733 comments

[ 2.9 ms ] story [ 338 ms ] thread
The iCloud security overview [1] says iCloud backups are encrypted "in transit" and "on server", but indeed doesn't say much about the encryption keys. There is "end-to-end encryption" on just a few items (iCloud keychain, WiFi passwords, etc.)

1. https://support.apple.com/en-us/HT202303

Apple has a key for iCloud backups. [1]

1. https://fixitalready.eff.org/apple

That's generally what "on the server" means, it's only encrypted so their storage provider (shown to be GCP https://www.theverge.com/2018/2/26/17053496/apple-google-clo... ) can't see their user data.
Maybe this is me being out of touch with modern deployment, but that is absolutely not what my impression of "on the server" means. My mental model is that of a client, whatever software is under my control, and a server, which is whatever my client connects to. "Encrypted on the server" then means that at no point is the plaintext data visible to any part of the server.

If Apple splits up the server into a web server and a storage server, then uses "encrypted on the server" to refer only to the storage server, that is entirely disingenuous.

There's a difference in encrypted data at rest vs. end-to-end client side encryption. Encrypted data at rest protects against stolen physical storage devices. Without access to decryption key stored on a separate machine, you're unable to read data on the storage device.

Encryption at rest doesn't protect users from the company, since the company has the decryption key. It protects your data if the company misplaces the storage drive.

It's common in corporate environments to check compliance boxes, which is why AWS offers encryption at rest:

https://aws.amazon.com/blogs/aws/new-amazon-s3-server-side-e...

True, but I read a big distinction between "encrypted at rest" and "encrypted on the server". Encrypted at rest has the implications that you state, being there to prevent somebody from walking off with a hard drive. Encrypted on the server implies that it is never unencrypted while on the server, and that any server-side computation is done solely through homomorphic encryption.
So not even photos are E2E encrypted? Nor Voice Memos, notes... nothing that is not written in the second list?
(comment deleted)
Some companies are better than others but there's absolutely no reason to believe any one of them would ever be on "your side" for any reason. You can vote for who makes decisions in government, but you can't vote for who makes decisions in companies.
You vote every time you decide to buy or not to buy.
Tell me how I can choose to avoid buying fungible commodities from a particular source: suppose I want to avoid oil from BP because I disapprove of their handling of the Deepwater Horizon disaster. Avoiding BP-branded filling stations doesn't actually mean I'm not buying oil that came from BP. Or suppose I want to avoid wheat from Archer Daniels Midland, or crops sprayed with Monsanto products. The idea that capitalism provides meaningful choice is a joke.
The whole point of commodification (which arguably has little to do with capitalism - this process occurs in communism too) is to eliminate differentiation.

Pecunia non olet ("money doesn't smell") is the motto of any commodity market for thousands of years. You might not like who you're buying from, but the POINT is fungibility: to completely remove all distinguishing characteristics, allow interchangeability, separate the value of the good from the value of the producer or seller.

Early stage markets (usually aided by capitalism) on the other hand allows for disequilibrium, competition, and differentiation. At worst is how you get commodities repackaged as "artisanal bottled water" and "bone broth", and the like. But it would be the way to differentiate ethical oil (is there any?) from unethical. Also has been pretty successful at labelling GMO / non-GMO food. So, yeah, there are many cases where you do have meaningful choice.

That's not how that works at all. You can buy something you need because you need it and that's not at all a vote saying you like the management of how it was produced.
It’s a vote whether you claim it is or not. If you need something but don’t want to support the company, buy it from someone else. And if you can’t find a company that you want to support, then you’ll see it’s just like real politics. You don’t get to only vote for the parts of a candidate you like, you vote for the whole package.
>then you’ll see it’s just like real politics. You don’t get to only vote for the parts of a candidate you like, you vote for the whole package.

Well, that's the problem with politics as well, and the reason that modern democracy is a sham (compared to ancient Athenian direct democracy [1]).

[1] obviously for those it included at the time. After all, modern democracy didn't include slaves, women, and even poor white folks (the extension of voting rights to non-property-owning white men happened in 1828, and it was hampered in the South until the early 20th century) until well into the 20th century.

> It’s a vote whether you claim it is or not. If you need something but don’t want to support the company, buy it from someone else.

Again, that's not how that works at all. I can name hundreds of items that I've purchased in the past year where there aren't meaningful competitors. I can name dozens of contracts I've entered into where management changed after the contract was signed (sometimes years afterward). Of course then I'm screwed because I'm still stuck in that contract.

> If you need something but don’t want to support the company, buy it from someone else.

Someone else does not exist. That is like saying you voted for Comcast.

If you "need" an iPhone more than you "need" a competitor with end-to-end encrypted backups, then you've voted for Apple.
If only there was a viable competitor phone. The choice is iPhone or some flavour of Android. Even if Android had E2E encrypted backups, it leaks is so many other unpleasant ways that it's not even a choice.

For me it's a vote for less tracking, or at least less invasion. It's not saying it's perfect or even close. There's a ton of things I'd change on iOS if I could.

So yeah, I 'vote' Apple because the alternative is a dumb feature phone.

> Even if Android had E2E encrypted backups

They do. Including an independent third-party security audit.

> it leaks is so many other unpleasant ways

I recall Android security used to lag behind Apple at the device level, but I'm not sure that's still true with current hardware and OS. Could you educate us on the current state of Android data leaks?

For me, my device should have full-disk encryption, sandboxed apps and fine-grained control over app permissions. Both iPhone and Android have that.

Intentionally leaving iCloud insecure in the absence of legal compulsion is a sneaky evasion of all the much-ballyhooed device-level security.

Pricy high grade smartphones are consumer grade stuff not something you "need". You can absolutely vote with your wallet.

Maybe if you develop for it but then again why did you choose Apple's platform?

That's not always a democratic vote when there is a market monopoly, lockins and external pressure to use products from certain companies.
You vote wholesale (on all aspects of a product) and not just on those you like or don't like, so the point is moot.

Plus, to vote "away" from a company/product, other products should exist that are better, and not just in this single aspect (encryption of backups), but in other aspects that count for your usage.

And just like an election between 3 smarmy, corporate-backed cantidates, sometimes the illusion of choice is just that.
Voting is a very bad way to send a message, especially if it is 'voting with your wallet'.

Its at most 1 bit information, often even less, since it could be a huge number of reasons for each person to vote one way or another, or maybe not vote at all or just random.

You can boycott a company your whole life, and nobody not even the company will care.

You vote if you actually have a choice.

What choice is there beyond Apple or Google in terms of smartphones? And I mean actual, ergonomic, everyday convenient choice -- my mother will firmly refuse me if I said "I'll buy you a phone but will have to tinker a full weekend to make it half-privacy-aware". And even if she was on board, she'll just yell at me if she can't do a basic task (this is a controversial topic around here but heavily modded and supposedly Google-less Android is absolutely not as useful as a Pixel or vendor-modded Android).

So...

Google is an ad company. There's nothing they won't do to get to your data. And of course, being a huge company, they will lie about it at Congress hearings, lobby against punishments, make PR campaigns to mislead the general public, cover up their work with China until they are caught, etc. They already did all of these, many times.

Apple is seemingly a good citizen but do we really know what they do behind closed doors? As an Apple user I am still a realist and I know the answer to this question is a firm "No".

We seriously have no adequate choice. I like my iPhone; I don't play games on it (well, a few brain-teasers and a bunch more serious like chess but you get the idea), and I read a lot of stuff on it: work- and hobby-related. Social media gets almost zero attention from me. So smartphones can be very useful if you don't get hooked on BS.

And so I ask you again -- what actual choice do we have? How can we really vote in a way that will make a difference?

> How can we really vote in a way that will make a difference?

We (that is, tech users) have a choice, if we choose it. The ones who don't are the people who can't take that option (ie, your mother). You've stated as much.

What is your choice today, as someone technically inclined?

Well - you mentioned modded Android; but there are several other options, if you don't mind fiddling with things.

More than a few phone operating systems are out there, many open source.

For hardware, probably among the best right now is the Pine64 phone (it's currently in a strange "high-beta" state - you can order one, and it will supposedly be close to what will eventually be sold, but it isn't completely considered a "commercial product").

Alternatively, you could build a phone using a Raspberry Pi (or a similar board, like a Beaglebone or something), or an Arduino (you'll be very limited in what you can do using a standard Arduino - basically make/take calls, store some contacts, maybe SMS).

Note that most phone modules out there are 2/3G - but you can find 4G/LTE modules, fairly cheap if you know what you're looking for.

Your "phone" won't look pretty, but you probably know that. It will likely be fragile at times, and the software quality will depend on what you can find and what you can code yourself. Cloud storage, games, etc - will all be mostly up to you to implement in some manner.

A lot of work, certainly - but that's the only real option, as you can never be absolutely certain, if you're not in control of at least the OS and software.

But for everyone else? Yeah - they don't have any choice, unless they are willing to step up their knowledge (and most aren't, nor should they have to).

(comment deleted)
Except that you only reasonably have two choices in smartphones: Android or iOS. So you can vote between plague and cholera. And, no, you would have to be in a very privileged position already to have any other choice.

The "free market" can't fix things if there are no choices to choose from. Sometimes politics has to fix this instead.

And at the end of the day, these tools are powerful and it's unclear that it's in the best interests of humanity at large to make it easy for every individual to cipher their data in a way that no other human can ever access. Apple (and their peers in the big-cloud-data-storage world) may not even be in the wrong for not willing to hand the same tool to the just and the unjust for cheaper than those individuals rolling their own.
> it's unclear that it's in the best interests of humanity at large to make it easy for every individual to cipher their data in a way that no other human can ever access

Unclear on what exactly?

How much damage is done through encryption alone?

Arguably making it harder for enforcement agency to do their jobs. I believe this is their burden to bear and work with, since privacy for every citizens is also important.
I agree that the resopnsibility is on the FBI to do investigation, but transitioning from a world where private documents are irretrievable without a warrant to one where they're structurally irretrievable because of mathematics and computational limitation would fundamentally alter the balance of power between society and individuals within that society in ways that society hasn't had to explore. It's something that's worth thinking deeply about before leaping upon it.

Part of the FBI's responsibility of investigation is to surface this concern to companies that have the power to make that world a reality, and it appears Apple has agreed with them on the risks.

Consider this then. What happens if freedom of speech is taken away (something that is already being talked about in some radical circles). If some group of people don't think you have the right to free speech comes into power and now have access to your private communications you could be "ghosted" away to the gulag for "hate speech" for something a benign as telling as an offensive joke if you upset the powers that be. To quote George Carlin. "F$ck the Children"
Despite the media's breathlessness on the subject, and when aren't they breathless? There has not been a singe "24" style case where the FBI needed to unlock some phone in order to save a stadium full of people. It's always some after the fact circle-jerk on a phone where the perp already wiped all the data. It's them trying to gain the upper hand on us and get everything they want--shitty, back-doored encryption.
Tell you what. The minute the entire government and FBI start recording their activities openly on an immutable blockchain, or at least every police officer wears a bodycam on-duty, we can talk about handing over keys for all citizen data being open to said government. But still hard to search and index en masse.

And same goes for every other government. Why should the government can do whatever they want secretly?

I can't speak for all governments, but in the US the National Archives has responsibility for recording the things the federal government undertakes on behalf of the people. This includes even the tapes Nixon made of his own conversations as President.

The guiding principle the US government operates on in this context is "When a man assumes a public trust he should consider himself a public property" (Thomas Jefferson). There are plenty of ways the fed falls short of the goal, but the goal is set.

... and I don't think anyone's talking about "handing over the keys for all citizen data being open to said government." But we are talking about avoiding having common practice for private citizen information stored in servers owned by a third-party private corporation becoming "It's stored in such a way that nobody, not even the third-party private corporation, can ever access the data without a key the private citizen can throw away." There are some good cost-benefit discussions to be had about whether that should be a thing commonly offered (even if an individual can build it themselves).

To give a concrete example, imagine if Epstein's data on the human trafficking he conducted were impossibly ciphered now in an iCloud backup he made. Does that benefit society? And more practically (regardless of larger ideal morality questions), is it a good PR look for Apple if their tech made it easy for him to do and when the fed comes knocking on Apple's door to retrieve from Apple's servers a dead man's documents that could bring justice for sex-trafficked children, Apple's response was "Sorry; we don't have enough computing power to help you?"

It’s only a matter of time before easy-to-use open source technology becomes available to everyone to host and they won’t need Apple to manage their data.

Unless you mean Apple should be actively trying to siphon off private data via their OS and hardware and index it for the feds?

I would then say Apple’s “trusted computing base” isn’t so trusted.

> It’s only a matter of time before easy-to-use open source technology becomes available to everyone

I believe people have been saying that to me for thirty years now, but I'm younger than my peers. ;)

In the context of cloud services specifically, I think that's even less true than in the OS space. Half the benefit of clouds is someone else is maintaining the infrastructure, the backups, the ubiquitous connectivity, etc. None of those are trivial to handle as a solo project, and attempts to make them easier compete with free (as in time).

What the... I was under the impression that iCloud backups are end-to-end encrypted. This is a HUGE problem.
(comment deleted)
(comment deleted)
iPhone/iPad backups stored locally on iTunes (or Finder, in Catalina) are end-to-end encrypted.

iCloud backups always were encrypted based on a key derived from your iCloud account credentials, since the beginning...

Do they happen re-encrypt if I change my credentials a bunch of times or do they use my first ever password which was 123456?
The point of key derivation is that it can use a key to encrypt that is in turn protected by another key/password. So the amount necessary to re-encrypt when your password changes is just the encryption applied to the key. A similar technique is used in local disk encryption, where you don’t need to spend hours re-encrypting your hard drive just because you’ve changed your local account password...
Then it must need my password to decrypt the key which was used to encrypt the raw data? What if I do not tell them my password, (assuming my password is one way hashed and stored) would that brick the key and in turn brick the data? Clearly I am missing something here..

Edit: or since it is "derived" and not really password which is used for encryption -- the derived thing could well be the hashed password. We are doomed. They might as well serial number their user and use that as key then. Never mind.

You’re overthinking it. Create a private key. Protect that key with a pass phrase. If you change your password, you’re really changing the pass phrase.

Does that clear it up at all?

FYI these concepts are originated from military crypto. The foundations are solid. Implementation... well you know how that always is.... one CVE away from perfect!!

The local backups are encrypted with a key separate from your iPhone passcode. You can change it in iTunes, not sure if it re-encrypts or not.

But of course, we are talking about local backups so if you have full-disk encryption or back them up to an encrypted virtual drive, you don't even need whatever encryption comes with them.

For local backup, iMazing is great. It also does other useful things. It costs money though and you can decide whether that's a feature or bug.

https://imazing.com/

Does imazing restore a phone as it is?

First party backups from Apple (iCloud/iTunes) restore a perfect replica of the phone, including app icon locations, arrangement, notifications, offloaded storage etc. I'm honestly skeptical that anyone else would be able to pull that off.

Who cares about this?

Yes, Apple has private APIs that it uses for its monopoly abuse benefit. That is why Apple's "Music" app can't be deleted from your computer ("'Music.app' can’t be modified or deleted because it’s required by macOS.") but Spotify can be deleted.

The solution is for Spotify to sue them on this specific issue and for other people to sue them similarly.

Was this previously called iFunBox or something else?
Wikipedia says Created by DigiDNA, the software was initially released in 2008 as DiskAid, enabling users to transfer data and files from the iPhone or iPod Touch to Mac or Windows computers. DiskAid was renamed iMazing in 2014.

https://en.wikipedia.org/wiki/IMazing

> iPhone/iPad backups stored locally on iTunes (or Finder, in Catalina) are end-to-end encrypted.

Optionally encrypted: https://support.apple.com/sl-si/HT205220

I suppose even if you don't check the box to encrypt, you're still protected by FileVault.
> I suppose even if you don't check the box to encrypt, you're still protected by FileVault.

FileVault too is optional: https://support.apple.com/en-us/HT204837

File Vault I think is enabled by default now on new Macs? Or at least, its in the initial setup wizard with a "dark pattern" to encourage enabling it?
Why would you think it was end-to-end encrypted? Did you never use icloud.com where you can simply access all your icloud data with a usernam+password?
Well, you just have to “trust” the server to not serve a website that will phone home your password. Apple pinky swears they won’t do that, and all your browser extensions running all the time do, too.

As Mark Zuckerberg once opined: “They ‘trust’ me. Those dumbfucks.”

https://www.businessinsider.com/embarrassing-and-damaging-zu...

And it’s not just mere words, here is he actually set up a honeypot site to get people’s passwords and break into their emails to satisfy his burning curiosity when he first launched Facebook:

https://www.businessinsider.com/how-mark-zuckerberg-hacked-i...

Instead, he decided to access the email accounts of Crimson editors and review their emails. How did he do this? Here's how Mark described his hack to a friend:

Mark used his site, TheFacebook.com, to look up members of the site who identified themselves as members of the Crimson. Then he examined a log of failed logins to see if any of the Crimson members had ever entered an incorrect password into TheFacebook.com. If the cases in which they had entered failed logins, Mark tried to use them to access the Crimson members' Harvard email accounts. He successfully accessed two of them.

In other words, Mark appears to have used private login data from TheFacebook to hack into the separate email accounts of some TheFacebook users.

In a world where we are sending our Alexa data to “the cloud” and the companies are admitting people are listening to it, in a world where Facebook secretly records everything it can, why would you assume your password isn’t being sent?

To the downvoters... you may say that this was only when Mark Z was a young man and now Facebook the company is far more responsible. But then we have this from just a few months ago:

https://www.independent.co.uk/life-style/gadgets-and-tech/ne...

I can understand trusting a browser or a software release that can be tested by many people, and was signed with a checksum. But a website and all your extensions on every website?? Those can ship new code at any time.

(Am I wrong? Any counter-arguments?)

None of what you said has anything to do with E2E encryption.
Yes it does. The password and other secret data can be sent in ways that are not end-to-end encrypted.
If the password is sent to the server and the data can be decrypted with the password then it's not end-to-end encrypted.
I think the truth of the dumbfucks argument is too painful for some people especially seeing how things are the same given recent developments. As an engineer I would be deeply ashamed if I were still working for Facebook.
In that case, isn't the web server storing the E2E key to decrypt for serving it up via the icloud web front-end?
You cannot see your device backups on iCloud.com, so that doesn't prove (or disprove) anything.
They can’t be; users lose their devices, then forget their passwords and need to reset and restore.

Also, all your photos and notes and email and other stuff in iCloud are available to Apple (and by extension the FBI et al) as well. Even Apple CSRs have a ton of access to the contents of a lot of iCloud services.

The situation is a lot better if you have all recent devices and 2FA turned on, then it can use iCloud Keychain for some stuff which is trust-circle based. You can read more in Apple’s latest platform security doc released late last year.

You should look into the 'borg' backup tool - it has become the de facto standard for remote backups because it does everything that rsync does (efficient, changes only backups) but also produces strongly encrypted remote backup sets that only you have a key to ... your cloud provider has no access to the data.

The borg website is here:

https://borgbackup.readthedocs.io/en/stable/

and a good description of how it works and why you should use it is here:

https://www.stavros.io/posts/holy-grail-backups/

I already use Duplicacy for backing up family personal macs to the cloud (in addition to local Time Machine backups).

For linux servers, borg is great, and me and my companies are happy users.

Are there any advantages of using borg over rclone?
Yes.

Rclone simply copies data. If you `sync` `~/Documents` to your remote it will keep an exact copy.

This is a simple backup since you only have one version. Anything deleted, the next time it syncs, gets deleted.

Borg is a backup tool. Versioning is at its core. It does that efficiently by deduplicating file (chunks really) even if they’re not in the same location.

So with Borg, if you create a backup 1 of `~/Documents` today and a backup 2 tomorrow of `~/Documents` you can see both backups and work with each snapshot. The size it takes should be close to the amount of data changed in the whole source.

If you move directories or files inside, rclone has to reupload them. Borg detects but doesn’t have to store it again.

With rclone some remotes have versioning (Google Drive, Dropbox). This could help in this case, but it depends on the remote. With Borg this is built in and you can change the underlying storage and migrate without loosing any data. Using versioning with crypt would probably be a pain too due to the file names. Not sure if rclone has commands/flags to help with this that I simply don’t know about.

"Rclone simply copies data. If you `sync` `~/Documents` to your remote it will keep an exact copy."

...

"This is a simple backup since you only have one version. Anything deleted, the next time it syncs, gets deleted."

This is correct. It is widely advised to not consider a "sync" like this a proper backup.

However, for what it's worth, rsync.net does support rclone[1] and because of the ZFS snapshots that are created and maintained[2] in your account, you can just do a dumb sync because the retention is handled by the snapshots.

I am not sure if rclone is really the right tool for plain old cloud backups - I think rclone distinguishes itself for the ability to transfer data between cloud providers.[3]

[1] https://rsync.net/products/rclone.html

[2] ZFS snapshots reside in the .zfs/snapshot directory inside your rsync.net account.

[3] ssh user@rsync.net rclone file/in/rsync/net/account s3:/some/bucket

After looking at a few alternatives (Borg, Duplicacy etc.), I setup Arq on my Mac yesterday.

One thing that irks me about these solutions is that they seem to scan my folders each time they want to backup. Are there tools that are smarter about this? For e.g., while running, they could keep a log of what's changing and only scan those while backing up.

You would probably need the kernel / filesystem to keep track of it to keep it efficient. And even then that is iffy if you implement it as a kernel extension vs. something integrated into filesystem code.

I've found arq backup overall slow once you start hitting 0.5TB overall. It's a design issue.

> You would probably need the kernel / filesystem to keep track of it to keep it efficient

I believe most operating systems have a mechanism for this. E.g. on macOS it's called fsevents, Linux has inotify

> After looking at a few alternatives (Borg, Duplicacy etc.)

I may have looked at Duplicacy. I'm sure that I looked at one of Duplicacy [1], Duplicati [2], and Duplicity [3]. Whichever one that was, I kept getting it mixed up with the other two when looking for information online, and finally said "screw this" and bought Arq.

[1] https://duplicacy.com/

[2] https://www.duplicati.com/

[3] http://duplicity.nongnu.org/

I've been thinking about setting up a backup for my Mac for a while now. How long does it usually take to scan your folders during a backup?
I am backing up ~130 GB data (with a combination of large and small files) every 12 hours to S3. The first upload quite some time but all the later ones take ~10 minutes in total.
Arq for Mac is great for backing up, though the restore util could use a little work. It's not exactly user friendly.

I've used it on my macs for years without any issues at all. I switched after Time Machine broke down for the n'th time in a month saying it needed to recreate the backup, and not once in the 3-5 years i've been using it has it every given me any problems with broken repositories, and every integrity check/restore has succeeded.

Arq on Windows is a different beast though. I'm sure it's technically solid, but the UI leaves a lot to be desired. On windows boxes i default to Duplicaty.

(comment deleted)
> Duplicaty

Did you mean Duplicacy or Duplicati?

Duplicati (https://www.duplicati.com/).

On my servers i use Borg like any sane person would, but the lack of a good client UI makes scheduling backups on a personal computer a lot more work than i'm willing to put in.

How does this help with the context we're dealing with here: the iPhone (and other iDevices) being heavily encrypted/secure and iCloud not being secure?

Quickly looking at Borg's website (thanks for the heads up - great tool/option) I see it doesn't support iOS or backing up an iOS device.

I assume you're just suggesting it as a general purpose option for general backups on the desktop?

Maybe backup to desktop and then Borg.

I wonder how efficient Borg would be with this setup.

It's huge problem that you believed something that was never suggested by Apple and never part of the threat model. Apple runs the closed source OS on your phone. You obviously can't hide information on your phone from Apple.
Nope. I actually thought this was well known.

What did suck on Apple's part was that they wouldn't allow you to disconnect the actually end-to-end encrypted iMessages from the iCloud backups for many years.

So since most people kept their iCloud enabled, that meant their "iMessage end-to-end encryption" was nothing of the sort, as all messages had a copy that Apple could read on its servers.

I actually don't know if this is still true since I haven't used an iPhone in some time, but I sure hope it isn't anymore.

The way FBI runs things has been a huge problem ever since the drug trade came to the US.
You ever read the reviews for the MEGA app? Everyone complains that there's no password reset feature. MEGA is fully encrypted so you literally can't reset your password. It says this when you first crate an account and get a recovery key.

I don't think the general public would understand end-to-end encrypted backups. It would probably hurt their company if all backups were totally unrecoverable.

> I don't think the general public would understand end-to-end encrypted backups.

I imagine you're right; it would still be nice for individuals and organizations to have the _option_ though.

You do have the option. Local device backup with a password.

You can’t even turn off the backup password on an existing device for a new backup without knowing the old password (protecting against Evil Maid problem).

I’ve had to reset a device when I forgot my local iPhone backup password to get it back to unencrypted backups.

You're right, of course.

I had in mind an e2e encrypted backup on Apple's servers, which would be far more convenient than doing it locally. That's all.

Well yeah, hence TFA;

> More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.

> Under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form even under court order.

This is a HUGE problem.

Well, you can choose not to use iCloud for that reason (as some of us do).

A bigger problem is that Apple deliberately locks up iDevices so it's hard to get your data off them using only local means, particularly if you don't also want to buy an Apple laptop just to do it.

If only iTunes existed for Windows....
If only iTunes worked reliably on Windows and didn't have a long track record of bugs, subtle usability issues causing catastrophic data loss, connection problems where it doesn't detect the device properly...

Let me know when iPhones and iPads support standard plug and play protocols that work universally without relying on either Apple's proprietary and frequently broken software or someone else's commercial alternative that attempts to do what Apple should have been doing all along.

So there is a standard plug and play protocol that supports everything that iTunes does?

iTunes hasn’t worked well on any platform in over a decade.

Is there a specialised protocol for all types of data stored on iOS devices? Probably not. But plenty of other models of phone, tablet, camera and other data-processing devices manage to communicate just fine with Windows (or Linux or macOS) using generic protocols as USB mass storage devices, there is little excuse for iOS devices not to. In fact, you actually can download your photos and videos from an iPhone to a Windows PC by just plugging it in and doing the same as you would with your camera, but ironically this only works if you haven't installed iTunes.
So while it is “communicating” with iPhones. What exactly is it suppose to communicate over standard protocols that would alleviate the need for an application and still perform all of the functions of iTunes?

What other devices perform all of the backup, restore, and os upgrade, functionality of iTunes.

The iPhone doesn’t use the standard “usb mass storage” protocol to allow you to download pictures. It uses the picture transfer protocol.

What other devices perform all of the backup, restore, and os upgrade, functionality of iTunes.

I've never claimed anything about any other functions of iTunes. I just said it was a problem that Apple devices make it difficult to get your data off using only local transfer.

The iPhone doesn’t use the standard “usb mass storage” protocol to allow you to download pictures. It uses the picture transfer protocol.

Yes, exactly like your camera, as I said.

So it’s difficult to get data off of your device - even though you can get pictures and video off of your device like any camera and most other documents are stored in their own folders on iCloud - that you can get to either using the iCloud Drive app for Macs or Windows or by logging into iCloud.com.
Have you forgotten that the entire point of this discussion was that iCloud is not properly encrypted, which is why it is such a problem that local transfer of all data is so difficult?
So now we are going back to needing some type of app to backup and encrypt since there are no “standard protocols” that can do encrypted backups and restores.....
If everything is being transferred off your device locally, why can't you use whatever backup arrangements you normally make for your other data?

We already have a good, properly secured backup system that we use for all our workstations and servers. We just want to be able to export data from any mobile devices we use and manage that data using the same policies and tools. In most cases, that is straightforward. The one big exception is the iOS devices.

“We already have a good, properly secured backup system that we use for all our workstations and servers”

And this is the same myopic geek viewpoint that came out with the iPod “Less space than the Nomad. No wireless lame.”

Do you actually believe that most people have a good backup solution at all? Is that really what you are suggesting for a general backup solution?

That’s just like when DropBox was introduced and people on HN came up with a convoluted Rube Goldberg solution that they could do themselves.

I'm not making any claim at all about "most people".

I'm saying that iCloud isn't properly encrypted, which for some people and organisations will be a problem, and that it is then a greater problem for those people and organisations that it is unusually difficult to transfer data between iOS devices and other systems through other means because of the inhibiting choices that Apple has made.

It's much like the argument that the default behaviour for consumer software should normally be to install security updates automatically, but installation of updates should still be configurable for those who do know what they're doing and need more control over their systems.

If you’re part of an organization where security is important, you would force all of your employees to register with your MDM solution and prohibit any iCloud backups, you would probably have them using Office for iOS and tell them to save their files to OneDrive for Business and enable encryption.

I doubt many businesses are using iWorks with iCloud.

There is no reason to assume any of that is true, nor that only organisations where "security is important" care about this issue.
Not only this, but your iMessage E2E is protected in flight by a key that gets stored in your backup. So anyone recording your iMessages can retroactively decrypt them if they get your backup.
Nope only local iCloud backups are encrypted, which is why I never backup to the cloud.

But this makes me wonder if they have our local boxes totally owned already which is why the local encrypt feature would not hamper investigations?

End to End encryption doesn't work very well when the government nationalizes the servers with the end data and the keys to decrypt it.

https://techcrunch.com/2018/07/17/apples-icloud-user-data-in...

Surely in the context of "End to End backups" the user is the "End" on both ends. The servers shouldn't have the keys. They can be as compromised as they want, but the most they should be able to see is when, how much and where from you're backing up data, but not the actual data.
So here's the thing... Apple is able to recover your backups even if you forget your password. Therefore they can decrypt it without your password.
I don’t understand. Am I just tired or misreading? The table on this page clearly shows backups are encrypted in transit and at rest... https://support.apple.com/en-us/HT202303
If it rains it gets wet outside. But if it's wet outside does not mean it's rained. This is an example of a recurring case where snakeoil and dishonest companies use this seemingly obvious logic puzzle, because people in general are bad at logic.

To answer your question directly. TLS encryption from your phone to apple's servers means they terminate encryption at the other end when they receive your data. This means "they decrypt the information that was in transit". Then they explicitly apply another encryption to the received and decrypted data before storing it on disk. Since these are two separate steps, you have no protection what-so-ever since apple will have a registry of all decryption keys for the disk backups that they'll happily use for whatever reason when they want to get hold of your data.

The only thing their disk encryption protects against is if someone were to walk away with the physical disks. It protects squat against the threats customers actually care about (unauthorized access to the data by someone other than the customer owning that data).

And seeing as they run on AWS, physical security means that the only way metal leaves the data center is if it's in millimeter sized shredded metal grain. So the threat model of concern here is exactly what apple has decided not to provide customers any protection against.

"Encrypted" is a weasel word. There are many examples of "it's encrypted" even when encrypted refers to 8192-bit keys, where the system is not secure. Examples abound.

So claims of "encryption" are meaningless.

Instead, claims of "only X, Y and Z could access to this" are meaningful.

"Could" is a strong word because it includes unforeseen circumstances such as writs and court orders.

On MacOS, iTunes/Finder stores (optionally) encrypted backups at

   ~/Library/Application Support/MobileSync/Backup
I was thinking of creating a symlink to Dropbox, for instance and having my cloud backup there. I don't know if the backups are incremental which could be a storage problem, but that can be managed through some scripting.

Since we hold the key it's a blob nobody can get to without brute forcing it.

But it is nice that you have the option to not backup with iCloud. They are not storing the information whether you like it or not as a lot of companies do.
While Apple doesn't force its users to use iCloud, they also don't provide an alternative way to do full backups of iOS/iPadOS devices over a network. Yes, you can plug an iPhone into a Mac, but that doesn't scale.
You can set local auto backup over wifi in itunes right?
If you have a computer available that can run iTunes, sure.
Yes, but that only works in local networks and after connecting via USB once – and the backup is always stored on a single computer. So it may be acceptable for personal usage, but not suited for an enterprise environment where you want to centrally manage hundreds of devices and provide some redundancy for your backup system.
I guess I don’t understand this point. This is exactly what ios mdm backup is for. Relying on users backing up their personal icloud accounts for work seems highly problematic. If they are work icloud accounts... usb should not be a problem since you are probably provisioning the devices, and the itunes backup approach over your intranet seems actually ideal.
This is also why you should never use cloud backups for iMessage or WhatsApp.
This is disabled by default in iOS 13, to keep your messages secure (and because often times it doesn't work properly). You have to go into iCloud settings to turn it on. And then if you aren't using iCloud Backup, the key to your Messages backup is not stored by Apple, so they can't read it anyway (see https://support.apple.com/en-us/HT202303).

For some reason, I doubt Google would do that.

I also have iMessage configured to delete messages after 30 days. I wish WhatsApp has this feature, but it does not, so I just periodically clear the history manually (which you can do in WhatsApp as well as Signal).
Reminds me of WhatsApp claiming it had encryption everywhere and then this [0] dropped. Except, in this case, I'm actually surprised. Didn't Apple publicly claim that it wouldn't bow down to any demands from the agencies?

[0]: https://www.theinquirer.net/inquirer/news/3061660/whatsapp-i...

That was a coordinated PR move between Apple and the government. The US administration went into heavy damage control mode with the large tech companies after the Snowden revelations about PRISM et c.
Do you have any evidence for that? Sounds like a bit of a conspiracy theory to me.
https://www.washingtonpost.com/news/post-politics/wp/2013/12...

Put yourself in their shoes. These companies stand to lose tens or perhaps hundreds of billions of dollars in foreign sales if there isn’t a counter-narrative to “well of course they spy for their national military, just look at these Snowden slides”. Making it seem like they are fighting for their customers at odds with the FBI is a perfect counterpoint.

Meanwhile, it’s business as usual for US military intelligence, as evidenced by TFA. Excellent reporting!

It's mostly marketing bullshit.

Apple and Microsoft both tried to build ad businesses, but when they weren't as successful as Google, they turned lemons into lemonade by launching data privacy PR campaigns against Google.

Meanwhile, Apple and Microsoft quietly censor their products in China, surrender data to Chinese authorities, and now we find Apple is intentionally leaving iCloud data insecure.

Presumably Google was under the same pressure from US law enforcement, but somehow Google delivered end-to-end encrypted Android backups in October, 2018. And Google did it without all of Apple's self-congratulatory media hoopla.

e2ee: https://security.googleblog.com/2018/10/google-and-android-h...

Third party security audit: https://www.nccgroup.trust/us/our-research/android-cloud-bac...

"Apple is intentionally leaving iCloud data insecure" ... if you'd done some research you would know that iCloud backups are not end-to-end encrypted. That means you have a choice: backup to iCloud for the convenience and give up some privacy, or turn off the iCloud backup.

It would be nice if Apple was more forthcoming with that fact but there is some onus on the customer these days to understand what's private and what is not.

https://support.apple.com/en-us/HT202303

iCloud backups are not on the list of end-to-end encrypted.

Doesn’t that page show everything as end-to-end encrypted, except email messages on the server?

If “backup”, photos, messages, contacts, calendars, iCloud Drive, notes, and safari data (and a few more) are end-to-end encrypted what else is there?

I mean if you scroll down a little more you'll see what data is actually end-to-end encrypted.
I don't think you are reading the list right. That is all the stuff that is encrypted both at-rest and in-transit (with keys known to Apple).

The list of E2E is further down, separate from the table, and includes: Home data, Health data (requires iOS 12 or later), iCloud Keychain (includes all of your saved accounts and passwords), payment information, QuickType Keyboard learned vocabulary (requires iOS 11 or later), Screen Time, Siri information, and Wi-Fi passwords. So virtually nothing, by comparison.

Messages, probably the most personal and relevant for legal cases, are end-to-end-encrypted as well, but if you have iCloud Backup enabled, the key is stored in the backup, making this useless.

Please see "iCloud security overview", it clearly states which iCloud data is encrypted in transit, on server, and end-to-end:

https://support.apple.com/en-us/HT202303

This is from your own link:

“For certain sensitive information, Apple uses end-to-end encryption.”

“These features and their data are transmitted and stored in iCloud using end-to-end encryption:”

* Home data

* Health data (requires iOS 12 or later)

* iCloud Keychain (includes all of your saved accounts and passwords)

* Payment information

* QuickType Keyboard learned vocabulary (requires iOS 11 or later)

* Screen Time

* Siri information

* Wi-Fi passwords

And please mind that e2e means next to nothing when the data is stored and retrieved with a closed source (and usually auto-updating) client app.
Yes, I wasn't debating a point, just providing a list of exactly how Apple encrypts user data.
Just a reminder, Apple ceded control of its iCloud management in China to a state-controlled company, in addition began storing its encryption keys in China in order to "comply with local regulations". So whether or not your backups are encrypted is almost a moot point, given that the government can submit a lawful demand for your data at any time..

Apple will store some iCloud encryption keys in China, raising security concerns https://www.theverge.com/2018/2/26/17052802/apple-icloud-enc...

That’s only for devices where the region is set as China. Why would it be a moot point elsewhere for that reason?
Injustice anywhere is a threat to justice everywhere.
Different places define (in)justice differently.
But isn’t morality universal?
Morality is defined by culture, so there is no "universal" morality as such. However, there are certain specific things that are included in almost all moral frameworks.
‘There is no absolute’ (except for this statement) always amuses me.
Dont know why down voted. Even if someone doesnt care for individuals in other legal zones (sad), the extra injustice Apple is accepting in other legal zones is a clear display of what they are willing to do to you eventually.

> Injustice anywhere is a threat to justice everywhere.

So I 100% agree.

Well, it's based on incorrect information, based on the parent's citation....
"It's not happening in my country" is a naive argument. You might not care if human rights activists and HK protesters are affected. But Apple's actions in China set a precedent for other countries to follow. If a country demands that Apple "comply with local laws" by providing encryption keys or else risk losing access to that marketplace, Apple will comply, regardless of its effect on user privacy.
There was no need to misinterpret the comment and write things like '"It's not happening in my country" is a naive argument.'

I didn't say that Apple is right to do it in China or elsewhere. I merely pointed out that it's happening in one place and asked why that would make it moot elsewhere. I agree with everything you said except for the phrasing of your first sentence.

From the linked Rueters article...

Apple says the joint venture does not mean that China has any kind of “backdoor” into user data and that Apple alone – not its Chinese partner – will control the encryption keys.

Incorrect. Please see the official Apple Support page [1] that debunks this. It specifically states:

"iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."

And since all Chinese companies are bound by local laws, you can be assured that your data is readily available for access by the government.

[1] https://support.apple.com/en-us/HT208351

That still doesn’t make the original statement that “encryption keys are given to China” correct.

The data that is available in China is not encrypted and would also be available to US authorities.

Can you quote the part of the article that states that Apple must give China private keys? Can you find a citation where a third party has found proof that Apple changed the iMessage architecture?

Apple may still be controlling the encryption keys but this says nothing about sharing the keys if compelled to do so.

> Can you quote the part of the article that states that Apple must give China private keys? Can you find a citation where a third party has found proof that Apple changed the iMessage architecture?

Apple is smarter than to put some text on their official website saying that the Chinese government has access to all your data. The key here is that their Terms and Conditions state that they operate "...in accordance to local laws". This is a cop-out legalese way of saying "We abide by whatever the Chinese government tells us to do".

How can Apple share private keys it doesn’t have access to?

Apple doesn’t control “private keys” you use to encrypt data. The keys wouldn’t be very private if that were the case.

The entire idea behind public/private keys is that you keep access to your private key.

You need to take a step back, take off your engineering hat, and realize that the issue is not about private keys. This is about a company (Apple) needing to follow the laws of the country that it operates in or else it is banned. It doesn't matter if Apple was selling bread or handbags, they MUST provide the government with data about their customers when compelled. This is the case with all companies operating in China, foreign or domestic.
The only way it could follow the laws of the country would be to rearchitect its entire system and somehow send the private keys to its servers and save them.

While technically they could do that, do you realize how much legal trouble they would be in in the US if they did so without disclosing it?

Alternatively, they would have to have a special build of iOS for China.

Also, none of the “citations” make mention that the Chinese law forces Apple to give private keys to China.

The questions you are posing make it clear that you don't understand the issue at hand, much less the broader context behind these data laws. Companies have invested much more $$$ and resources for much less reward. Also, everything is legal as long as your lawyers sign off.
I perfectly understand how public/private key encryption works. Can you find any citations to support your specific claims that Apple is sending user’s private keys from their devices and giving those keys to China?
Tell me how you think public/private keys helps Apple from skirting Chinese law that stipulates that they must provide access to user data.
It doesn’t by itself - but you have neither shown that Apple has surreptitiously uploaded user’s private keys in China or that it was required to do so.
I think the overlooked answer in this conversation is that Apple doesn't need to modify their service for China at all. In in all countries, they hold the encryption keys for most user data. Only these things are E2E encrypted[1]:

    Home data
    Health data (requires iOS 12 or later) 
    iCloud Keychain (includes all of your saved accounts and passwords)
    Payment information
    QuickType Keyboard learned vocabulary (requires iOS 11 or later)
    Screen Time
    Siri information
    Wi-Fi passwords
You might say "what about iMessage". The link has that answer, too:

>Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices.

This means Apple can produce the data a government is looking for in virtually all cases, and that's probably good enough for China.

[1] https://support.apple.com/en-us/HT202303

Or you can specifically turn off iCloud for iMessages in settings....
Maybe the fraction of users who do that is small enough that China won't push them on it. Or (this would be relatively easy to check) they could just hide that option in settings when the device region is China.

Another factor to consider is that SMS and iMessage are rarely used in China due to SMS historically being more expensive than email/data over there.

That brings up another point. How important is iMessage in China? The iPhone’s market share in China is small and statistically when you’re using iMessage you would probably be sending a message to a none Apple device over unencrypted SMS.

Email is the least secure method of sending data and always has been.

That brings up another point. How important is iMessage in China? The iPhone’s market share in China is small and statistically when you’re using iMessage you would probably be sending a message to a none Apple device over unencrypted SMS.

Email is the least secure method of sending data and always has been.

I’ve never paid attention to it until now, but you can selectively disable iCloud backups for any of the built in apps and third party apps in settings.

> Or (this would be relatively easy to check) they could just hide that option in settings when the device region is China.

A placebo toggle is also an option.

(comment deleted)
Yeah, the current privacy dystopia is obviously just evil apple and microsoft sticking it to noble google.
Certainly not.

But distinguishing PR bullshit from actual practice is essential when navigating the dystopia.

A good way to figure out whether this kind of claim is marketing bullshit, is to look for a PR claim that goes the other way: that Apple or whoever helps the FBI find uploaded images of child sexual abuse. If they are matching on your data, they can’t be encrypting it; if they’re encrypting it, they can’t be matching on it. It’s one or the other.

And, well, Apple have confirmed that they‘re matching on your data[1]. So, guess what?

[1] https://www.scmagazine.com/home/security-news/apple-scans-ic...

This was clarified to be iCloud Mail attachments.
I totally disagree. I work for Apple, and I can tell you that for everything you do privacy is involved. It’s not just marketing.
Involved isn’t the same as guaranteed. I think commenters here are arguing that Apple isn’t being honest about what is available to law enforcement. My guess would be silent updates targeted at individual users who they have search warrants against.
The list of E2E above is quite transparent. The notion of building a special version of the OS to target an individual is just not how the infrastructure works, and totally goes against the entire spirit of privacy that pervades everything you do internally.
Sorry to be blunt (and I am a big fan of Apple's pro-privacy shift of late) but nobody outside Apple can know that with any certainty.

Even the 2016 blackhat talk on youtube, which describes an elaborate signing mechanism for updates, doesn't preclude shipping targeted OS updates to individual users. Maybe I missed something though, and in that case I'd appreciate you pointing it out.

I can tell you that most people inside of Apple would be shocked if such a thing occurred. I doubt the code pathway / infrastructure even exists to do such a thing. There’s always the possibility of strange things happening that only the right 1-2 people know about.... although it’s probably have to be many more given the number of changes that would be needed to be made to propagate a special one off code signed OS OTA. That would likely have a whistleblower somewhere.

The reality is it’s way easier to just exploit a weakness that you can text someone [1].

But if you’re dressed in tin foil hat to toe, then there’s nothing that I can say to convince you. At that point I’d suggest not using any computing technology that you don’t personally build yourself and watch 24/7.

[1] https://www.nytimes.com/2020/01/21/technology/bezos-phone-ha...

I think I would have once considered this acceptable, that it agrees with the spirit of the law, except that warrants have lost their meaning thanks to FISA rubber stamps.

Edit: Also, it's compelled speech though.

> Didn't Apple publicly claim

IIRC it said it wouldn't bow down on implementing back doors to unlock protected devices and encrypted content on them, which is specific enough not to cover this case.

Bowing down on implementing new security features doesn't go against the promise to not bow down on the security of existing ones, as written. It can be argued to go against the spirit of the earlier public statement of course, but that doesn't count for much in the eyes of a corporation being given a strong suggestion by a government agency.

Except that this is a backdoor that circumvents device protections for the vast majority of users.
It is not a backdoor, nor does it circumvent anything.

It is a front door convenience feature which has distinct privacy/security trade-offs.

There exists no magical way to provide a means of lost password/device recovery which doesn’t grant Apple access to decrypt your data. It turns out that a lot of users want to have a way to recover from a lost device/password and are willing to let Apple decrypt their data.

You do this by ticking the ‘iCloud Backups’ toggle on your iPhone.

A backdoor by definition is not a user facing and configurable feature which is thoroughly explained in end-user documentation.

> There exists no magical way to provide a means of lost password/device recovery which doesn’t grant Apple access to decrypt your data.

In modern times your face and your fingerprints could be that magic.

I’m not sure about that. Face and fingers are typically authentication mechanisms. They can grant access to a key, but they cannot themselves be the key.

The thing doing the authentication can be your local device, or a cloud-device. That thing must necessarily store a validator for your face/fingerprints which it can use to decide your submitted capture is “close enough” to consider a match, after which it grants access to the key, usually indirectly, by allowing certain cryptographic operations with the key.

Apple takes pains to ensure the biometric validators never leave the Secure Enclave of a local device. Possibly they could allow syncing these validators between Secure Enclaves of paired devices but I think you have to re-enroll. Absolutely never do they transmit these biometric validators to the Cloud in a readable form.

So in a lost-device scenario, you are also losing the biometric validators as well as the keys which were unlocked by the validators.

I think storing decryptable biometric validators is worse than storing decryptable device backups. Such a fingerprint database would almost certainly be abused by a government (forced to match a terrorist’s fingerprint against their users).

The singular reason I am willing to use biometric authentication on my phone is because the authentication is done locally.

For example Amazon’s recently announced project to link Amazon Pay to a palm print in stores is a total non-starter for me. Besides the fact that it’s a clumsy and bad idea to begin with, no way I want them having my palm print validator sitting in the Cloud.

> They can grant access to a key, but they cannot themselves be the key.

My assumption is that device recovery is such a special case, that it can use very different algorithms than those used in phones today, they could be very computationally expensive and turn fingerprints into usable keys. And of course there is no need for anyone to store them or being able to match them individually or even just tie to an identity of a person.

There are two things that make this problem “hard” if not “intractable”.

Encryption keys are precise integer values (or can be represented as such) and they gain a large part of their security from two facts; a key that is wrong by even one bit will appear totally wrong / disclose zero information, and two, the key space is unfathomably large.

To turn a fingerprint directly into an encryption key would require first; some sort of mapping between the analog representation of the finger/face (which could be two or 3 dimensional) into a digital value, and second; for that value to be absolutely repeatable over time.

The biggest problem is that of course neither your face, nor your fingerprints, are absolutely unchanging over time.

So the first thing you would somehow need to accomplish is a way to map the biometric scan to a repeatable precise integer value. Such a mapping would require, by definition, a loss of precision.

How much precision? Well, it’s directly a result of how resilient you want the algorithm to be in the face of things like scanning error, micro-abrasions on the finger, body fat percentage, the temperature of your hand, swelling, hair growth, etc...

The less precise you make it, the more different fingers (or different scans of the same finger) must necessarily resolve to the same key.

This is the same thing as saying that we are reducing the key-space.

Once you have reduced the precision of the mapping from a biometric scan into a key that will reliably generate the same key over time, you have, by definition, reduced the key space to the point where the encryption is fundamentally unsound.

The only exception to this would be perhaps using DNA sequences, but even then, I believe DNA is not actually perfectly unchanging over time, and is also not at all random [1]. But assuming you could probably handle the minute coding changes that do occur, and reliably scan the same part of the genome, I think you could end up with enough entropy to generate a secure key. Assuming you are willing to precisely sequence a chunk of DNA in order to generate your key. This is rapidly becoming feasible, if not somewhat dystopian and entirely impractical.

But you still have the fundamental problem that the key is not being generated as a uniformly random value in the key space. This happens to be extremely important to the security of encryption algorithms. You wouldn’t want, for example, a close relative to be able to cut your entropy from 512-bits down to 64-bits and into the realm of brute force.

In short, biometrics will remain an authentication method rather than a direct encryption method, likely indefinitely.

[1] - https://www.ncbi.nlm.nih.gov/m/pubmed/10223669/

I found some research on fingerprints [1]. At 512 dpi fingerprint sensors have 0.01 bits per pixel of information mutual between samples but still individual, meaning that 160x160 sensors can give 256 bits of information usable for keys. And there are multiple fingers, so it seems enough to derive an encryption key from and even some room for redundancy.

Refreshing it every few years isn't a big deal (as obviously none of it will be used directly as an encryption key for all of your data, but only to encrypt an actual encryption key).

[1] https://backend.orbit.dtu.dk/ws/portalfiles/portal/180163248...

That paper has absolutely nothing to do with generating keys directly from an image of a finger. They are discussing the lower bounds on how small a fingerprint sensor can get.

It doesn’t seem like you read my reply at all.

It’s not a question of raw entropy from the sensor, which is what the paper is discussing. It’s an issue of repeatability.

Reboot the phone, or hit the sleep button 5 times and your fingerprint and face becone useless. Only the unlock code can get in to the phone.
To quote spoc in ST-TWOK: "not a lie, an ommision".

It isn't a deliberately implemented backdoor. It is a deliberate decision to not install doors at all, just empty frames. I know we are arguing semantics here, and it doesn't make it right, but it doesn't go against the letter of how they've claimed they'll behave.

Yeah, there's no way Google would have agreed to that deal to store all WhatsApp data for free unless they were getting full access to it for data mining.
What Apple claims and do are two different things... just like politicians tend to do.
Not true.

Disclaimer: I work for Apple.

Please elaborate
Everything that happens internally has to be approved by privacy, it’s always part of every discussion (meaning it’s like you’d hope for). There’s no shortage of projects killed or altered because privacy said no.

It’s not just marketing.

But the marketing is nonetheless deceptive. Apple’s practices are much less stringent, and their cooperation with law enforcement much greater, than their marketing and even their privacy pages suggest.

This is a crappy place to turn around and tell your customers, “should’ve read the fine print!”

If your threat model includes pointed requested from law enforcement, then you probably shouldn’t be using any consumer internet products wholesale.
Privacy? Who needs it, amirite?

I mean, I'm not up to anything illegal, and I don't actually care about people seeing my stuff, BUT... the concept as a whole of "government should have access to everything all the time, regardless of reasoning" does not sit well with me.

(comment deleted)
What happens when what is considered legal gets changed in the future?
You don't even, for instance, torrent? Movies, music? (You don't have to answer that. :P ) Ever pirate apps, even just to try before you buy?

The point is, if someone from the law is interested in you, or suspects you of some grander illegal thing, a lot of us do illegal things that might just be a little less grand, and a lot of us have the digital equivalent of a broken taillight.

There are plenty of more mundane misuses as well. Ex-spouse stalking, slighted lawman with a grudge, technician with a weird fetish. Sure there should be safeguards but they don't always work as well as you'd hope.
Just to be clear, if you do local backups to iTunes, you can encrypt those backups with a key you control
Shame on the FBI. Unfortunately the average Apple user won't understand or care about the implications. This is why I don't use ICloud or any cloud products. Apple are not nearly as bad as Google though.

I stopped using GDrive about a year ago and I aim to be Google-free for 2020. I don't use Gmail for anything important any more.

End-to-end backup encryption is hard. Apple had faced criticism from cryptographers for failing to implement it.

https://blog.cryptographyengineering.com/2012/04/05/icloud-w...

The fact that they started working on the problem then abandoned it after the FBI complained is disappointing, especially to Apple consumers. But all it means is the status quo marches on.

Headlines like this vindicate my decision to never purchase an Apple product.

>Headlines like this vindicate my decision to never purchase an Apple product.

What else can you buy? Surely not Android...do you live without a smartphone (serious question, not judging)?

"Surely not Android...do you live without a smartphone (serious question, not judging)?"

That's a very judgmental way to ask that question if you're trying to not be judging.

My phone hardware would fall under the Android classification, but I run LineageOS.

I wish I had more options, but we're stuck in a hellish duopoly for the time being.

> but I run LineageOS

With Google Play Services surveillance rootkit? :)

Waiting for Librem 5.
Or the pinephone, which isn't as nice but is 1. way cheaper, and 2. shipping already.
I thought Librem 5 is also shipping?
Ah, I stand corrected and you are right; they do indeed to be shipping, including additional batches every few months.
And which phone do you use in its place to participate in basic aspects of modern life?
Please define your terms.

Why do I have to use a phone in its place? Apple products aren't a basic human necessity. I like to think I can just use a phone for the sake of wanting a phone, not to replace the void that not being an Apple consumer leaves in my soul, or something.

What exactly do you mean by "basic aspects of modern life"?

I have a desktop PC, a laptop, a work laptop, a LineageOS (Android-based) phone, and a VR headset for gaming. Anything I want out of modern tech, I either already have or doesn't exist yet.

I tried to get by with Lineage without gapps for a year and a half (if you don't forego gapps then there's no point from a privacy perspective).

I couldn't get push notifications on Slack because they went through gapps.

I couldn't use several online dating services because they were only on mobile, and their mobile apps broke without gapps.

I couldn't check my bank account from my phone because I couldn't get a hold of its app outside of the Play store, and because its mobile site locked my account for suspicious activity because I roamed between cell towers while using it.

I couldn't find places because there was no reasonable mapping option (OSMAnd, at least at the time, was abysmal to the point of being almost useless).

I once bought a pair of headphones that I couldn't use at all because you had to use Bose's app to set them up, and - you guessed it - the app was broken without gapps.

Even Signal - the OSS encrypted messenger - was partially hampered without gapps.

We can talk all day about how we got to this status quo and what can or can't be done about it, but the reality is that if you want to live a real, modern, urban life in 2020, so many people and organizations just assume you to have a fully-functional smartphone that you will be actively hampered without one.

> We can talk all day about how we got to this status quo and what can or can't be done about it, but the reality is that if you want to live a real, modern, urban life in 2020, so many people and organizations just assume you to have a fully-functional smartphone that you will be actively hampered without one.

And for that, you can also get a stock Android phone like 80% of the world and still not be an Apple consumer. :)

And be saddled with Google's services, which are 10x worse with regards to privacy than even this new revelation about Apple? I don't really understand your reasoning.
My reasoning in this entire thread has been:

1. This isn't news about Apple's encryption, it's just that the status quo is here to stay. Your Apple device is as secure/private as it has been, and will probably not get any better. It's disappointing, but not really much of a revelation to anyone who's been paying attention since 2012 (or earlier).

2. The way the headline is phrased vindicates an orthogonal personal decision I made to not purchase hardware or software from Apple.

Given your most recent comment, at some point, you must have assumed a lot of things that a) aren't true and b) I never stated or implied.

Wait, your answer is Android? From Google?
We live with a hellish duopoly. If I'm not buying Apple, what other option is there?

Attempting to pantomime surprise is dickish and unncessary for HN.

Easy fix: back up your iPhone locally on your computer instead of using iCloud: https://support.apple.com/en-us/HT203977#computer

The ambiguous position on true end-to-end encryption shows once again that Apple is in for the marketing (both to consumers—predatory and dangerous, and to engineering talent—dishonest). Same hypocrisy as on the China issue. Not that there is an easy solution when you are one of the biggest companies on the planet and that shareholders essentially expect you to grow forever while playing nice with everyone.

Eh, maybe, maybe not. What guarantees are there that the backups actually get deleted? Storage is cheap these days...
If you delete your remote backups, they are likely be deleted, eventually. If you don't delete your remote backups, they won't be deleted.

There's no business case for keeping backups around for Apple, unless they suddenly became an ad company and started mining your backups for personalization data.

There is a business case - charge the FBI or any government agency for the cost of restoring/delivering it to them, or use the contents to improve any machine learning they are conducting, and I'm sure there are others.

For the longest time Facebook couldn't actually delete photos that you requested the deletion of. They could remove it from indexes so it couldn't be found, but if you had the link it would still be available (akamai cdn). Because, to them, either the cost of the hosting was miniscule compared to the cost of writing the software to ensure things actually got purged from the CDN.

In the EU, big tech companies actually delete your data within a short period of you clicking the delete button because they're scared of the GDPR requirements.

Outside the EU, small companies, or non-tech companies might we'll keep it forever.

Yep, this is what I do. I have a Synology NAS which I backup my Mac to using Time machine. Works like a charm, and everything is actually encrypted.
Makes me wonder why they only mention iCloud specifically, does that imply our local OS is already pwnd?
So what about all the privacy billboards, 'What happens on your phone stays on your phone?'. New version: 'What happens on your phone stays on your phone and unencrypted on the cloud'.
Marketing is separate from facts.

Non Apple fans have been screaming about Apple's Marketing being detached from reality.

I will not be surprised if further reporting points a finger at the influence of China as well.

Apple already conceded to hosting Chinese iCloud data on Chinese servers, and that news came out about 2 years ago... which is also the timeframe reported for this decision to forego end-to-end encryption of iCloud backups.

I'm guessing here, but I think it's safe to assume that China was not going to permit such encryption (for the same reason they insist on hosting the data) and thus to provide it for the U.S., Apple would have had to fork iCloud. Add in the political risk in the U.S. and you have a recipe for "maybe not."

Apple has a list for that: https://support.apple.com/en-us/HT202303

These are end to end:

Home data

Health data (requires iOS 12 or later)

iCloud Keychain (includes all of your saved accounts and passwords)

Payment information

QuickType Keyboard learned vocabulary (requires iOS 11 or later)

Screen Time

Siri information

Wi-Fi passwords

The messages also end to end but the backup contains the private key.

The moral of the story is that if you want real protection, do local backups.

(comment deleted)
> The messages also end to end but the backup contains the private key.

Should this even be called E2E? I suppose it is, technically, but clearly not in spirit.

It is if you backup your device to your Mac or PC...or don't back it up at all.
I thought iMessage private keys are somehow based on data in the "secure enclave" chip, and thus not able to be stored in the cloud. It's my understanding that Apple could add new "devices" to listen in on future conversations, but it can't read iMessage conversations in transit between existing devices.

It can also read iCloud backups of conversation content, which are created by the client device after decrypting the message. But that's not the same as storing the private key itself in the backup.

Happy to have my understanding updated...

If you lose your device and buy a new one and restore your device with a back up, all your messages will be returned.

There’s no way to accomplish this without having the private key in the backup.

EDIT: When I say there is no way to accomplish this, I’m talking specifically about the process that exists today where the user doesn’t have to remember a password other than their iCloud password (which today, can also be reset).

> There’s no way to accomplish this without having the private key in the backup.

Uh, no. There's no way to accomplish that without some kind of user-managed escrow (even a pass phrase would be fine). It's maybe not the seamless experience Apple wants to offer, but it's certainly not impossible.

Frankly the kind of dummyproof restore being offered is fundamentally incompatible with private backups.

I would think that you could, however, encrypt that private key with a user-controlled password. (Granted, this should be optional and have big red warnings about being unable to recover without the password)
That’s exactly what they do for iCloud Keychain and Health data right now, so I don’t understand why they don’t do it for messages by default.
Maybe we're talking about different private keys? To clarify, here's how I think it works:

1) To send you a new iMessage, someone else's iPhone Z encrypts it with your public key and sends it through the iMessage network. Apple can't read this message since they don't have your iMessage private key, which is only on your device.

2) Your iPhone A receives the encrypted iMessages and decrypts them with your iMessage private key on your device.

3) iPhone A stores the decrypted iMessage content in its filesystem, which is encrypted locally with the device private key (derived from your device passcode).

4) Time to backup... iPhone A decrypts its filesystem with your device private key, and sends filesystem contents as plaintext, through an encrypted tunnel, to an iCloud backup server, which encrypts the backup locally with an iCloud server private key, and stores it.

5) You get a new iPhone, let's call it iPhone B. iPhone B asks iCloud for a restore. The iCloud server locally decrypts the backup, and sends it to iPhone B as plaintext through an encrypted tunnel. iPhone B receives the backup as plaintext and stores it locally, encrypting it locally with the device private key.

6) iPhone B iMessage client loads the plaintext old iMessages into the Messages client for you to read.

At no point in this process would Apple have or store your iMessage private key or your device private key.

You are right; Apple isn't storing your private key, they simply have access to an unencrypted dump of your iPhone at the time of iCloud backup creation. My comment implies that once you take a backup, Apple would have the ability to read all your future messages as well.
The encryption is a bit complex on the iPhone, because keys are typically held by the secure enclave which enforces policy on use. These keys are both used to encrypt the base filesystem, and can be applied by policy against individual files.

Example policies from the Secure Enclave would be that a private key is available on first unlock, only while unlocked, only while a PIN is set, and/or whether the key should be shared with other trusted devices.

The base filesystem is encrypted with a key released on boot, while individual files can be encrypted with some set of these policies. I believe this can be done either on individual files in an app's data, or as an entitlement to apply by default to the entire app. https://developer.apple.com/documentation/bundleresources/en...

My understanding is that files set with a policy that they are only available while the device is unlocked will still be backed up in the locally encrypted form. So, assuming Signal/WhatsApp/etc set a single flag their data is stored encrypted in iCloud.

Further, per your list I suspect that the backup data is sent to/from iCloud already encrypted by a secret - but that secret is shared with iCloud for recovery and shared further on official government request. The goal there is to limit the amount of unencrypted user data sent to third party servers (in this case in the US I believe Azure-hosted storage for backups).

The keys are separately stored on Apple-controlled servers in non-China countries. In China, I believe they were required by law to have the key storage instead hosted by a Chinese data center.

> all your messages will be returned.

Your messages are returned via the backup, not via the "iMessage servers". Once the messages are at rest on your device, they're no longer encrypted using your "iMessage private key".

Unsubscribing procedure seems however pretty acceptable

> Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn't stored by Apple.

But wait does it mean that if you haven't iCloud backup activated but use local backup you can actually sync message without storing private key... the wording here is important would be nice if someone clarify.

> But wait does it mean that if you haven't iCloud backup activated but use local backup you can actually sync message without storing private key

iMessage doesn’t use the backup for syncing. If you want to sync then both devices need to be logged into your account.

You can turn off iCloud backup for messages (with or without a local backup).

That definately isn't meaningfully true, because MacOS devices without enclaves can function as iMessage clients.
This is a really good point; I don't use Messages on my Mac so I forget that's an option.

Maybe the concept is the same, but on a Mac the private key is stored in the Keychain instead of a physical enclave?

I think it is in keychain, but my understanding is that Secure Enclave keys cannot be exported.
It's not uncommon for software to claim to offer this feature. Windows does it for example, and it was a bug in such a feature for WebCrypto in Firefox that made the news recently here.

Invariably such features are weak and a sufficiently capable attacker can override them. In Windows for example you could reach into the opaque data structure and toggle the Boolean that forbids exporting keys...

The secure enclave is a feature to secure the device and the data on it from casual threats. Apple gets a bit evasive any time the subject of security shifts to their cloud services. (i.e. they will talk about how a particular feature is e2e encrypted but their security talking points seem to mostly end at the device)

I think a better way to look at what they're selling you is a device that provides you pretty-to-very good protection from casual hacking and theft. But in the event of a government knocking on their door for more information, they'll quietly hand over what they can which probably is quite a bit more than the average consumer thinks it is. All bets are off as to what the full story is when the government/jurisdiction involved is not the United States.

https://www.sync.com provides end-to-end encrypted cloud storage options. Disclaimer I work there.
So does https://spideroak.com/ (I have no affiliation)
Or maybe rclone with encryption set to on. Then you have a bunch of clouds working for you with crypto which is only yours.
Have you read the SpiderOak disclaimer though?

NOTE: Logging in via the SpiderOak website does temporarily allow SpiderOak employees access to your password.

https://spideroak.support/hc/en-us/articles/115001854583-ONE...

That works for any service where you don't fully control the other endpoint. They are just being transparent. Although the wording re: website is peculiar. Could it be their form of a canary like warning?
As a developer, I expect that smaller shops' infrastructure isn't as thoroughly locked down and things like passwords getting logged to splunk/ELK is tech debt, and par for the course. However that's a very specific exception though, to the point that instead of putting work into adding that into their disclaimer, they could have made sure the password wasn't being logged instead.
They deleted all of my data when one of my payments didn't go through, without notifying me. They are impossible to contact outside of passive aggressive email support. I deeply regret trying to trust this company with my data, which is now gone. Do yourself a favor before trusting them and give them a call and to ask about their services.
E2e means next to nothing when using closed source software.

Apple could (have) issue(d) an update with code to steal yr anything, without you knowing, so FBI-or-whatever does not "complain".

I currently use one e2e service, BitWarden as keychain, that ticks the boxes (e2e AND open source client).

This hard line is too facile. If you are paranoid about malicious code updates, then making part of your stack open-source doesn’t matter. I could push an update to your OS that reads the keys out of your BitWarden.
Of course, there are open source operating systems out there...
Yeah, I always verify the hashes of updated binaries match what I compile myself in parallel. Also that takes too much time so I just never update anything and have a homebrew version of 'Damn Vulnerable Linux'.

/s

Long-term, there may eventually come a solution to this problem in the form of [binary transparency](https://wiki.mozilla.org/Security/Binary_Transparency). However, we're obviously a long way away from that being the norm, and there's still the problem of supply-chain attacks on hardware to consider.
I doubt the hardware supply chain can ever be secured. Even if you were to open-source every single part of manufacturing, there is no reliable way to ensure that the chip you, as a customer, have obtained, hasn't been backdoored. You'd have to delid it and put it under an X-Ray if that even resolves the tiny featuresin modern CPUs.
In short, there is no equivalent hashing function for hardware.
With an open hardware design, periodically de-liding and examining a random sample of available consumer hardware would probably sufficient to protect the general consumer population, and targeted attacks become very difficult if you purchase your hardware from a store rather than order it by mail.

Even so I agree that examining all hardware in that manner is impractical. A better approach might be having a small, simpler core of secure open-source hardware managing your root of trust, and trying our best to mitigate the impact of compromises in the more complicated components (like the motherboard, CPU, etc) with approaches such as requiring open source firmware, sandboxing individual components by filtering their external communications through open hardware, and limiting their access to sensitive data like encryption keys. Obviously there's only so far you can go with that, but I don't think it's an entirely hopeless battle either.

It's a very interesting problem for sure.

>With an open hardware design, periodically de-liding and examining a random sample of available consumer hardware would probably sufficient to protect the general consumer population, and targeted attacks become very difficult if you purchase your hardware from a store rather than order it by mail.

How do you trust the person that verifies the CPU? Can you trust the X-Ray imaging machine? Is the X-Ray Machine verified to be open source and not backdoored to hide backdoors (aka bootstrapping trust).

You'd have multiple trusted independent parties from multiple international jurisdictions reviewing the hardware design, not just one. And yes, obviously the X-Ray machines would need to be verified using similar techniques.
But how do I trust the independent parties?
The same way you trust anybody? If you're so paranoid that you believe literally everyone is out to get you, then you're not going to be able to function in any society, let alone one as interconnected and interdependent as our own.
But this is about trust. With open source, anyone who understands even a little bit of code can atleast attempt to understand it.

You can hash the source code and verify that what you have is the same that the developer shipped.

There is no hash function for hardware.

How do you trust your hash program? How do you trust the cryptographers who came up with the hash algorithm? How do you trust your compiler is faithfully interpreting the source code you're reading?

IMO if you're at the point where you believe you can't trust multiple decentralized, independent, multi-jurisdictional bodies all telling you the same thing: that the hardware they've tested matches the published design, you've reached a level of paranoia where no amount of reassurance, technological or otherwise, will satisfy you.

I suppose if you really wanted to you could build your own X-Ray machine from scratch and check the design yourself. That's probably not much more difficult than going line-by-line and manually verifying the source code of your entire software tool chain because you don't trust anyone else who's read the source code enough to believe them when they tell you they've already verified that everything looks correct and that your text editor probably isn't lying to you about the contents of your source files. Which is to say probably totally impractical, but again, that's kinda my point.

It's turtles all the way down
But is there fully open source hardware with no possibility of a backdoor?
Yeah, try to do that on a mainstream Linux distro for example.

While I'm not saying maintainers & users are checking all changes in packages, all the work happens in the open & all the source is compiled on distro infrastructure.

So once you actually do an atack like this and it is discovered, you can be sure anything done by the maintainer will be combed with a very fine brush & the account disabled.

Given that it can take years to build the trust needed to become mainatiner of an important package, only to loose it all once you atack is known, I really can't see this used for anythin else than very targetted high stakes attack omce off attack, definitelly not for any long term dragnet surveilance.

Or you could root target’s Intel ME or AMD PSP if you know what the NSA codename(BYEMAN or ECHELON or the likes) for those are.
I meant that closed source even gets less safe when allowing auto-updates. When using opens source the auto-updates need to be trusted; yes. Nothing new.
Two things:

1) There is no way Apple would be allowed to sell iPhones in China, without China government having access to anything. So, I assume that Apple users in China have e2e encrypted exactly nothing.

2) I have a strong suspicion that those 'enter your Apple ID password because your account needs it' message really means 'a government has requested your data and even though it's encrypted, we will nag you about entering a password, and if you give it, you're a free game'.

I don't blame Apple for this, I'm sure they're doing what they can, but when a government says 'give us this data', they can't not comply. Vote responsibly - companies can't protect us from a government we have put into power.

My impression is that iMessage is indeed encrypted end-to-end in China, same as everywhere else.
iMessage is. iMessage backups are not.
Yes, same as everywhere else.
The key is included in the iCloud backup stored by Guizhou on the “Cloud Big Data Industrial Development Co., Ltd.“

https://support.apple.com/en-us/HT208351

If you use iCloud backups then your iMessage key is stored unencrypted regardless of which country you're in. That's a main point of this article.
Apple's decision to store the keys on Chinese servers was criticized because it effectively reduced security for Chinese iCloud users:

> Chinese users of Apple’s iCloud service will see their data–along with that data’s cryptographic keys–stored inside the country beginning Wednesday, Reuters reports. The move will mean that Chinese authorities will have easier access to Chinese users’ iCloud data than before when that data was stored in the U.S. The move is a contentious one, as human rights activists say Chinese authorities will now have an easier means of obtaining dissidents data since it no longer needs to go through the U.S. legal system to get Apple to hand over its cryptographic keys for Chinese users.

https://www.fastcompany.com/40535933/apple-will-store-icloud...

> 2) I have a strong suspicion that those 'enter your Apple ID password because your account needs it' message really means 'a government has requested your data and even though it's encrypted, we will nag you about entering a password, and if you give it, you're a free game'.

Haha I hadn’t thought of that. If true, I must have every government requesting my data frequently as I constantly get bombarded to enter my iCloud password.

FISA warrants can go multiple hops from the target which with network effects can sweep up tons of unrelated data from random people who happened to interact with someone who interacted with x bad guy.

That’s just for domestic surveillance keep in mind.

Seriously. It drives me nuts just how much my iPad asks me for my password. I'm not all in on Apple's ecosystem so maybe that is why? IDK.
Regarding #1: iCloud in China is operated by a mainland Chinese company and subject to that company's terms and conditions. So you can pretty much assume iCloud data is completely accessible by the government.

Source: https://support.apple.com/en-us/HT208351

Apple uses third party data centers, if it can't host encrypted data on a Chinese server without China having access to the data, there is something wrong with the encryption.
I would urge you to read up on the Chinese cryptography law [1] which took effect on the 1st of this year. Essentially all companies foreign or not must provide unencrypted access to data to the Chinese government and must do so in secrecy. Prior to this, companies were being compelled to give up their data anyways but this just makes things easier.

By the way, the source below is an official Chinese government media source.

[1] http://www.xinhuanet.com/english/2019-10/26/c_138505655.htm

Do you have any evidence that Apple rearchitected their system to have access to private keys that it doesn’t have access to anywhere, to have access to give it to China?
Technology is irrelevant here. Laws (or in China, the Chinese Communist Party) govern these things.
So technology is irrelevant when it comes to the entire architecture of how public/private key encryption works?
No. How the technology works is irrelevant when the end result is that the government wants the data.

If your boss asks you to build a machine that produces a widget, does he really care what your code looks like? Probably not. In the same vein, Apple can figure out whatever solution they want, whether it involves conventional use of encryption keys or not, to provide a system where the Chinese government can get access to their users' data.

It's really not that hard.

Do you have any proof? Any citations from security experts?
It doesn't take Bruce Schneier to understand how laws work.
And you still haven’t provided proof that it is required or that Apple has uploaded users private keys or given up private keys.
At this point, you're either a shill or a troll or did not earn your high school GED.
> It is the latest development in a pattern of Apple acquiescing to Beijing’s demands. Last July, Apple deleted VPN apps from the App Store that let mainland Chinese internet users evade censorship. Apple’s lawyers have also added a clause in the Chinese terms of service that states both Apple and GCBD may access all user data. Apple has not responded to requests for comment.

> Meanwhile, Chinese laws do not protect internet users’ privacy from government intrusion. In 2015, China passed a National Security Law, which included a provision to give police the authority to demand companies let them bypass encryption or other security tools to access personal data. The National People’s Congress was not available to comment.

https://www.theverge.com/2018/2/28/17055088/apple-chinese-ic...

Well, after actually reading the Reuter’s article that the verge citation is based on...

Apple says the joint venture does not mean that China has any kind of “backdoor” into user data and that Apple alone – not its Chinese partner – will control the encryption keys. But Chinese customers will notice some differences from the start: their iCloud accounts will now be co-branded with the name of the local partner, a first for Apple.

> And even though Chinese iPhones will retain the security features that can make it all but impossible for anyone, even Apple, to get access to the phone itself, that will not apply to the iCloud accounts. Any information in the iCloud account could be accessible to Chinese authorities who can present Apple with a legal order.

> Apple said it will only respond to valid legal requests in China, but China’s domestic legal process is very different than that in the U.S., lacking anything quite like an American “warrant” reviewed by an independent court, Chinese legal experts said. Court approval isn’t required under Chinese law and police can issue and execute warrants.

https://www.reuters.com/article/us-china-apple-icloud-insigh...

Apple says the joint venture does not mean that China has any kind of “backdoor” into user data and that Apple alone – not its Chinese partner – will control the encryption keys. But Chinese customers will notice some differences from the start: their iCloud accounts will now be co-branded with the name of the local partner, a first for Apple.
From the same article:

> That means Chinese authorities will no longer have to use the U.S. courts to seek information on iCloud users and can instead use their own legal system to ask Apple to hand over iCloud data for Chinese users, legal experts said.

U.S. courts are highly unlikely to order Apple to release iCloud data to Chinese officials. Any cases would be public and attract international media attention. For Chinese iCloud users, that makes all the difference.

How many countries have laws that state user data must not be in foreign data centers?

Every company in the US has to comply when it’s ordered by the court to give up user data. The US justice system is not exactly a shining light on the hill when it comes to needing a high bar to give investigators search warrants. All someone has to do is say “terrorism”, “drugs” or “protect the children” and courts will fall over backwards.

Also from the same article:

Until now, Apple appears to have handed over very little data about Chinese users. From mid-2013 to mid-2017, Apple said it did not give customer account content to Chinese authorities, despite having received 176 requests, according to transparency reports published by the company. By contrast, Apple has given the United States customer account content in response to 2,366 out of 8,475 government requests.

You have much more faith in the US justice system than I do.

You're missing the point. From your quote:

> Until now, Apple appears to have handed over very little data about Chinese users. From mid-2013 to mid-2017, Apple said it did not give customer account content to Chinese authorities, despite having received 176 requests, according to transparency reports published by the company.

By moving iCloud data and keys to China, the amount of data Apple handed to Chinese authorities on Chinese iCloud users went from zero to a nonzero amount. Therefore, Apple degraded the security and privacy of Chinese iCloud users by making the switch to Chinese servers.

Due process is much more frequently ignored in China than in the United States, but that fact isn't even necessary to establish that Apple's switch to Chinese servers negatively affected Chinese iCloud users. The above is sufficient.

https://web.archive.org/web/20111019034145/http://www.law.ya...

The linked Rueters article quoted a statement where Apple said “they are still in control of the keys.”
You need to brush up on your Cryptography 101 course before arguing with people about how asymmetric encryption keys work. There is nowhere that states that only one entity can have "control" of the keys. If you don't understand that, then I can see why you're so confused about this whole situation.
I've just read the article you linked[1], as well as several others [2][3][4] and cannot find any information about this:

>all companies foreign or not must provide unencrypted access to data to the Chinese government and must do so in secrecy

either plainly stated or implied.

Can you provide a source for this claim? I don't doubt that this may occur, but I'd like to speak with _my own_ managers about my china & encryption concerns in an informed way.

[1] http://www.xinhuanet.com/english/2019-10/26/c_138505655.htm

[2]https://www.insideprivacy.com/data-security/china-enacts-enc...

[3]https://thediplomat.com/2019/10/decoding-chinas-cryptography...

[4]https://www.iflr.com/Article/3907570/PRIMER-Chinas-cryptogra...

It would be trivial for the Chinese gov't to sniff RAM or the bus and get everything they need anyways.
What exactly are they going to “sniff”? Private keys never leave your device.
The keys that encrypt the iCloud data are never on your device. They don't even need to sniff the keys. They control them.
Apple clearly lists which data is e2e encrypted and which isn’t. The keys that encrypt e2e data is not stored on Apple’s servers.
And we were talking about iCloud data here. So why were you claiming the keys were on the device?
And that doesn’t make the statement untrue. Apple clearly lists which data stored on its servers are e2e encrypted. Those are all considered “iCloud data”.
The keys exist on machines managed by the third party, which is controlled by the state. Therefore, the state has access to the data.

Edit: Apple itself has stated that the keys are in China. The option of having Apple devices talk through the Great Firewall to servers in the US that then encrypt the data for storage in China (and on the querying end, request encrypted data from China to decrypt and process in the US to serve back to devices through the Great Firewall) that Apple apologists wishfully theorize is every bit as ridiculous as it sounds. https://www.reuters.com/article/china-apple-icloud/rpt-insig...

The private keys don’t in fact “exist on machines managed by a third party”. That’s kind of the entire concept of public/private key encryption.
Nothing about assymetric crypto mandates that a 3rd party cant manage the key. In this case, CCP has the key.
Do you have any proof that Apple rearchitected their system to send private keys that were only stored on their device back to Apple?
The iCloud keys exist on the iCloud servers (which are under CCP control in China). That's how you can search your mail and documents from any device.

If you want to change the subject and talk about iMessage instead of iCloud, the architecture of that system allows for the government to intercept all messages as well. https://www.wired.com/2015/09/apple-fighting-privacy-imessag...

I have not changed the subject. Apple clearly delineates which data is e2e encrypted and which data is not. Those same standards apply in the US and China - unless you have evidence otherwise.

I no more trust my privacy to the US government than a Chinese citizen should trust China.

> I have not changed the subject.

You started this thread by responding to somebody discussing the Chinese government's access to all iCloud data, but you changed the subject to talk about systems where the private key is on device, which does not apply to iCloud. You absolutely did change the subject.

> Those same standards apply in the US and China - unless you have evidence otherwise.

Those same standards don't actually protect your data from whoever controls the iCloud server or whoever controls the iMessage key server. In the US, that is Apple, so Apple has access to that data. In China, that is the Chinese government. Therefore, the Chinese government has access to all Chinese iCloud and iMessage data.

> I no more trust my privacy to the US government than a Chinese citizen should trust China.

Then you are unfamiliar with the laws of both countries.

You started this thread by responding to somebody discussing the Chinese government's access to all iCloud data

If some of the data is e2e encrypted using private keys,China doesn’t have access to “all data”

Those same standards don't actually protect your data from whoever controls the iCloud server or whoever controls the iMessage key server.

If the private key is generated by the same entity or “key server” that generates the public key, and then transmitted to the client. That kind of defeats the entire purpose of public/private key encryption.

I’ve never seen an implementation of public/private key encryption where the client device doesn’t create the key pair and send only the public key to encrypt data.

> If some of the data is e2e encrypted using private keys,China doesn’t have access to “all data”

You have two mistakes in this sentence.

1. None of the iCloud data (mail, docs, drive, etc.) is E2E encrypted. Some of the data stored in iCloud (like keychain backups) is encrypted prior to being sent to iCloud (using symmetric encryption, not with asymmetric key pairs). China has access to the data that was ultimately sent to iCloud.

2. The way Apple implements E2E encryption for services like iMessage that are E2E encrypted allows China access to that data.

> If the private key is generated by the same entity or “key server” that generates the public key, and then transmitted to the client.

That's the point. Since Apple's implementation relies on a key server to distribute public keys, it is straightforward for the key server to generate its own key pair and serve a fraudulent public key to the recipient, decrypting and re-encrypting messages that the iMessage servers relay. Apple relies on the technical illiteracy of its users to get away with its deceptive and often plain false marketing claims. Now you know better.

The “key server” does not in fact “generate public keys”. It distributes public keys. But you can’t decrypt a message with public keys - that’s kind of the point...

But after reading research from security experts you have found a citation where Apple is generating a key pair from its servers and sending the private key to the client?

> The “key server” does not in fact “generate public keys”.

That's the point. It should not, but the security model of iMessage allows the key server to get away with it, which is almost certainly happening in China right now. Try reading the article and following the example.

> But after reading research from security experts you have found a citation where Apple is generating a key pair from its servers and sending the private key to the client?

No, it sends the public key. Encrypting messages is done with the recipient's public key. Go read the Wikipedia article on asymmetric encryption. Because the owner of the keyserver can send its own public key, it can decrypt messages with its own private key before re-encrypting with the intended recipient's public key.

Again, if it Apple were in fact creating their own key pairs on their server and sending users the key pair, don’t you think someone would have discovered.

But since it’s in a Wikipedia article, I guess that kind of closes the case.

> [If] Apple were in fact creating their own key pairs on their server and sending users the key pair, don’t you think someone would have discovered.

You once again misunderstand the vulnerability. The vulnerability is that China does this because China controls the keyservers in China.

As far as anybody discovering this, that would be very difficult because Apple does not let you install your own apps on the device and would not approve an app designed to detect this.

But even more, why would they bother? People who care about their privacy will simply avoid closed source software and especially closed systems like Apple's instead of trying to use a known compromisable system safely.

>But since it’s in a Wikipedia article, I guess that kind of closes the case.

I was pointing you to a place where you could learn about cryptography because you seem not to understand the basic concepts. The Wikipedia article does not describe this particular vulnerability.

> Those same standards don't actually protect your data from whoever controls the iCloud server or whoever controls the iMessage key server. In the US, that is Apple, so Apple has access to that data. In China, that is the Chinese government. Therefore, the Chinese government has access to all Chinese iCloud and iMessage data.

Seeing as how Apple complies with FBI and law enforcement requests to get iCloud data, that is definitely not the case in the US.

The laws of the US say a lot of things. But the facts are that all the government has to do is scream “terrorism”, “drugs”, “or think about the children” and they can easily get a warrant. The law states that one branch of government has to ask another branch of government for a warrant. You have to believe that the judicial branch actually would safe guard privacy and keep law enforcement from overreaching.
> You have to believe that the judicial branch actually would safe guard privacy and keep law enforcement from overreaching.

These warrants become public record. I don't have to blindly believe it. I can look at the records and see that the US is not even close to China as far as government access to user data.

> On Wednesday, Apple officially handed over its iCloud operation in China to a local state-run company, along with all encryption keys to unlock local user data. The switch will give the Chinese government unfettered access to the photos, emails and contacts of over 240 million iPhone users in China.

https://observer.com/2018/03/apple-grants-china-full-control...

> "The simple fact is that once the encryption keys are stored on Chinese servers, they will be easier for Chinese authorities to access — with or without legal requests," says Sharon Hom, executive director of Human Rights in China, a US-based NGO. "Since Apple has declared its willingness to 'comply with Chinese law,' its reassurance that it, not its Chinese partner, would control the encryption keys is not exactly reassuring. In addition, Chinese authorities could bypass Apple to address their requests directly to Apple’s Chinese partner, a state-owned enterprise that, of course, would have to cooperate with Chinese authorities."

https://www.wired.co.uk/article/apple-icloud-china-iphone-da...

You say vote responsibly but neither of the 2 parties will address this.

The libertarian party surely would but most people don't even know it exists, i would guess.

>1) There is no way Apple would be allowed to sell iPhones in China, without China government having access to anything. So, I assume that Apple users in China have e2e encrypted exactly nothing.

E2E works exactly the same in China. You can read more in my comments here:

https://news.ycombinator.com/item?id=20904857

The same "vulnerability" of being able to respond to legal requests for iCloud data that exists in China exists everywhere else in the world.

Please stop spreading disinformation. Your sources are outdated and the quotes that you are referencing are not legally binding. The fact is that Apple has clearly stated that iCloud data for Mainland Chinese users is stored on servers operated by a Chinese company, which must abide by the local laws and regulations. It is also a well known fact that all companies operating in China can be compelled by the Chinese government to provide data and do so in secret.
There's no disinformation in my comments. I seem to be one of the few people on the planet who seems to have actually dug into this exact issue while others only offer the typical FUD we've seen about how Apple's encryption works in China.

The fact is that Apple has said multiple times (and even under oath) that end-to-end encryption applies to iPhones and iMessage in China, the same as it does everywhere else.

And once again Erik Neuenschwander, an Apple privacy exec, told Congress in a hearing in December that this was still the case.

At 02:10:46

https://www.judiciary.senate.gov/meetings/encryption-and-law...

> In fact I seem to be one of the few people on the planet who seems to have actually dug into this exact issue while others only offer the typical FUD we've seen about how Apple's encryption works in China.

I think instead of researching how Apple works in China, you need to start doing some research on how the Chinese government works and their track record on legal matters and rule of law.

Also, the segment in the Senate hearing you referenced shows a senator who obviously does not have a good grasp on encryption technology asking bumbling questions about encryption. I have paraphrased the section here:

> Senator: Do you sell phones in China? Are they encrypted? > Apple: The phones are the same and all of our phones are encrypted across the world

Yes, obviously all phones have encryption but the Senator did not clarify what was being encrypted here and Apple took advantage of this in the response.

> Senator: You're telling me that they [China] allows you to sell devices without you allowing them to breach the encryption and gain information about the users? > Apple: You're 100% correct

Once again, the question posed was incoherent. Of course there is no "breaching of encryption" here - the Chinese government just asks for the keys or the data. It's all about language here.

If this Senate hearing is your case for why data is safe in China, I honestly fear for all the political and religious dissidents that are trusting Apple for their safety.

The question and his answer were both completely clear. And most importantly, it's perfectly consistent with what Apple has said multiple times. You can believe they lied to a federal court and Congress if you want, but I certainly don't.
There is no lying here. Only poorly worded questions that are conveniently misguided to the benefit of Apple.
I looked at your other comments so I know you're one of the bad faith FUD peddlers.

But for anyone else that didn't click through to the thread I linked, you can hear it from the horse's mouth right here:

https://www.youtube.com/watch?v=VD1cP8SK3Q0&feature=youtu.be...

Didn't take long to escalate into an Ad Hominem attack did it?

By the way, I don't think a Vice video with a puff-PR interview with Tim Cook about data privacy is going to help your case. It's about as effective as going into prison and asking an inmate if he's innocent.

I think there might be misunderstanding about what exactly is "encrypted" and how. The comment 3 or 4 levels above says:

> The same "vulnerability" of being able to respond to legal requests for iCloud data that exists in China exists everywhere else in the world.

And an article on Apple's site [1] confirms that most data in the cloud are "encrypted", but without E2E encryption, possibly in a reversible way. That article also notes that while messages are E2E encrypted, a cloud backup might contain a key to decrypt them:

> Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices.

So it is possible that the data on the phone are encrypted, the data in transit are encrypted, the data in the cloud are encrypted for every user in the world, but the cloud operator has the encryption keys for some of the encrypted data: Chinese operator for data of Chinese users and Apple for everyone else. This doesn't contradict neither with Apple's statement nor with the article nor with that comment above.

[1] https://support.apple.com/en-us/HT202303

It was a reduction in security for Chinese iCloud users:

> The U.S. company is moving iCloud accounts registered in mainland China to state-run Chinese servers on Wednesday along with the digital keys needed to unlock them.

> In the past, if Chinese authorities wanted to access Apple's user data, they had to go through an international legal process and comply with U.S. laws on user rights, according to Ronald Deibert, director of the University of Toronto's Citizen Lab, which studies the intersection of digital policy and human rights.

> "They will no longer have to do so if iCloud and cryptographic keys are located in China's jurisdiction," he told CNNMoney.

https://money.cnn.com/2018/02/28/technology/apple-icloud-dat...

The only thing in that list that would is of interest to a government are messages. Fortunately no-one really uses iMessage in China. People use WeChat and (you guessed it) the Chinese government has access to these.

As for the End-to-End encryption of iMessage it is a bit overrated. Apple does the key management for you. So theoretically they could pretend that the key of your interlocutor recently changed (because new phone or something), it would just work transparently. So if a "nefarious" entity were to gain access to iMessage servers, they could use that technique to decrypt, "on the fly", the messages of whoever they want to spy on, without the clients knowing that this even occurred.

When you use "WhatsApp" you have the ability to get some kind of warning when the interlocutor's key has been updated. It's also possible to check each others' identity by scanning some kind of QR Code. But the app does not really put any emphasis on which accounts have been verified. Signal is about as bad as WhatsApp. My guess a government that wants to spy on your WhatsApp/Signal messages probably could, because most people would notice the key change warning nor understand what it means.

Only Apps which makes a big fuss about key management (Threema for example) are properly End to End encrypted, with no possibility for Big Gov to hack into servers and spy on you by adding their keys to conversations. But then they would probably just hack the OS on your phone at this stage. In fact that method, is probably better than messing around with iMessage/WhatsApp servers. You bypass ALL forms E2E encryption, and you get access to everything else, with one swift hack. I bet the NSA and their Chinese equivalents have such hacks in reserve for very juicy targets they want to spy on.

With the kind of unlimited budget the NSA has, it's hard to imagine something they cannot hack. That is why big A-list targets like Bin Laden went totally off-grid for communication.

> companies can't protect us from a government we have put into power.

But.. the electoral college.

> if you want real protection, do local backups

Yes, this is unfortunately true and unfortunately complicated compared to iCloud backups.

I backup locally to my mac (encrypted), then I have my mac do time machine backups to my Synology NAS (encrypted) and then I have my NAS backup to BackBlaze (encrypted). I do that to satisfy the two pronged backup strategy: local (fast) and remote (slow, but useful in catastrophic local situations such as fire, flood, theft, etc).

I might be mistaken but I thought Backblaze doesn't backup external drives?
There are a few possible approaches. I figured they're using b2. I'm pretty sure Synology has builtin tools to mirror to it. Backblaze will backup external drives that are attached to the computer, but if they are disconnected for 30+ days the data is deleted. While network drives aren't backed up there are ways to have them appear as local drives (which I hear are a pain to deal with).
> Synology has built in tools to mirror to it

Yes exactly, this is what I'm using. There is a time machine folder on the NAS, the Synology tool mirrors that encrypted folder to backblaze. I have the backblaze sync set to run at 1am so it's not uploading and affecting my bandwidth while I'm (typically) awake. Yes, my remote backup is up to 24 hours behind my local time machine backup, but this is acceptable to me since it's only for catastrophic recovery.

Backblaze does back up (directly-connected) external drives but not NAS.
One thing to keep in mind with iMessage. Even if you back up locally the receiving party is probably using iCloud. So not sure how much it will really help.
Have they updated that page? Backups are the very first thing on the list.
The first list is stuff that is encrypted. Farther down the page is stuff that is end to end encrypted. It’s pretty misleading.
Right? I'm so confused now. That link appears to be opposite of the article.
So do you need to decrypt the backup of your iMessages to get to the private key inside of it, or can apple see your private iMessage keys in the backup without needing to decrypt anything?
Which is exactly why I use Signal exclusively.
Signal prohibits backing up chats on iOS. So there’s no question of information leaking from a backup when there’s no way to create it.
Sounds like another reason iOS is no longer the choice for security...
For me, not being able to back up chats is a feature. It even warns you if you download an attachment (e.g. an image) to local storage.
Just back up on your pc and select encrypt and not use iCloud, but that is a huge hassle
To be fair to Apple, if you believe Apples privacy policy, being able to access it, theyliky won’t access it and sell your data to advertising Agencies.
Beyond HN and tech circles, is there any detectable groundswell of demand for privacy? When you talk with friends & family about privacy, does anyone care?

When average people care about privacy, the large players will respond. Until then, pressure from the state can be accommodated without irking customers, so Big Tech will play along.

(comment deleted)
I seem to recall when Jennifer Lawrence (a famous actress you may have heard of) had her icloud storage hacked and leaked all over the internet, there was a bit of a murmur online and even offline about it.
General public are generally ignorant about risks in the tech they use. That doesn't mean they don't care about their privacy.

There's an assumption that laws and safeguards are in place so technology in general can be trusted and transacted on.

In other words they trust in us "the tech circle" to police ourselves and assert security and privacy. It's not circle jerk about privacy. It's a duty we have by being in the frontlines.

Exactly. The general public is never going to say “I demand end to end encryption and complete privacy” because they don’t know how all the tech works. But they’re surely going to expect that their private text messages are private and their private pictures are private. People expect privacy as a default and sharing as an option, and they rely on the “experts” (tech companies, lawmakers, etc) to help them.
Not exactly. Some people may not understand and also not care and I'm sure there are many many people who that fits. When you're talking about surveillance level vs. someone hacking your iPhone that's not really a comparison. Of course people don't want their private messages stolen, but that's not really the case with most surveillance. Not that I'm in favor of it necessarily but there are merits.

Surveillance and privacy aren't the same thing but this is the FBI and people are bringing up snowden. In general I think you're right privacy is just expected for personal messages, but at some point when it's just data I don't think most people care, and may in fact support some level of surveillance.

There's this popular conception that the average person doesn't care about privacy, but I think that's wrong. I just think that to really get a handle on what it means to be private in the modern digital age is too complicated for the average person. People are concerned but feel overwhelmed by the technical details and don't know where to start. You need to know the fundamentals of encryption, what a key is, backdoors, the difference between E2E and non-E2E, and so on. We, as the tech community, need to do a better job communicating and explaining.
>There's this popular conception that the average person doesn't care about privacy, but I think that's wrong. I just think that to really get a handle on what it means to be private in the modern digital age is too complicated for the average person.

Cypherpunks tried to sound the alarm around the time email got popular and had similar difficulty then - the barrier to adoption was too high and laypersons didn't really understand why they should care enough to overcome that barrier.

See Wired coverage from 1993 as one example of this view from the techno-savvy thinking things should be one way but acknowledging that reality is much different. https://www.wired.com/1993/02/crypto-rebels/

From the article Crypto Anarchy, he believes, is inevitable, despite the forces marshaled against it. "I don't see any chance that it will be done politically," says the Cypherpunk. "[But] it will be done technologically. It's already happening."

Rather than some digital utopia where personal information is heavily protected and not linked, we have a generation of programmers working to persist tracking cookies across browsing sessions, whether anonymous or not and law enforcement leveraging a scraped database of three billion photos to identify people whether they choose to be identified or not.

By following the electronic links we make, one can piece together a depressingly detailed profile of who we are: Our health records, phone bills, credit histories, arrest records, and electronic mail all connect our actions and expressions to our physical selves. Crypto presents the possibility of severing these links. It is possible to use cryptography to actually limit the degree to which one can track the trail of a transaction.

Of course that didn't happen beyond https everywhere for point-to-point encryption and regular leaks of consumer data proves once collected data is often not protected from public scrutiny, much less encrypted at rest, anonymized, etc. So even if you do protect your data perfectly there's still a chance it'll be discovered elsewhere. Rather than trying to create backdoors, government should be trying to enforce much more stringent regulations on use and protection of consumer data. However given the political zeitgeist I don't really see that happening.

Obviously there is. Otherwise it wouldn't be advertised on billboards and television.

Privacy is just like your personal health everyone wants a convenient solution but no company can honestly offer it. (Doesn't stop then from pretending they do)

"Military Grade Encryption"

Immediate giveaway that its just PR...

> does anyone care?

Actually yes. Some even have bought into VPN services without me recommending it and without any missionary ambitions from my part. Generally these are also not people using services of the largest offenders too much though.

I would even say the majority in my circle cares about it. They just have no real clue how to mimimize data exposure. There certainly is an effect that influences consumption though.

From the techies within my cirlce everybody cares, most to a pretty large degree.

Here in Germany there is a big TV ads campaign by Apple focusing on privacy.

At least their marketers seem to believe that there is a large enough groundswell to justify a campaign.

Maybe they don't care about privacy because they're defining it as secrets that people have. Snowden's description of privacy is much more powerful:

"And if we actually think about it, it doesn’t make sense. Because privacy isn’t about something to hide. Privacy is about something to protect. That’s who you are. That's what you believe in. Privacy is the right to a self. Privacy is what gives you the ability to share with the world who you are on your own terms. For them to understand what you’re trying to be and to protect for yourself the parts of you you’re not sure about, that you’re still experimenting with.

"If we don’t have privacy, what we’re losing is the ability to make mistakes, we’re losing the ability to be ourselves. Privacy is the fountainhead of all other rights. Freedom of speech doesn’t have a lot of meaning if you can’t have a quiet space, a space within yourself, your mind, your community, your friends, your family, to decide what it is you actually want to say.

"Freedom of religion doesn’t mean that much if you can’t figure out what you actually believe without being influenced by the criticisms of outside direction and peer pressure. And it goes on and on.

"Privacy is baked into our language, our core concepts of government and self in every way. It’s why we call it 'private property.' Without privacy you don’t have anything for yourself."

Beautiful compilation. Thanks.
the youth are either ambivalent or just not the point of understanding, have you seen how much they freely share with each other on messaging, dating, and other apps? Now for the most part today's schools lean pretty heavily towards indoctrination and with so many distractions at hand at their age they don't see issues we see.

As I posted before, then you get into the so called adult realm and many of them will trade away privacy if it gets them money off their coffee, coupons for grocery, or just to brag about their latest get away. it does not matter if its private or government channels, give them a reward and they want it.

Privacy also tends to be highly associated with identity theft not realizing that not only is privacy important for reasons of protecting your stuff but your person and your interest also need protecting both from government and private parties.

Also, some here seem to think they have more to lose than they do. It seems more about wanting to be part of a victim class as long as people and organizations they don't like are punished

tl;dr no, most don't care, give them a cookie and you can get their email and more

No there isn't, despite repeated high profile hacks.

I've spoken to many in security, selling E2E enablement for the enterprise, and even among CIOs, there is no urgency to implement this. You can imagine the indifference among the less tech savvy

Next time you encounter someone who claims they don't care about privacy, ask whether or not they close the bathroom door (or the stall in a public restroom) when they're taking a shit. And if they say yes, ask them why? What's going on in there isn't any big secret. It's not like they're in there plotting a terrorist attack. What are they hiding behind that door?

It turns out most people _do_ care about privacy. You just have to frame it in relatable terms.

I don't want anyone else watching me take a dump because that's private, and it's not any of their business. Likewise, I don't want other people knowing what articles I read on the internet, or what music I listen to, or reading the contents of my business plan, or scoping out my dick pics, or any of a thousand other things, because those things are also private and they aren't anyone else's business unless I choose to share them.

Restrooms have doors, and most people close them for privacy. Data has a privacy door, too, and it's called encryption.

> "ask whether or not they close the bathroom door (or the stall in a public restroom) when they're taking a shit"

This is a pretty bad question and a hyperbole. Most people would want no one (including people who they are usually intimate with) to watch them defecate. And that is not the same thing as government snooping on its own citizens. Arguments for massive surveillance given by governments is not so much about invading the personal privacy of people than it is about protecting national "security" or preventing "terrorism". For this reason, few people are going to get convinced if you equate the privacy to use the lavatory without anyone watching to the privacy of being able to communicate without the government monitoring you. The best argument against massive surveillance is the one that Snowden gave during a Reddit AMA:

> "Some might say "I don't care if they violate my privacy; I've got nothing to hide." Help them understand that they are misunderstanding the fundamental nature of human rights. Nobody needs to justify why they "need" a right: the burden of justification falls on the one seeking to infringe upon the right. But even if they did, you can't give away the rights of others because they're not useful to you. More simply, the majority cannot vote away the natural rights of the minority.

> "But even if they could, help them think for a moment about what they're saying. Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.

> "A free press benefits more than just those who read the paper."

Surprise! The "we value your privacy" statement is a lie, as with any other US company.
Are the iMessages in an iCloud backup encrypted or not? As of now. It seems actually unclear.
Yes, but the key is stored in your iCloud backup if you use it. As soon as you disable iCloud backups it will roll the key for iMessage and they will be effectively E2E encrypted.

When Messages in iCloud is enabled, iMessage, Business Chat, text (SMS), and MMS messages are removed from the user’s existing iCloud Backup, and are instead stored in an end-to-end encrypted CloudKit container for Messages. The user’s iCloud Backup retains a key to that container. If the user subsequently disables iCloud Backup, that container’s key is rolled, the new key is stored only in iCloud Keychain (inaccessible to Apple and any third parties), and new data written to the container can’t be decrypted with the old container key.

https://support.apple.com/guide/security/icloud-backup-conte...

> Yes, but the key is stored in your iCloud backup if you use it. As soon as you disable iCloud backups it will roll the key for iMessage and they will be effectively E2E encrypted.

Assuming this is true, you still don't know what people on the other end will do, meaning it is never actually E2E encrypted.

E2E usually means from endpoint device 1 (my iPhone) to endpoint device 2 (my friend’s iPhone). What the other person will do with it doesn’t factor into the conventional definition of E2E.
No, conventional definition is actually both: from endpoint device 1 to endpoint device 2 and from endpoint device 2 to endpoint device 1. If device 2 has backups in question enabled, there is no E2E anymore.
the great trick these companies and the government played on us was "You will be secure in your papers and effects but not ones located outside your home" so cloud backups were marketed just as the courts decided that they could invade your cloud data. It was a brilliant move towards mass surveillance.

I don't like how this is going...

As a big fan of the Mac and iPhone this is incredibly disappointing. I always assumed the privacy situation with Apple was candy-coated but I didn't think they were this spineless.
How can you be a big fan of a product knowing that it's full of lies?

Serious question.

Between things like this, and the shenanigans Google pulls (with Android, the store, developers, and other things), I'm quickly going in a different direction.

My ultimate plan is to build my own phone; yes, I'll still be stuck with a carrier (I use t-mobile, and I haven't had a problem with them over 10+ years I've used them), and the hardware won't be completely "open source", but the software and OS will at least be what I make of it myself.

In the meantime, I'll be playing with one of the Pine64 phones; hopefully it will give me most if not all of everything I want and need, and maybe I can help with bug testing or perhaps software development? At any rate, it won't be Apple or Google.

There are times that I have when I sometimes think to myself that going back to simple email on a text screen, and not much else, would be a better thing than what the web has become. Maybe go back to BBS's over ssh or something? "Dial In" using my TRS-80 Model 100 "laptop" and move out to the boonies...

It sounds like an awesome idea, and I’ve considered ordering a pine phone for the same reason.

I don’t know why anyone would down vote your comment. On “hacker news” it’s no longer considered cool to hack together your own tech?

When did HN become a corporate bootlicking dump?

Is Apple’s privacy white paper dealing with fats on iCloud just an eyewash now?

> Instead of protecting all of iCloud with end-to-end encryption, Apple has shifted to focus on protecting some of the most sensitive user information, such as saved passwords and health data.

> But backed-up contact information and texts from iMessage, WhatsApp and other encrypted services remain available to Apple employees and authorities.

Way to confuse laypeople with promises of security and data privacy. If Apple had concerns about users losing the key, why not implement it similar to two factor authentication on Apple IDs where Apple also provides the recovery codes (and additionally disallow any other mechanism of recovery)?