I predict substantial pushback from various governments on this. In the US, and Apple is an American company, one thing both parties agree on is that law enforcement requires access to your private data with a court order. This is due to a fundamental misunderstanding on how encryption works and the implications of adding backdoors, but they’re quite elderly and you can’t explain that sort of thing to them.
I would be downright shocked if laws weren’t immediately introduced in the US, the EU, and certainly China to force Apple to rollback this change in their regions. Those laws will pass. So why did Apple do it? Why did they suddenly stop kowtowing to pressure from law enforcement and various governments? Certainly the feature being opt-in will not stop that pressure. I’m opting in instantly.
I dunno, but I expect the story will come out.
They also added various non-controversial security measures including supporting hardware 2FA keyfobs and indicating whether an unknown device was added to your account or the account of the person you’re speaking to.
Oh, and the kiddie porn scanning stuff is also dead, Apple officially decided not to do it. Instead they’re adding on-device detection and notifications that don’t make it to the cloud. That feature was clearly intended to short-circuit most of the “won’t you think of the children” attacks that will no doubt immediately ensue.
Thanks for posting the news. I think this is GREAT (and a long time coming) & also plan to opt-in as soon as the OS updates arrive in the next week or so. Note that some items are not included because they need to be unencrypted to work with related open services (calendar & mail).
I’m guessing that one of the motivators for Apple has to be getting out of the intermediary business with law enforcement as much as possible in the first place. If you say you don’t have the keys then you can tell the police to go pound sand up to a point.
But yeah, some countries (China of course) will make that position unworkable.
So this is live with the release of 16.2, and I’m trying to set it up, but every time I try to create a recovery key I need to type it back in to verify, It generates a 28-digit key, broken up in to 7 groups of four digits. I write it down (double-checking), and then I need to reenter the key to verify. i’ve tried about 8 times using two different attempts and it says I failed to verify the recovery key. I’m about to throw my phone at the wall.
I tried a third different password and same issue. Fuck you, Apple.
It definitely won’t be on by default due to support considerations. I expect in a year we’ll see news stories saying “Only 4% of Apple’s users bothered to turn on E2E” and such. Compounding that is the fact that you need every device updated to turn it on, and there are a lot of older macs and iOS devices out there.
Legislation is definitely another possibility, although Tim Cook isn’t Elon Musk, Apple definitely thought about this long and hard for years and has enough attorneys to fill a stadium, so they do think they’ll get away with it, at least in western markets.
It won’t be the default because most people don’t need it and it’s a PITA. If you were some sort of public figure, sure, but the average user doesn’t need this. It’s great that it’s an option if you want it, but most people should not use it.
Everybody benefits from privacy. I agree most people probably shouldn’t use it, but that’s simply because “most people” forget their passwords regularly and that would lead to those aforementioned support problems.