Originally published at: https://tidbits.com/2020/01/21/apple-allegedly-dropped-full-icloud-backup-encryption-under-fbi-pressure/
Reuters is reporting that Apple dropped plans to offer a stronger encryption option for iCloud backups under pressure from the US Federal Bureau of Investigation.
As I was reading this, I thought that iMazing offered the option to encrypt your backups locally, but now that Iâve gone to the website to look for it, I donât see any mention of it.
Does anyone know if it does? I mean, I suppose you could always say that if your Mac has FileVault then you donât really need your iMazing backups encrypted but Iâd definitely use the option if it was offered.
I wonder how Appleâs usual logic applies here. Leave a back door for the good guys and itâs only a question of time until the bag guys figure out how to exploit it. In other words, while I have no trouble with Apple complying with a court-ordered request for data (assuming a court in a free country with a proper judiciary), how can I just assume Apple will never lose the key to my iCloud backup to a bad actor? Unlikely, sure. But impossible, I highly doubt it.
I feel really good right now about not relying on iCloud backups. All my backups are through iTunes and to my own local encrypted disk.
1 Like
iMazing does have an option to encrypt backups:
https://imazing.com/guides/backup-options-in-imazing
It can also get data from encrypted backups done by iTunes (if you know the password):
https://imazing.com/guides/how-to-extract-files-and-data-from-an-encrypted-iphone-backup
Because there is no real limit to how many times someone can try to guess the password of an encrypted backup, use a good one.
2 Likes
This is really the key difference between the iCloud and local backups. Even if the backup file isnât encrypted (and Iâm not saying you shouldnât, I encrypt mine), you can encrypt your local disk and ensure only you have access.
Thatâs a big assumption. Apple canât pick and choose which countries it complies with the law in. And even in those countries that we might consider âfreeâ and with a âproper judiciaryâ, the system can and does get abused by security services. Iâm not saying that Apple shouldnât comply with legal requests to the best of its ability, but I would say that the option to maintain control of oneâs data should remain with that person.
Ah, very good. I knew it had the former. The latter is certainly interesting too. Will have to check that out.
Definitely a good place to use 1Password or similar to create a very long and random password.
Just remember that an iTunes backup that is not encrypted is missing data that both iCloud and iTunes encrypted backups contain, such as email and other app passwords, Health data, WiFi settings, and website history. Unless youâre forgetful (or donât store the encryption password in the keychain if you have a Mac, which happens by default), you are far better off with an encrypted backup.
1 Like
I am not savvy to all the ramifications of this. But I know that my medical institution (who owns my phone) has always disabled cloud back up of the device. As already implied by comments here, the Apple cloud is not HIPAA compliant. I can imagine that this is an area where Apple sorely wanted entry given the massive amount of medical data. If you use your device to collect any health information, you may be surprised how often you have given away your HIPAA rights. So you may want to know - is there any patient information on my device? The answer is yes - but it is only in the email, no texts or other messages, no documents. Two-factor identification is used for all access to the electronic health systems when providers are out of the various buildings.
Appleâs HT202303
https://support.apple.com/en-us/HT202303
Says "For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where youâre signed into iCloud. No one else, not even Apple, can access end-to-end encrypted information.â And that Health data in included in this category.
Is this not as good as it seems?
John Gruber is writing a lot about this at Daring Fireball and itâs all worth reading:
1 Like
Healthcare providers sharing data with third parties is a related angle to throw into the privacy mix. This story just ran in the WSJ:
And this recently:
Securely encrypted information can still be shared.
I hope Gruberâs right about E2E encryption coming as a new feature to iCloud Backups in the possibly not too distant future. Iâm fine backing up locally through iTunes, but I have a hard time believing Apple is planning on keeping that around long-term.
2 Likes
Hi Tom, the problem is not what you store on your phone, its what your doctor stores in her phone about you. She canât even have her schedule on it, if it were going to be backed up to the Apple cloud. This is a big pie that wonât have any apples!
Hi MM, Even HIPAA allows for sharing of anonymous data without consent. But I suspect that the health information that is being shared includes location data which means it is not very anonymous. I have read all the EULAs and requested my data from all the health apps on my phone. Each and every one collected location data even though these Apps are not listed under âLocation Sharingâ. And I can think of no reason that they needed to know where I was when I used the App.
1 Like
Location based pharmaceutical advertising is already huge and still rapidly growing in the consumer, physician and healthcare professional markets:
This is one of those things thatâs so obvious itâs stunning that it took even hours for people to contradict the bs story. Of course itâs about data loss.
1 Like
Yes M - and now you know what all your seat mates on the subway are doing with their phones.
This.
Threat models are important. Most people arenât targeted as individuals, and the biggest threats to their data are probably ransomware, house fires, thieves, etc. any of which can cause loss of all or most data. In some circumstances that data might be needed in a hurry to recover from whatever disaster caused it be lost. Criminals might also get access to it in general breaches, but for most people thatâs a lower level of disaster than a fire. Apple presumably knows exactly the percentage of users locked out from how much data, and I expect itâs not negligible.
Some groups definitely need more protectionâjournalists, whistle blowers, protesters, government employees. For them, data being accessed by others is a often bigger threat than losing their own access to it. But they (usually?) know that they have a higher risk and do at least some research into how to mitigate it.
For each of the various kinds of data you have (contacts, financial, photos, works in progress, etc), you need to consider:
What happens if you suddenly lose access to it?
What happens if some else gets it?
Unfortunately, getting most people to take the time to think about that, let alone act on it, is really hard. For my users, Iâm all for data being easily and automatically backed up and recoverable at the expense of some security, because Iâve seen a few of the disasters when it isnât recoverable.
2 Likes
At least I wonât sell their data.
Even Jeff Bezos wasnât safe:
Yeah, if youâre really targeted by a nation state, theyâre probably going to get you. But Bezos was extra stupid on several fronts. First to have the affair, then to keep the evidence of it and plenty of other goodies on a single phone, then to give that phoneâs number directly to a nation-state and not expect something to go wrong. Itâs not like he canât afford to have several phones and numbers so he compartmentalize a bit. Heck, he could even afford to hire someone to carry them for him and remind him which to use whenâŚ
1 Like