Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iCloud Backups Not as Secure as iOS Devices to Make Restoring Data Easier
- Thread starter MacRumors
- Start date
- Sort by reaction score
It's been well known that your security goes out the door when you backup to iCloud. I'm fine with that feature, I just wish Apple gave us more control over what gets backed up to iCloud. For instance, if I could disable iMessages from being backed up to iCloud, then I would be a happy camper. Why Apple doesn't enable that feature is beyond me.
for some reason i always had it enabled even though i never used it cuz it takes forever to restore from compared to a local copy so this gave me finally a reason to disable and delete it
Funny thing is the terrorists destroyed their personal phones but not this iPhone. i wonder why...... Hmmmmm.....
Could it be that is was common knowledge to all the employees where this terrorist worked that all communications on their work iPhone was tracked by MDM? I have a work iPhone and I know even if I turn off my iCloud backup the MDM my company uses tracks EVERYTHING I do on it.
Cloud = your data on someone else's hard drive. Everything else is just hype.
If an MDM can track 'EVERYTHING' that happened on that phone, why are we all debating this? Clearly there is no such MDM, and if you credit the nut-job with flawless intelligence (as most do when it suits them), he would have known this.
[doublepost=1456987958][/doublepost]
But not changing the password immediately would have allowed a potential accomplice to access and change evidence in the account. Allowing that would have been incompetent too, wouldn't it? Sure they did things in the wrong order but who knows what time pressures they were working under or what their suspicions were at the time.
I won't be surprised and actually expect we will see an improvement in iCloud security perhaps along the lines of SpiderOak. Right now my biggest issue with iCloud as a backup is size. It's functionality is marginal and not worth the cost to go larger.
[doublepost=1456990363][/doublepost]
This is what I currently do. Backup to an encrypted drive and that has a Cloud copy. (Not iCloud)
[doublepost=1456991338][/doublepost]
SBC did not have MDM active on that device. If they had, they could have unlocked the suspect iPhone easily.
[doublepost=1456993890][/doublepost]
With The MDM on my company issued devices they can at anytime remotely lock it and change the passcode.
With The MDM on my company issued devices they can at anytime remotely lock it and change the passcode.
Last edited:
You could just back your crap on your home NAS, it would be a pain in the butt to keep track of since there is no third party whole device backup software on IOS, but doable I guess if you're really that paranoid.
Some people don't seem to quite understand what "secure" means.
Your data is secure if nobody can illegally get access to it. As long as Apple makes sure that no rogue employee can access your data in iCloud, and makes sure that no hackers can break into their iCloud servers, your data is secure.
"Secure" doesn't mean "secure from a legal search warrant". In the case of the iPhone passcode, that is just a side effect of how the passcode is implemented. Your iPhone passcode must be secure even if your phone is stolen by some criminal, and is under complete control of the criminal. Apple can keep criminals away from iCloud, they can't keep criminals from stealing your phone, so the phone must have higher security in itself.
[doublepost=1456995609][/doublepost]
[doublepost=1456995812][/doublepost]
And Apple has backups of iCloud. They can find out what was on iCloud two days ago, even if you delete evidence now.
[doublepost=1456995974][/doublepost]
(That's not the case if you use email encryption, but very very few people do).
[doublepost=1456996046][/doublepost]
Your data is secure if nobody can illegally get access to it. As long as Apple makes sure that no rogue employee can access your data in iCloud, and makes sure that no hackers can break into their iCloud servers, your data is secure.
"Secure" doesn't mean "secure from a legal search warrant". In the case of the iPhone passcode, that is just a side effect of how the passcode is implemented. Your iPhone passcode must be secure even if your phone is stolen by some criminal, and is under complete control of the criminal. Apple can keep criminals away from iCloud, they can't keep criminals from stealing your phone, so the phone must have higher security in itself.
[doublepost=1456995609][/doublepost]
If you didn't want Apple to be able to access the data, then they couldn't be in the cloud. You'd have to store the encryption key safely by writing it down on a piece of paper that you keep in your wallet or with your phone, then type it in on the other phone.
[doublepost=1456995812][/doublepost]
So you think the killer was stupid enough to have incriminating information on his phone, stupid enough to let it make backups to his iCloud account, and clever enough to give his username / password to an accomplice to wipe out evidence? That's ridiculous.
And Apple has backups of iCloud. They can find out what was on iCloud two days ago, even if you delete evidence now.
[doublepost=1456995974][/doublepost]
Emails are encrypted in transit (unless you are really careless), but the contents of the email has to be unencrypted. Of course the email server would hopefully store all emails in an encrypted form to prevent hackers from accessing them, but the email server would have the encryption keys, and would be able to decrypt every email.
(That's not the case if you use email encryption, but very very few people do).
[doublepost=1456996046][/doublepost]
They could, but obviously there would be nothing on interest on the phone in that case. It's very unlikely there is anything of interest anyway. But nobody told the company they had an employee who was going to kill 14 people. If they had been told, they wouldn't have put MDM on his phone, they would have handcuffed him to his chair.
Last edited:
Apple have already given them all the iCloud back up data they have. The data only goes up to between 2-6 weeks before the attack (depending on the source you read). Nobody knows why the phone stopped backing up in the weeks leading to the attacks. It's entirely possible that the attacker turned off iCloud backups. Anyhow Apple told the FBI to take the phone to a known wifi connection (attackers home or work) and try and force the phone to do an iCloud back up. Apple would then have given this information to the FBI. However it then emerged that the county reset the iCloud password on the instruction of the FBI. Now the only way to get the phone to do an iCloud back up is to enter the new password on the phone and of course they can't do that because the phone is locked and they don't know the password.
It's debatable if the phone even has any useful information on it considering that it was the attackers work issued phone and that prior to the attacks the attacker and his wife destroyed their personal phones and a laptop.
It doesn't surprise me that the iCloud data is less secure as we had the celebrity nude pictures hacking scandal not so long ago.
Apparently not in this case, but if you have a works phone, your employer could at any time tell you: "Good news, we are replacing your phone with a better one. Could you give me the old phone with the passcode". As a terrorist with a list of all terrorists hiding in the USA on your works phone, what would you do then? Obviously that list wouldn't be on your works phone.
[doublepost=1456996712][/doublepost]
I'm quite sure that was a case of people guessing AppleIDs and passwords. For example, if you knew who I am, and you gathered lots of information about me, you could figure out two out of three components of my AppleID password. (But it would be difficult, and the third component is safe). There are lots of "celebrities", including lots of young, good looking, female minor "celebrities". Some have good passwords, some don't. You can find out lots of information about them just through Google. So if Z-lister Cindy has a dog named Baby you probably find that on her website, then you try "cindylovesbaby" as the password and chances are you are in. Maybe only 5 percent are _that_ stupid, but that's enough to get lots of nude pictures. Plus consider personal assistants who can be bribed.
Two factor authentication helps with that, but again that requires the person to be clever. And of course it _is_ less convenient.
Last edited:
Hillary , is that you ?
[doublepost=1456997878][/doublepost]
iMessages are backed up to iCloud, but they are encrypted with the devices internal UID key (using AES-256) before being sent up to the cloud, so they can only be restored to the same device.
They can't be restored to a different device (well they can, but they would just be gibberish)
Thus, the whole flaw of the cloud is exposed.
I recommend that everyone turns off their iCloud backups on all devices and only uses iTunes to make encrypted backups. I don't believe that Apple will ever make iCloud secure, though I would love to be proved wrong.
I raised this issue a few days ago, and am pleased to see MacRumors highlighting the significance of the iCloud problem.
I recommend that everyone turns off their iCloud backups on all devices and only uses iTunes to make encrypted backups. I don't believe that Apple will ever make iCloud secure, though I would love to be proved wrong.
I raised this issue a few days ago, and am pleased to see MacRumors highlighting the significance of the iCloud problem.
Uncheck your "Backup to iCloud" if you must. Save your backups to your computer. The law has access to the backups with a warrant only. They also can call up your cell company and get your complete itinerary, a record of phone calls, etc, by identifying themselves as police officers and paying a charge. When it's used to catch a murderer, great. Is this what bothers people? There's a juggling act here. If I present my super-secret key to Apple in the event of a complete failure of my phone and my memory, I can be completely restored to the last backup. A phone that's completely secret, and leaves no data behind, has no ability to connect to what is called "a phone network." You can, of course, talk to your selfie, if you don't mind talking to a fool. A thief who takes your phone cannot learn about you or withdraw money from your bank. If he's quick and has heard of a Faraday cage, he can wipe the phone first and ship if off to another country and sell it. Carry insurance and get a new phone, secure in the knowledge that a phone thief probably doesn't have supercomputers and hundreds of computer PhDs trying to find out who your friends are.
I'm saying a professional investigator, investigating a spree killing, wouldn't rule something out because it seems a bit irrational. That's what internet amateurs do when they want to defend a POV. People's behaviour, down to these little details, cannot be predicted.
[doublepost=1457005585][/doublepost]
Great. But you said the MDM on the killer's phone could track 'EVERYTHING' he did with it. Why do the FBI need Apple to open up the phone if this is the case?
I think you mean Micro SD.
Either way, it would still be easier to hack, slower and less reliable than internal storage.
I doubt Apple will ever make iCloud backups more secure. It presents them with too much of an opportunity for an iTime Capsule you can buy to replace all your networking hardware in your home at the low cost of a bazillion dollars, which you can then back up via the cloud to. So an iCloud like backup but to your own network server. Lightning fast backups and restores on a local network and one more thing - YOU hold the encryption key.
The author of the article should get some facts first.
If the FBI know the account password then there is absolutely no reason Apple need to decrypt anything. The FBI can just log into the account & restore the backup to any device.
Well done MacRumors.
If the FBI know the account password then there is absolutely no reason Apple need to decrypt anything. The FBI can just log into the account & restore the backup to any device.
Well done MacRumors.
Yes and no. One reason an iPhone is so hard to decrypt is that the actual data on the SSD storage is encrypted with a password that is generated by combining the user passcode with a hardware password that cannot be read. Thus if you were to dismantle an iPhone and hook up the SSD part to a computer, brute-forcing this combined password is impossible in a human's lifetime. Which is why the FBI has to brute-force the iPhone password using the CPU and OS running on the iPhone (because only the built-in CPU has access to this otherwise unreadable second password).
Your iCloud backup however, if you want to be able to use it to restore it to a different phone, is 'only' encrypted using your user passcode (it might be encrypted by another stronger password server-side but that second password has to be known to Apple).
The few times I really needed a backup to restore a device I was not close to my local machine and happy to have the remote backup to restore from. I make a local prior to phone replacement or a major update but in general I use the cloud for convenience. I hear everyone on the security points, I agree its less secure to use the cloud vs local but I have known this all along. Cloud backups are not for security they are for convenience. I choose the later at this point.
Devil's advocate time-
I use iCloud backup. I only use it as a "safety net" and last resort for restoring in the event my phone is stolen or damaged. iCloud is a convenience things for me. It takes too long to restore all my photos/videos and the like from the cloud. If I need to update or do something to my phone, I do a locally encrypted backup to iTunes. I do this also, once a month.
While telling people to turn off iCloud backups and only iTunes for backing up, there is still one big flaw here. Most people DO NOT have File Vault turned on. Which, renders this all null and void. Also, most users have no clue how to turn on the encryption feature for iTunes backup. You and I know exactly where it is but most users do not. Nor do they have the capacity to remember the password that it asks them to setup if the event they need to restore. I can't tell you how many times users forget their password. Once you forget it, you cannot get it back. On the flip side, you can choose to store it in your keychain. Again, it makes the "encrypted backup" null and void if you don't have File Fault turned on.
Long story short - non techies have no clue the different types of backup or encryption they have available to them.