Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

kakkalla

macrumors newbie
Original poster
Jun 23, 2010
10
2
Melbourne
Hi there.

I use Sync.com for online storage of my documents. The reason is that all my documents sitting on their servers cannot be read by anyone including employees of Sync. This, according to them, is different to how Dropbox works and how iCloud works. They call this zero-knowledge storage. I'm not sure whether this is an industry wide term.

On their webpage, they state:

If you’ve got an iPhone, iPad or other Apple device you’ve probably unwittingly agreed to the iCloud terms of service which appears to give Apple the right to access your data at any time:

Apple reserves the right at all times to determine whether Content is appropriate and in compliance with this Agreement, and may pre-screen, move, refuse, modify and/or remove Content at any time …You acknowledge and agree that Apple may, without liability to you, access, use, preserve and/or disclose your Account information and Content to law enforcement authorities, government officials, and/or a third party, as Apple believes is reasonably necessary or appropriate.
While those office pizza party photos would most likely put Apple’s pre-screeners to sleep, the thought of Apple employees accessing and modifying mission critical business data in the cloud is unsettling. We love our iPhones, but we’d never use iCloud.

Is this true? Can Apple read my documents residing on their servers? I have extremely personal documents such as bank statements, health records etc like everyone else stored on iCloud.

If it IS true, it kind of defeats their claim that the user's privacy is of paramount importance to them.

Can someone please give me a definitive answer on this?

I look forward to your reply.
 
If you want to be more secure, don't backup to the cloud or use iMessage in the cloud. If you do use those two options, Apple can unlock data for law enforcement etc.
 
Yes, they can read your documents. iCloud Files are not end to end zero knowledge encrypted. People and the support docs will tell you that it's encrypted but all that really means is the files are encrypted in transit and at rest with a key that Apple has access to; many people think 'encryption' means only they have access to that information, this is simply not true.

iMessages, Health data, keychain passwords, etc. are all "end to end encrypted" but again Apple has a backup for those keys if you use iCloud backup.

Bottom line:

Using iCloud backup = Apple can ready literally everything if they so wanted
Not using iCloud backup = Apple can read everything except iMessages, health data, keychain, and a few other things

If it IS true, it kind of defeats their claim that the user's privacy is of paramount importance to them.

Can someone please give me a definitive answer on this?

I look forward to your reply.

Yes, it does defeat the purpose. Congratulations. You've just discovered that Apple's privacy stance is functionally speaking a marketing gimmick. If they so wished they could invest more time into seriously innovative zero knowledge encryption systems (or at the very least give users an option of iCloud backups that are end to end encrypted) but they don't because the average customer is content with the current privacy marketing campaign.
 
I used Cryptomator, but it messed a bit with my files (it changed the creation date), so I right now I use Boxcryptor. It’s a subscription (€36/year) and i think I won’t extend the subscription, but I wanted to mention it here.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.