Another post from Gruber:
Personally, Iād like the OPTION. I donāt think this should be automatic for everyone, for the obvious reasons stated, but for those of us who fully understood the ramifications, why not?
āFail secureā is fine for users who know the risks and can mitigate for them (use a pw mgr, being the obvious one; as you can access your pwās despite losing all your devices on the good ones). For everyone else āfail safeā is likely all they need or want (although itād be good if more norms made use of a pw mgr, then itād mitigate the issue for more users).
Where this option is selected and how itās enabled is likely Appleās problem here. Iād suggest theyād have to make it known to users fairly well, but at the same time make enabling it a more thorough process, with a big banner saying āWARNING! ENABLING THIS FUNCTION MEANS APPLE CANNOT RECOVER ANY OF YOUR DATA FOR YOU IN FUTURE. USERS ARE ADVISED TO CONTINUE ONLY IF THEY HAVE FULL UNDERSTANDING, AS PER SUPPORT DOC: kb123467ā or something similar.
I wonder if instead, they may be thinking beyond this, into non-password related methodologies of user account access, given we know the ongoing issues passwords present.
Eg.
the initial reporting on this story is a decent example of what is wrong with tech reporting in general now-a-days, but the ridiculous re-reporting of it rewritten into scare quotes and clickbait nonsense really does show what is most wrong with the Internet right now.
All it takes is a tiny bit of thought to see this story for what it is, a twist of āprobablyā into a machine for making as much money of misunderstanding and outright misinformation as possible.
I mean, the real tech press has the story mostly right, but all the supposed news sites? What a bunch of garbage masquerading as journalism.
You have the option right now, and always have. Backup to your Mac and encrypt the backup.
If you want ācloudā backup, copy that backup to your iCloud, Dropbox, OneDrive, etc storage.
I agree with that. When the day comes where I have to back up to iCloud, Iād prefer having to be concerned with how I securely store an absolutely irreplaceable password than having to entrust a corporation I have zero influence over with my private data. For now, no iCloud backups for me.
Has Apple ever stated how long it takes them to completely erase all and any iCloud data it has after a user deselects iCloud backup?
Yes obviously you can manually do this, which many techieās may consider, but itās doubtful average people do, or those just either busy or who want their delta multiple-times-per-day incremental iCloud backups e2e encrypted.
Clearly Iām talking about a native iCloud solution, so users donāt have to do that, when a simpler in-built solution is possible.
Also, the point of iCloud backup is that, at least in theory, recovery is a simple process (though we know that often is not the case, unfortunately). For example the simplicity of getting back up and running easilyā¦ say youāre out of the country, lose your iPhone, buy a new one, you can set-up straight from iCloud backup, rather than having to have a computer and faff around with a more involved alternative process.
I donāt think that they do delete them, but you can do it yourself. On an iOS device, settings / iCloud / iCloud / Manage Storage / Backups - you can see and delete the backups whenever you wish.
Your are absolutely right of course. I guess my question should be, have they ever stated that when a user requests these backups deleted, they are actually promptly removed from Appleās storage?
Or could we find out one day that the data could be restored on Appleās end because itās only removed from the userās backup list (and therefore from user access), but Apple actually retains it (or parts of it) for more extended periods of time?
Even if there is no nefarious intent, I would expect some amount of retention. They perform periodic backups of the servers (at least I hope they do). As such, after you delete something, the content probably does exist in recent backups.
So the question then becomes one of how long they retain these backups. We can assume that if backups exist, they will be searched in response to a court order, even if for no other reason.
Iād presume their data-centres āmirrorā copies between two or more locations. So if you delete any data from your service, that deletion is mirrored after a short period of time at their other locations.
Thus they very likely do NOT have copies anywhere, within a few hours (and unlikely anyone can stop the mirroring event either; meaning you delete it, itās gone forever).
Note, of course this doesnāt include the iCloud Drive recently deleted docs function, but anything else like backups it would.