Reading this:
blog.elcomsoft.com
Apple seems to have the key for at least some of the stuff synced to iCloud.
What can they actually decrypt if they wanted to (or someone who can (lawfully) access the key)?
Could you use iCloud with just an owner controlled key?
Can you use some encryption on top of what MacOS provides?
For example on linux you can use luks for full disk encryption, but you could also use veracrypt or ecryptfs on top to encrypt user data a second time.
Something yubikey-ish would be nice for that purpose though 2FA on Apple devices currently mostly seems to support OTP/SMS ...
Apple Scraps End-to-End Encryption of iCloud Backups
Reportedly, Apple dropped plan for encrypting backups after FBI complained. Apple’s decision will undoubtedly cause turmoil and will have a number of conseque
blog.elcomsoft.com
Apple seems to have the key for at least some of the stuff synced to iCloud.
What can they actually decrypt if they wanted to (or someone who can (lawfully) access the key)?
Could you use iCloud with just an owner controlled key?
Can you use some encryption on top of what MacOS provides?
For example on linux you can use luks for full disk encryption, but you could also use veracrypt or ecryptfs on top to encrypt user data a second time.
Something yubikey-ish would be nice for that purpose though 2FA on Apple devices currently mostly seems to support OTP/SMS ...