Apple to end-to-end encrypt iCloud backups

I predict substantial pushback from various governments on this. In the US, and Apple is an American company, one thing both parties agree on is that law enforcement requires access to your private data with a court order. This is due to a fundamental misunderstanding on how encryption works and the implications of adding backdoors, but they’re quite elderly and you can’t explain that sort of thing to them.

I would be downright shocked if laws weren’t immediately introduced in the US, the EU, and certainly China to force Apple to rollback this change in their regions. Those laws will pass. So why did Apple do it? Why did they suddenly stop kowtowing to pressure from law enforcement and various governments? Certainly the feature being opt-in will not stop that pressure. I’m opting in instantly.

I dunno, but I expect the story will come out.

They also added various non-controversial security measures including supporting hardware 2FA keyfobs and indicating whether an unknown device was added to your account or the account of the person you’re speaking to.

Oh, and the kiddie porn scanning stuff is also dead, Apple officially decided not to do it. Instead they’re adding on-device detection and notifications that don’t make it to the cloud. That feature was clearly intended to short-circuit most of the “won’t you think of the children” attacks that will no doubt immediately ensue.

I haven’t had the time to dig into the news fully but this seems great.

I wonder if Apple itself will sell the hardware 2FA dongles, or are they leaving it to third parties?

Third parties so far. You can get a yubikey for like $12 through a Cloudflare link.

Definitely get more than one. If you lose your key with E2E enabled you are deeply and profoundly boned.

Thanks for posting the news. I think this is GREAT (and a long time coming) & also plan to opt-in as soon as the OS updates arrive in the next week or so. Note that some items are not included because they need to be unencrypted to work with related open services (calendar & mail).

I’m guessing that one of the motivators for Apple has to be getting out of the intermediary business with law enforcement as much as possible in the first place. If you say you don’t have the keys then you can tell the police to go pound sand up to a point.

But yeah, some countries (China of course) will make that position unworkable.

They are also canceling plans to scan their cloud for child porn

So this is live with the release of 16.2, and I’m trying to set it up, but every time I try to create a recovery key I need to type it back in to verify, It generates a 28-digit key, broken up in to 7 groups of four digits. I write it down (double-checking), and then I need to reenter the key to verify. i’ve tried about 8 times using two different attempts and it says I failed to verify the recovery key. I’m about to throw my phone at the wall.

I tried a third different password and same issue. Fuck you, Apple.

It’s not worth the hassle of enabling it. I don’t have anything that needs that kind of protection.

Edit: someone on another forum I visit said they can’t get it to work either. Says they failed on the password entry.

If you have any older devices not updated you can’t do it. Otherwise, I dunno!

Note that you don’t have to do the zillion-character recovery key thing if you setup a recovery contact in iCloud instead. I had no trouble enabling the extra encryption once that was done.

I wonder if they just want to tell various law enforcement agencies to screw off when they come asking for customer data. They must get tens of thousands of requests a year at this point.

Oh, I doubt it. Most people won’t turn E2E encryption on.

Very true, at least for now. Don’t you think this will turn into a default-on thing eventually, though?

I doubt it. As mentioned upthread, it’s expected this will be outlawed in countries like China, Saudi Arabia, and possibly even the USA.

It definitely won’t be on by default due to support considerations. I expect in a year we’ll see news stories saying “Only 4% of Apple’s users bothered to turn on E2E” and such. Compounding that is the fact that you need every device updated to turn it on, and there are a lot of older macs and iOS devices out there.

Legislation is definitely another possibility, although Tim Cook isn’t Elon Musk, Apple definitely thought about this long and hard for years and has enough attorneys to fill a stadium, so they do think they’ll get away with it, at least in western markets.

It won’t be the default because most people don’t need it and it’s a PITA. If you were some sort of public figure, sure, but the average user doesn’t need this. It’s great that it’s an option if you want it, but most people should not use it.

PITA == support considerations.

Everybody benefits from privacy. I agree most people probably shouldn’t use it, but that’s simply because “most people” forget their passwords regularly and that would lead to those aforementioned support problems.