iOS 16.3 Expands Advanced Data Protection Option for iCloud Encryption Globally

[Unregistered 4U]

Am I the only person here that suspects they did the same thing that they did with AT&T? - just hired someone from the G0 V as an “Apple Employee”, so that they can manage the encryption for the G0 V, and say it was an “Apple employee” that did it?


I don’t trust anymore.

They very likely did that exact thing. So, right now, the government has access to all your information. Don’t trust anyone.

 

[Wildkraut]

1. Wrong. It would be extremely easy to make this completely impossible... by simply introducing other data (signature, key, specific user data, etc.) when calculating the checksum of the file(data). Even if the files are the same, by adding extraneous data the hash becomes unique to that users copy of the file.

2. Of course you would. And I'd bet you'd be wrong.

3. Yes, it is on purpose and Apple even states why... they are standards based data sets that might need to be accessed by or shared with 3rd party services and software. (For instance accessing to your iCloud email account in Outlook on a PC.)

4. Correct. It would be extremely easy to completely encrypt everything... and by doing so you make any features or services that require that minimum of information completely useless to the end user. There's an extremely fine line Apple (any service provider) has to walk to ensure privacy and security and also provide some convenience in either organization and/or automation.

1. Sure, but it isn’t like that, it’s not stated anywhere on their encryption propaganda brochure.

2. If they do, this makes things even worse. Could explain why sometimes photos of strangers shows up on someone else’s iCloud Photo Library.

3. Different purposes, which is not to believe.

4. Make it optional, there are many people who would like to trade more comfort in favor of security. Anyway it’s also possible to create secure and comfortable services.

 

[svish]

Excellent news!! Happy to see this

 

[kesenwangs]

Starting with iOS 16.3, the security feature will be available globally

This is incorrect. You don’t need to update to 16.3 in order to enable Advanced Protection, you can still do so on 16.2, just the toggle allows you to enable now.

 

[maymeow]

This is incorrect. You don’t need to update to 16.3 in order to enable Advanced Protection, you can still do so on 16.2, just the toggle allows you to enable now.

I'm on 16.2 and my phone still saying "This feature is not available in your ountry..."

 

[kesenwangs]

I'm on 16.2 and my phone still saying "This feature is not available in your ountry..."

Have you reset the phone? I just did this on my Mom’s phone with no issue.

 

[Smigit]

Yep. I had to drop a Mac mini (2012), an iMac (2009) and my original iPhone SE (2016) from my iCloud account to enable ADP. All of which I still use. So I need to weigh which I need more... ADP or iCloud account access on those devices?

In a similar boat but for a Series 2 watch that I occasionally use as a sleep tracker or to fill in tracking gaps if my newer watch runs out of battery. Could create a seperate account for the watch (have an old phone in a drawer I could associate with) but it'd be a tad pointless not being tied to my regular phone since the Health data isn't going where I need it and I'm losing notifications.

Long since unsupported device that Watch model I know but does still work as a supplementary watch. Will strongly consider breaking ties with it, and likewise I may hold off from enabling ADP.

Still great to see the feature roll out more broadly.

 

[maymeow]

Have you reset the phone? I just did this on my Mom’s phone with no issue.

No,I will rather wait till next week

 

[_Spinn_]

Glad to see this is rolling out worldwide now!

 

[oyqy]

I just set it up on my Chinese Apple ID so yes, including mainland China.

 

[oyqy]

Including mainland China?🤔

I read somewhere, maybe even here, yes. I remember b/c I was very surprised and still not really sure I believe it.

Someone suggested China traded this for nerfing AirDrop in China. (I am obviously just repeating someone else's unsubstantiated speculation so take it as you will.)

Yes it's actually working in China (for now?)

 

[Choco Taco]

Yes it's actually working in China (for now?)

It is. But they made an update exclusively for iPhones in China (something they never do, iOS versions are always the same globally) that changed AirDrop's functionality as a means to cripple the ability for protesters to transfer information via AirDrop to each other as effectively as they could before. When Apple was called out on this, Apple responded by saying that this was just an update that was eventually coming to all iPhones. It was a nonsense response and now we all get the crappier, time-limited version of AirDrop.

I just set it up on my Chinese Apple ID so yes, including mainland China.

It remains to be seen how this encryption will be implemented in China as Apple transferred the control of their Chinese servers to China so that the Chinese government could monitor the activity of all the citizens. It's currently being controlled by GCBD (AIPO Cloud (Guizhou) Technology Co. Ltd) and the server data has to fall in line with China's strict laws.

Learn more about iCloud in China mainland - Apple Support

Learn about the changes to iCloud services in China mainland.

support.apple.com

Apple has received a lot of flak for this. Their encryption keys for Chinese iCloud data is also stored on the servers controlled by GCBD. Obviously, this new E2E encryption method has locally stored keys, but I remain unconvinced that things are now more private in China. China wouldn't want this at all.

 

[johnnyturbouk]

I think the biggest impacts are listed, those dealing with sharing indiscriminately, which makes sense. If you’re sharing specifically with someone else who also has it turned on, then you shouldn’t notice an issue or performance degradation.

I do not share my icloud with anyone, thus glad people are not seeing a performance difference as I am very keen on having end-to-end encryption.

I’ve had it enabled since launch day in the states and aside from having to sign out of iCloud on my ancient Mac mini, there has not been a single downside. And I am all-in on iCloud, I use drive for my files, photos, Apple Music, you name it.

I too am all icloud, besides a Synology NAS that I use to backup my idevices and macs, home network, and plex media server. really glad to hear about your positive experience and for me personally ,it completely makes sense to adopt this.

 

[JonathanParker]

Sure.

Don’t be so gullible, honestly, be ashamed that you are spreading such misinformed conspiracies, please read this objective technical report as a response for the matter: https://eclecticlight.co/2023/01/18/is-apple-checking-images-we-view-in-the-finder/

Maybe you should read that instead of watching some misinformed jerk on YouTube, hungry for clicks, read out a damned article, of which containing no real technical proof and completely lacking basis. Then the fact you spread these conspiracy theories on here? Seriously?

 

[Eddy Munn]

Including mainland China?🤔

Yes: https://support.apple.com/zh-cn/HT212520

 

[bsmr]

What would you use the security contact or the security key instead? What would be more 'secure'?

 

[mac_hack_attack]

What would you use the security contact or the security key instead? What would be more 'secure'?

Deff security key! Security Contact likely just means generate another key and give it to iCloud contact X.

 

[bsmr]

Deff security key!

Thx. And store it within a safe, or within a separate PW Manager (not iCloud Keychain)?

 

[mac_hack_attack]

Thx. And store it within a safe, or within a separate PW Manager (not iCloud Keychain)?

I have not done this process yet. (Waiting for full year to see if problem reports pop-up as it is LOTs of data I care about). I would guess that the key is stored on a Apple device encrypted by the device log-on key.

If Apple does hand you a key, then yes, 1Password or something of the like is the only correct thing to do for a non-tech user.

 

[GabooN]

Thx. And store it within a safe, or within a separate PW Manager (not iCloud Keychain)?

I did both. Stored in 1Password, as well as physical copy in my firesafe.