No, it was enabled, now it isn’t and I am unable to re-enable it.
2 Likes
A small clarification: The UK is not a member of the EU.
6 Likes
I’m pretty sure that number is for all of Europe.
1 Like
Actually, it’s ‘Europe, Middle East, Africa, and India’ so a massively larger area and population than the UK (I think India’s population is not far off China’s now?).
It looks like the government needs to be provided with a key by Apple for each account that they want to access so that they can look at iCloud backups and Notes, etc. That’s certainly not broad-spectrum trawling and I don’t think that’s the idea either. There is still no blanket backdoor access to iCloud that could be exploited by bad actors. It’s an interesting compromise.
iCloud data is still encrypted with our keys, but like adding a new device to iCloud, Apple can grant the UK government access in a somewhat similar way. Whether judicial review is necessary is not clear.
Unless you are a person of interest to the UK authorities, I can’t see that it makes much difference to us. If we in the UK were living in an authoritarian state, no doubt we would think otherwise. All online systems are leaky in one way or another, that’s the way it always has been but we choose to live with it as a matter of convenience. Each can draw the line where they feel comfortable.
However, this kind of targeted access does allow bad actors to be monitored. I can’t imagine that the current government has any desire (or the resources) to go on fishing expeditions. They must think it will be useful for law enforcement- will it?
Obviously, not using iCloud is one way around it for those who are concerned or bent but I suspect with this precedent, any cloud provider could be subject to the same order.
We can always protect sensitive documents within encrypted zip archives or sparse images and the government would then have to come to us and demand them to be made available.
You could switch to backing up devices to a Mac instead, not use notes for anything sensitive and limit the number of documents on iCloud, keeping the majority on the internal store. There are significant downsides and inconveniences, but that’s the game.
The account depends on the country they choose on App Store. When you choose one country, you have to provide the local card information. If you can’t, you can’t switch to that region.
So when those people come to the UK, their ADP is still on if the region stated on App Store is outside UK.
If someone living in the UK can choose the region outside UK (maybe he or she studies or works before and have the bank account there, or it’s where they are from which has an address or bank) their ADP can be enabled.
But closing ADP may not be the final arrangement as it may not totally satisfy the demand from the government (if they want the access to the world). And Apple on our devices just state “Apple can no longer offer ADP…”
“Can no longer…” but not something like “ADP is no longer available in the UK…”
Once you introduce a way to compromise an account without the user knowing—and I’m not sure the methods you’re describing are what’s under consideration—then these can be demanded by any government worldwide. There’s no such thing as a controlled backdoor. It becomes an exploit, whether for government use or by hackers.
5 Likes
Intresting! I haven’t heard a report of that yet—because of the way ADP works, there should be no method by which Apple could force disable, as you need to enter a passphrase in order to unlock the key, which they have no access to. Keep us apprised.
1 Like
I’m only trying to interpret the mechanism by which Apple are giving access - we may never know exactly what is happening. We also don’t know if any other jurisdiction can request access.
I’m still not convinced that this is actually a backdoor in the sense that there is one key that unlocks the whole system - Apple don’t look like they are allowing anything like this.
I can’t quite tell if you’re talking about the situation as it is currently (ie, Apple removing encryption and making it publicly known) or as it would have been if they had acceded to the order. If the latter, per the Post article on it, the capability absolutely would have given the UK government “blanket capability to view fully encrypted material, not merely assistance in cracking a specific account.”
Your larger analysis is almost exactly opposite to the historical record. The UK government (and the US) has frequently, repeatedly, and continuously spied in massively broad ways without any particular focus. The European Court of Human Rights ruled against the UK government for the “unfettered harvesting and processing of millions of people’s private communications” without warrants in 2021. I’d be interested to know if – with the UK out of the EU – the UK government thinks that ruling still applies.
3 Likes
Whatever Apple develops to meet this spec would have compromised the whole system. You cannot have a device-based E2EE system in which there is a method by which Apple (or any party without control and access to those devices) can magically add a key without this being possible on all accounts.
Remember when the FBI asked Apple to create a special version of iOS that would allow the agency to update the San Bernardino killers’ iPhone in order to more effectively crack the phone’s code? Apple’s response remains accurate today: you can’t create a compromised system that will only ever be used once, even in a limited circumstance in which the software would have to be installed on a physical device in someone’s possession.
Because ADP relies on device-based encryption and Apple’s entire system is based on Apple having no access to key generation or storage—the keys are stored in Secure Enclave on the various devices or temporarily in Safari locally for browser-based access—they have to re-engineer their system to allow a compromise to gain access.
Whether or not that might be used against one account or a billion, it no longer matters. They have compromised the integrity of the system.
5 Likes
It’s a good point but how we will ever find out I don’t know. A leak or a legal challenge are probably the most likely. Being out of the EU might make us, as users, more vulnerable.
If one assumes that the objective is mass harvesting of cloud data and that Apple has allowed that kind of access, severely constricting or ending your use of iCloud is the only way forward in the short term. Our computers used to be unconnected islands of data, maybe they will revert to that model, or something like it. We have bounced back and forth between local and distributed models over the decades.
I suspect this is just the start of wider surveillance of online data in general.
Not according to the 2 pages I found…but you could be right…it does seem a bit high now that I think about it again.
This is a definitive source (note that it is common practice for US companies to use the EMEA segmentation):
The Company’s reportable segments consist of the Americas, Europe, Greater China, Japan and Rest of Asia Pacific. […] Europe includes European countries, as well as India, the Middle East and Africa.
And for anybody interested, actual recent numbers are here:
and
1 Like
I fail to see how a “back door” to encryption will be able to catch anyone other than the “less sophisticated” criminals or terrorists. The smart/organized ones will realize they could be compromised and will encrypt their data and communications using “out of band” methods. If I (like many business that use cloud storage) encrypt my data before sending it to the cloud and don’t give anyone the key except those that I want to see it, then there’s no “back door” to exploit.
The words that come to mind in this alleged mandated encryption back-door request are “security theater”, “lazy”, and “naive”.
2 Likes
There are a lot of those, and they present threats as well. I’m not arguing in favor of the UK law, but let’s not think that it wouldn’t be useful to a degree.
The cryptography and security researcher Matthew Green of Johns Hopkins University has a very good analysis of this issue here:
One key point is one that I figured was true: the UK government is probably not asking for a backdoor that would allow them to decrypt data themselves - it is asking Apple to create their own key that could decrypt a particular user’s data (boldface is mine):
This was due to a critical feature of the new law: it enables the U.K. government to issue secret “Technical Capability Notices” that can force a provider, such as Apple, to secretly change the operation of their system — for example, altering an end-to-end encrypted system so that Apple would be forced to hold a copy of the user’s key. With this modification in place, the U.K. government could then demand access to any user’s data on demand.
I know that this is generally pedantic but I think it’s an important differentiation.
The European Court of Human Rights has nothing to do with the EU, the UK is still a member of the Council of Europe, and it is absolutely still bound by the judgements of the European Court of Human Rights.
4 Likes
Okay. Would you like to assure me 100% that the UK government is adhering to the decision? Thanks!
I think the criticism is justified because Apple ultimately has betrayed its UK users, and done so with no obvious hope of a return. The UK Home Office wants more than just UK users losing access to ADP.
But I agree that it’s politically difficult to object to lawful requests without creating a straightforward antagonism between a large corporation and a sovereign and “democratically” elected government. Fortunately, I think Apple can solve this problem in a shrewd way, which both disowns responsibility for bad government, whilst respecting user privacy, and that’s to allow interoperability with other hosts of iCloud-compatible services; it would only need to concede the possibility of some revenue loss, though unlikely as much as would be incurred by simply dropping out of the UK. Here I agree with Mark Nottingham’s analysis:
2 Likes