious actor intercepts and potentially alters the communication between two parties without their knowledge.

TLS makes emails unreadable during transmission.
Click to expand...
 
Last edited by a moderator:
The FBI is very welcome to read all my SPAM junk mail that I get daily…coz I don’t read it….. 😁
No matter how I set up rules to delete, they keep arriving (in my Junk folder though).
 
MarkC426 said:
The FBI is very welcome to read all my SPAM junk mail that I get daily…coz I don’t read it….. 😁
No matter how I set up rules to delete, they keep arriving (in my Junk folder though).
Click to expand...
Haha… Y-e-a-h. I think services like Hide My Email came way too late to the game. I do use it now, but a lot of the damage is already done, and I don’t really feel like starting completely over with a primary email address (i.e., abandoning my original Apple address). Seems like it would be a giant, tedious mess.
 
  • Like
Reactions: MarkC426
I tried to find layperson explanations:

P.S. As part of the software development program in college, we had an introduction to cryptography course. Cryptography is very fascinating, in my opinion.
 
Last edited by a moderator:
iCloud to iCloud mail is cryptographically signed. Gmail mail too. I don’t know if it works between iCloud and Gmail.

I believe that if you stay within iCloud or within Gmail domain it is end-to-end encrypted too.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back