Apple Inc dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.
If true, this is huge news and a very bad look for Apple. For all their marketing on Privacy, Apple has always had complete access to everything on your iPhone if you use the iCloud Backup service. (Apparently from reading Twitter this was less well known than I would have thought — how else was Apple providing gigabytes of data to the FBI in all of these shooting cases?) But the fact they killed plans (plans spoken about by Cook, no less!) to encrypt iCloud data without holding onto a master key to appease the United States Government is frighteningly chilling.
Menn is a solid reporter and I have no reason to doubt what he is reporting. What I suspect though, based on (a) everything we all know about Apple, and (b) my own private conversations over the last several years, with rank-and-file Apple sources who’ve been directly involved with the company’s security engineering, is that Menn’s sources for the “Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud” bit were the FBI sources, not the Apple sources, and that it is not accurate.
It simply is not in Apple’s nature to tell anyone outside the company about any of its future product plans. I’m not sure how I could make that more clear. It is not in Apple’s DNA to ask permission for anything.
Gruber makes a good case for Apple here. They don’t work by asking permission or consulting with sources. They do what they want to do, what they feel is the right thing to do, or what the customer wants. But after all of this talk about Privacy, how can anything but providing secure, user-encrypted data be right?
May be true, or part of the truth, but I heard at the time (and have repeated often since) that the main reason backups aren’t E2E encrypted is that, for most people, losing access to data is a much higher risk than having data stolen or subpoenaed.
I’ve read this before, possibly from Richie, and I definitely believe this is a big reason there’s no true iCloud encryption. But Apple could easily give us a checkbox that says “Delete the Apple Master Key” followed by a dozen “Are you REALLY sure?” confirmation boxes.
Once the decision was made [to drop full iCloud encryption], the 10 or so experts on the Apple encryption project – variously code-named Plesio and KeyDrop – were told to stop working on the effort, three people familiar with the matter told Reuters.
Based on this paragraph, it sounds like Apple has no one working on iCloud encryption and this will never be an option.
As for Apple’s biggest competitor? Google does offer secure encrypted cloud backups that can only be accessed by the user. Reuters again:
The maker of Android software, which runs on about three-quarters of the world’s mobile devices, said users could back up their data to its own cloud without trusting the company with the key.
They’ve had the option for a couple of years now, and as the Reuters article notes, they announced it at a time when encryption wasn’t a hot button issue. But it’s funny: Why isn’t the FBI complaining about Google’s backup encryption? Does anyone use the service? Google won’t say.
Another possible reason Apple won’t provide encrypted iCloud backups? Reuters:
[A former Apple employee] told Reuters the company did not want to risk being attacked by public officials for protecting criminals, sued for moving previously accessible data out of reach of government agencies or used as an excuse for new legislation against encryption.
And how’s that working out for you?
Trump, last week on Twitter:
We are helping Apple all of the time on TRADE and so many other issues, and yet they refuse to unlock phones used by killers, drug dealers and other violent criminal elements. They will have to step up to the plate and help our great Country, NOW! [sic]
Apple sells consumers their iPhones and Macs with the promise of privacy and security. You don’t get either of these with iCloud backups and storage — storage that, if you use more than 5 GB worth, you’re paying a monthly fee for that storage. If Apple is serious about “what happens on your iPhone, stays on your iPhone” they need to reverse this decision and begin offering real data encryption.
Essentially, don’t use iCloud Backups or store data on iCloud if you want your data securely encrypted and which is only accessible by you. Backup via
iTunes the Finder and check the box to encrypt the backups. If you want to better secure your phone against a GrayKey, use an alphanumeric password of at least 8 characters.