Ask HN: If Apple integrated Time Machine with iCloud, would you use it?
It blows my mind that Apple, increasingly a cloud services company, has let best-in-class-by-a-mile-when-it-isn't-broken Time Machine basically languish and deteriorate and never integrated it with iCloud storage. It feels like they could dominate a many-billion dollar cloud backup industry over night if they wanted to? I would happily pay another X dollars a month to them for proper cloud backups of someone else if it meant getting the unlimited retention and interface functionality of Time Machine. Am I crazy? Would you? Would your families?
93 comments
[ 2.8 ms ] story [ 161 ms ] threadFor better or worse I’m a fully payed up member of the Apple ecosystem. I love that everything generally “just works” (maybe until It doesn’t…).
Currently use Arq with S3 but to be honest looking for something simpler. Tried BackBlaze years ago (could be 10 years ago) and found it slow and buggy, probably good now.
Would take an Apple online time machine warts and all.
I think fundamentally I believe that they would get the encryption and security around it correct, as in general they have a good track record with security and privacy.
https://www.backblaze.com/b2/cloud-storage.html
While I agree that their track record 5-10 years ago was poor with multiple false starts around iCloud/Me.com. I do think they have absolutely nailed their online services now, iCloud is brilliant and does everything that the market it’s targeted at wants (maybe except versioned backup).
And encryption.
I guess you don’t care about machine state. I, however, do.
I think it would need some work though, just mapping a disk image in the cloud wouldn’t be enough. Using TM across a network seems to create problems for many.
While Time Machine has languished and deteriorated, Arq Backup [1] is alive and well. Used with AWS Glacier it's practically free, aside from the 1 time cost of the software (in case anyone forgot - there used to be a paradigm where you could buy software for money and own it) and whatever you choose to pay for expedited restore from Glacier.
[1] https://www.arqbackup.com
This led you to selling your watch too? Crazy. I suggest not reading up on Android and privacy.
End-to-end encryption is meaningless if they see your data before it's actually encrypted. There's no point if the endpoints are compromised.
Apple resisted building a backdoored iOS for the FBI once.. will that work next time?
I don't really care that they want to "tap into" communications in order to fight crime or whatever. As far as I'm concerned, they're not supposed to be able to do that under any circumstances and for any reason. Any attempt to do so is abuse.
It's not some slippery slope, it's the reality of humanity.
The smart child molester will use these technologies regardless of your or the government's opinion about them. I guarantee you they'd rather go to jail for contempt of court or whatever than child abuse. What's at issue here is the availability of encryption to the general population.
Also, this has already been done for years by every single cloud service in existence. Apple came up with a way that preserves privacy and suddenly everyone's a privacy expert based in the reality of CSAM.
They'll never give you E2EE no matter how much privacy you cede. I'd be surprised if they're even allowed to - no doubt they're being threatened with punitive legislation if they do.
It's not like Apple's actual stance on privacy is without precedent.
yet a lot of ppl even pay money for av-products that do just that and even upload offending files to google (virustotal).
Think about it; the NSA can profile you based on every image that you have stored on your device. Too many extremist eco-terrorism memes saved in your camera roll? You'll get added to a list. Stocking up on right-wing propaganda? They'll flag your device and keep tabs on you "just in case" so they have due process when they do subpoena Apple for the raw iCloud dump.
I'd like to think there's a silver lining to all this, but the whole thing reeks.
This could very well be Apple testing the waters and trying to catch foolish criminals for a nice PR push when they decide they want to push it out to all devices. Once again though, there's no transparency here. We don't know what the list of hash collisions contains (and ostensibly won't ever know). You're welcome to use whatever device you want, but when people see black-boxes running on their system, I think they're perfectly right to be afraid. Much like how IME/PSP/T2 supposedly isn't used for surveillance, we have no way to verify that as users. We just have to take the word of these corporations and rely on blind faith that they won't abuse the MINIX system they control, or use DMA for anything evil.
For example, I would like the option to have my images scanned client-side so I could get E2E without Congress having a moral panic. Fair trade. The fact that the scanning was optional seems to have been forgotten.
Secondly, there’s also Apple’s anti-abuse strategy, which is that images only enter the database if they appear in databases from multiple governments.
That’s a long way from mandatory client-side scanning for misinformation. Also, you cannot tell me an evil country would not just have ordered client-side scanning at any time in the last decade. It’s not some revolutionary new idea.
So the OP is fleeing an Apple implementation on just iCloud Photos which never actually rolled out, to an AWS implementation which is scanning everything and not just iCloud Photos.
That’s ignorance at best and idiotic at worst.
It's a question of whose device it is. I paid $1000, it's in my pocket all day every day, it is mine and not theirs. I won't allow Apple to just run anything they want to on it, especially malware that is designed to do either exactly nothing or rat me out to the federal government.
You did miss something. CSAM reports were slated to be sent to the NCMEC, an "independent non profit" which for practical purposes is an arm of the FBI. It didn't sway me at all that the pushback made them scrap their plans. They took a clear position that they think they own the computer in my pocket, that they decide what runs on it, and I have no say whatsoever. Nor was I impressed at their alleged intention to only turn it on for iCloud users. In a slow boil one doesn't mind the lukewarm water.
The Apple Watch is completely useless without an iPhone. I will get off of all Apple products in the coming years. I suggest you read up on privacy ROMs - I don't run any of Google's spyware either.
At the same time, Google and Microsoft already have this CSAM in place, and when you run on GCP, AWS or Azure you are personally liable for CSAM so it's not like it suddenly goes away. Even with CMK and pre-transfer encryption you are still the one holding the CSAM bag.
Unless you are willing the reinvent every wheel yourself, there is little to be gained from not using an ecosystem. You should of course always retain a personally controlled backup.
Specifically, I wonder if we would’ve gotten an end to end encrypted iCloud as a result of client side csam scanning.
Right now there’s absolutely no path to end to end encrypted cloud for google and apple. Someone new could try to do it but there would have to be some way to do csam scanning or you’d be violating strict liability. Something like what apple did, effectively client side tagging and server side cryptographically probabilistic scanning, seems like the only way to accomplish this while staying in line with the government asks.
The problem, of course, is that apple is working against a corpus that is hidden.
I’m not sure what the right answer here. It’s an intellectually interesting problem with a lot of policy wrinkles.
Other companies have end to end encryption. Can you cite a case where a court found them liable for child pornography?
The UI hasn’t changed, but there have been big changes under the covers.
[0] https://venturebeat.com/2020/01/21/apples-icloud-backups-are...
I don't have a single extended family member who backs up their Macbook's properly. I've tried. No one wants to be bothered with having to periodically attach a USB drive to their laptop. And Time Machine to an SMB share is flakey.
The Macbooks in my home are setup to use Time Machine to an SMB share and Arq to B2 because I can help if something breaks.
For my kids away at college, they have an external USB drive, but neither reliably plugs it in. So their laptops are also configured with Backblaze because Arq's UI is too damn confusing.
It's especially non-sensical to me that Apple doesn't offer this since they already have offer to host your photo library, music library, and documents and desktop folders in iCloud, plus whatever other apps choose to sync to iCloud. They can exclude the OS and apps from the app store.
Now, I personally wouldn't use this as my sole backup. But for family members who aren't backing up at all? Yes, please.
I'm ok with Time Machine the way it is. I stay off iCloud, especially on a work laptop.
The notes solution that has worked reliably for us is to use a third party iOS text editor called 1Writer that calls the Dropbox API. For appointments check anything important on a second device after making edits. The Messages issue seems to only happen on a fresh install, so for each new device really scrutinize the message history if it's not there and if not reset it to factory and try again. It's all navigable, just annoying.
I'm ok with Time Machine the way it is. I stay off iCloud, especially on a work laptop.
I would not. Honestly I'm still kind of mad that I can't automate iPhone backups to my local Time Machine setup.
The endgame seems to be local cache, edge-retained warm storage and cloud-based bulk storage, all managed transparently.
I can trust encryption to some degree but after Apple's CSAM stuff, no way am I letting them do what they please.