Apple Allegedly Dropped Full iCloud Backup Encryption under FBI Pressure

Originally published at: https://tidbits.com/2020/01/21/apple-allegedly-dropped-full-icloud-backup-encryption-under-fbi-pressure/

Reuters is reporting that Apple dropped plans to offer a stronger encryption option for iCloud backups under pressure from the US Federal Bureau of Investigation.

As I was reading this, I thought that iMazing offered the option to encrypt your backups locally, but now that I’ve gone to the website to look for it, I don’t see any mention of it.

Does anyone know if it does? I mean, I suppose you could always say that if your Mac has FileVault then you don’t really need your iMazing backups encrypted but I’d definitely use the option if it was offered.

I wonder how Apple’s usual logic applies here. Leave a back door for the good guys and it’s only a question of time until the bag guys figure out how to exploit it. In other words, while I have no trouble with Apple complying with a court-ordered request for data (assuming a court in a free country with a proper judiciary), how can I just assume Apple will never lose the key to my iCloud backup to a bad actor? Unlikely, sure. But impossible, I highly doubt it.

I feel really good right now about not relying on iCloud backups. All my backups are through iTunes and to my own local encrypted disk.

1 Like

iMazing does have an option to encrypt backups:

https://imazing.com/guides/backup-options-in-imazing

It can also get data from encrypted backups done by iTunes (if you know the password):

https://imazing.com/guides/how-to-extract-files-and-data-from-an-encrypted-iphone-backup

Because there is no real limit to how many times someone can try to guess the password of an encrypted backup, use a good one.

2 Likes

This is really the key difference between the iCloud and local backups. Even if the backup file isn’t encrypted (and I’m not saying you shouldn’t, I encrypt mine), you can encrypt your local disk and ensure only you have access.

That’s a big assumption. Apple can’t pick and choose which countries it complies with the law in. And even in those countries that we might consider ‘free’ and with a ‘proper judiciary’, the system can and does get abused by security services. I’m not saying that Apple shouldn’t comply with legal requests to the best of its ability, but I would say that the option to maintain control of one’s data should remain with that person.

Ah, very good. I knew it had the former. The latter is certainly interesting too. Will have to check that out.

Definitely a good place to use 1Password or similar to create a very long and random password.

Just remember that an iTunes backup that is not encrypted is missing data that both iCloud and iTunes encrypted backups contain, such as email and other app passwords, Health data, WiFi settings, and website history. Unless you’re forgetful (or don’t store the encryption password in the keychain if you have a Mac, which happens by default), you are far better off with an encrypted backup.

1 Like

I am not savvy to all the ramifications of this. But I know that my medical institution (who owns my phone) has always disabled cloud back up of the device. As already implied by comments here, the Apple cloud is not HIPAA compliant. I can imagine that this is an area where Apple sorely wanted entry given the massive amount of medical data. If you use your device to collect any health information, you may be surprised how often you have given away your HIPAA rights. So you may want to know - is there any patient information on my device? The answer is yes - but it is only in the email, no texts or other messages, no documents. Two-factor identification is used for all access to the electronic health systems when providers are out of the various buildings.

Apple’s HT202303

https://support.apple.com/en-us/HT202303

Says "For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where you’re signed into iCloud. No one else, not even Apple, can access end-to-end encrypted information.” And that Health data in included in this category.

Is this not as good as it seems?

John Gruber is writing a lot about this at Daring Fireball and it’s all worth reading:

1 Like

Healthcare providers sharing data with third parties is a related angle to throw into the privacy mix. This story just ran in the WSJ:

And this recently:

https://www.morningstar.com/news/dow-jones/201911118425/googles-secret-project-nightingale-gathers-personal-health-data-on-millions-of-americansupdate

Securely encrypted information can still be shared.

I hope Gruber’s right about E2E encryption coming as a new feature to iCloud Backups in the possibly not too distant future. I’m fine backing up locally through iTunes, but I have a hard time believing Apple is planning on keeping that around long-term.

2 Likes

Hi Tom, the problem is not what you store on your phone, its what your doctor stores in her phone about you. She can’t even have her schedule on it, if it were going to be backed up to the Apple cloud. This is a big pie that won’t have any apples!

Hi MM, Even HIPAA allows for sharing of anonymous data without consent. But I suspect that the health information that is being shared includes location data which means it is not very anonymous. I have read all the EULAs and requested my data from all the health apps on my phone. Each and every one collected location data even though these Apps are not listed under ‘Location Sharing’. And I can think of no reason that they needed to know where I was when I used the App.

1 Like

Location based pharmaceutical advertising is already huge and still rapidly growing in the consumer, physician and healthcare professional markets:

https://on.emarketer.com/rs/867-SLG-901/images/eMarketer_US_Healthcare_and_Pharma_Industry_StatPack_2018.pdf#page24

This is one of those things that’s so obvious it’s stunning that it took even hours for people to contradict the bs story. Of course it’s about data loss.

1 Like

Yes M - and now you know what all your seat mates on the subway are doing with their phones.

This.

Threat models are important. Most people aren’t targeted as individuals, and the biggest threats to their data are probably ransomware, house fires, thieves, etc. any of which can cause loss of all or most data. In some circumstances that data might be needed in a hurry to recover from whatever disaster caused it be lost. Criminals might also get access to it in general breaches, but for most people that’s a lower level of disaster than a fire. Apple presumably knows exactly the percentage of users locked out from how much data, and I expect it’s not negligible.

Some groups definitely need more protection–journalists, whistle blowers, protesters, government employees. For them, data being accessed by others is a often bigger threat than losing their own access to it. But they (usually?) know that they have a higher risk and do at least some research into how to mitigate it.

For each of the various kinds of data you have (contacts, financial, photos, works in progress, etc), you need to consider:

What happens if you suddenly lose access to it? 

What happens if some else gets it?

Unfortunately, getting most people to take the time to think about that, let alone act on it, is really hard. For my users, I’m all for data being easily and automatically backed up and recoverable at the expense of some security, because I’ve seen a few of the disasters when it isn’t recoverable.

2 Likes

At least I won’t sell their data.

Even Jeff Bezos wasn’t safe:

Yeah, if you’re really targeted by a nation state, they’re probably going to get you. But Bezos was extra stupid on several fronts. First to have the affair, then to keep the evidence of it and plenty of other goodies on a single phone, then to give that phone’s number directly to a nation-state and not expect something to go wrong. It’s not like he can’t afford to have several phones and numbers so he compartmentalize a bit. Heck, he could even afford to hire someone to carry them for him and remind him which to use when…

1 Like