Reuters: Apple backed off plans to encrypt iCloud backups due to pressure from the FBI [UPDATE: Backups encrypted. Not all end to end encrypted]

juice

Member
Dec 28, 2017
190
Reuters:
Apple Inc dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.
More at the link. This should be an even bigger story because it exposes the extent to which Apple's public position on privacy is compromised.

What good is full disk encryption if nightly full disk cloud backups are enabled by default and there's no way for the user to encrypt them? The only people with truly secure iOS devices are, quizzically, the ones who know NOT to back their phones up. (UPDATE: as several posters have mentioned, the backups are encrypted but in such a way as Apple can and does decrypt them in response to government requests. In my view this defeats most of the value of encrypting them, hence my not bothering to distinguish "end-to-end" here.)

Wat.
 
Last edited:

jelly

Member
Oct 26, 2017
12,548
Huh, that's interesting. Quite the hole there unless there is some detail we are missing. Kinda makes their stance on privacy a bit of a joke when you back up to iCloud.
 

Replicant

Banned
Oct 25, 2017
4,130
MN
Wait, iMessages are encrypted during transport, but not encrypted in an iCloud backup?

That makes zero sense
 
Oct 27, 2017
1,498
Huh, that's interesting. Quite the hole there unless there is some detail we are missing. Kinda makes their stance on privacy a bit of a joke when you back up to iCloud.


A donut hole in the donut's hole. But we must look a little closer. And when we do, we see that the donut hole has a hole in its center - it is not a donut hole at all but a smaller donut with its own hole, and our donut is not whole at all!
 

Jonnax

Member
Oct 26, 2017
1,244
What possible justification is there for these to not already be encrypted?
Well they're an American company there's only so much they can do.

Like Microsoft by default backs up your bitlocker encryption key into your MS online account.

It's not China but the ruling classes in the West believe that encryption is a right for them and their families not ordinary people.
 

BLEEN

Member
Oct 27, 2017
7,144
iCloud's been targeted with so many exploits for years. This ain't helping.
 

Dervius

Member
Oct 28, 2017
1,463
MK | UK
My presumption is that while your local files on your device are encrypted in such a way that Apple do not* have access to them, but your iCloud backups are stored, still likely encrypted, at rest on Apple servers which they can decrypt themselves.

They've demonstrated already they are perfectly happy to hand those backups over. Does poke a big old hole in the pro-privacy reputation they have been enjoying recently.

In a similar vein, WhatsApp users should be wary of the "backup to Google Drive" option on the Android app. I imagine that's a similar situation.
 
Oct 26, 2017
1,759
The article also mentions the possibility of the project being scrapped due to fears that users would encrypt their photos and whatnot without realizing the importance of keeping their passwords, then lose the password (which would lock them out of their photo library forever).

I can imagine at least a few hundred (or thousand) idiots doing that and taking to social media to complain. It’d be called iCloud-gate.
 

Aureon

Member
Oct 27, 2017
1,353
And ya'll were laughing at me when i told you that a sufficiently determined state actor gets past any consumer privacy solution.
 
Oct 28, 2017
131
I don't buy this story one bit. FBI wouldn't back down from a feature because of pressure from the FBI, that's just ridiculous. I would believe more that they haven't released this feature yet because they haven't figured out the UX behind it to avoid users from turning it on "accidentally" without knowing the consequences.
 

emag

Member
Oct 26, 2017
6,145
OP’s summary/title is incorrect.

What possible justification is there for these to not already be encrypted?
iCloud backups are encrypted in a way that allows both the user and Apple to decrypt them.

Wait, iMessages are encrypted during transport, but not encrypted in an iCloud backup?

That makes zero sense
File transfers over HTTPS are encrypted, but if you save such a file that you’ve downloaded to a flash drive, it’s not necessarily encrypted.
 

Somnid

Member
Oct 25, 2017
3,074
Privacy is an ecosystem lock-in tactic. Apple chooses who pays the UX burden of privacy (ie not them). Until they let you load the apps of your choosing with privileges equal to that of their first party ones they don't actually care about the user and their privacy, they care about controlling behavior.
 

BAD

Member
Oct 25, 2017
6,572
USA
Title makes it sound like there’s no encryption at all, which appears to be inaccurate.
 

The Albatross

Member
Oct 25, 2017
11,992
I think "end to end" should be added to the title and the OP, because as it reads now and as its suggested in the OP, it sounds like Apple isn't encrypting your backups... which isn't true. iCloud backups are encrypted, but they're not end-to-end encrypted. Apple handles backups like how Drive and Dropbox do, using modern encryption techniques, but they're not end-to-end.




This is what Apple encrypts with E2E:

These features and their data are transmitted and stored in iCloud using end-to-end encryption:

Home data
Health data (requires iOS 12 or later)
iCloud Keychain (includes all of your saved accounts and passwords)
Payment information
QuickType Keyboard learned vocabulary (requires iOS 11 or later)
Screen Time
Siri information
Wi-Fi passwords
 

ReAxion

Banned
Oct 26, 2017
3,688
or people lock themselves out of their phones/accounts all the time and it pisses them off.
 

sangreal

Member
Oct 25, 2017
5,098
end to end is a meaningless distinction here because the other end is Apple

The point is that Apple has the keys to decrypt the backups they hold (not news) and that they have chosen not to change that at the behest of US law enforcement
 
Last edited:

Ninja Kn1ght

Member
Oct 25, 2017
359
Yeah, if you use iCloud backups, most of your data is accessible to Apple. If you want to avoid that you can do encrypted local backups and set your own password.
 

Cels

Member
Oct 26, 2017
2,175
From the article it sounds like the original plan was to have end-to-end encryption on everything until the federal govt complained

as it is, the end-to-end encryption for icloud is on:
  • Home data
  • Health data (requires iOS 12 or later)
  • iCloud Keychain (includes all of your saved accounts and passwords)
  • Payment information
  • QuickType Keyboard learned vocabulary (requires iOS 11 or later)
  • Screen Time
  • Siri information
  • Wi-Fi passwords
but on the same page - they say:
Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn't stored by Apple.
so even though messages use end-to-end encryption, the icloud has a backup key, which i'm guessing is how the government uses icloud to access messages on a suspect's locked iphone.

what i don't understand is - and this is an aside from apple's relationship with the government - why don't they let you use icloud WITHOUT having to use a backup key for your messages. there is no way to both use icloud and also avoid this possibility that if hackers/the govt access your icloud account, then they are able to read all your messages.

maybe it's an ease of use thing -- they don't want customers to turn on icloud but lose their key and also their messages. so if you really care about this issue then i suppose the only way for you to go is to turn off icloud and, if you want to make backups, use local ones only.
 
Last edited:

emag

Member
Oct 26, 2017
6,145
even though messages use end-to-end encryption, the icloud has a backup key, which i'm guessing is how the government uses icloud to access messages on a suspect's locked iphone.
If you enable "Message in iCloud", copies of all your messages are stored in the cloud (encrypted but accessible to you and Apple; this also allows you to access your messages from other devices, even if your primary phone is lost/off). If you don't enable that feature, your messages stay on your phone and no one else can access them (short of guessing your password).
 
Last edited:

Cels

Member
Oct 26, 2017
2,175
If you enable "Message in iCloud", copies of all your messages are stored in the cloud (encrypted but accessible to you and Apple; this also allows you to access your messages from other devices, even if your primary phone is lost/off). If you don't enable that feature, your messages stay on your phone and no one else can access them (short of guessing your password).
that's not true, if you use the separate "icloud backup" feature, your messages are stored, even if you turn off messages for icloud.
see https://support.apple.com/en-us/HT208532 and https://support.apple.com/en-us/HT207428

you will have to turn off both messages in icloud as well as the more general icloud backup feature to avoid any messages being stored on apple's servers.
 

efr

Banned
Jun 19, 2019
2,267
I see some of y'all in political threads and want more government control of things in the US, but then see some of you in threads like these complaining about privacy and encryption that the government wants control over.

Privacy died in the US with the Patriot Act. Apple already handed the Chinese government their Chinese operation and encryption keys for their icloud backups in 2018.

I trust Apple more than Google, but won't be surprised when they hand over the keys to the US government as well.
 

emag

Member
Oct 26, 2017
6,145
OP
OP
juice

juice

Member
Dec 28, 2017
190
end to end is a meaningless distinction here because the other end is Apple

The point is that Apple has the keys to decrypt the backups they hold (not news) and that they have chosen not to change that at the behest of US law enforcement
Yes. I'll update the OP but there's very little value in the current encryption scheme if Apple has the keys and is decrypting backups for law enforcement.
 

Dervius

Member
Oct 28, 2017
1,463
MK | UK
Yes. I'll update the OP but there's very little value in the current encryption scheme if Apple has the keys and is decrypting backups for law enforcement.
Of course there's value. The point of encryption is not exclusively to retain privacy from the government. It's diminished, but not entirely useless.