That doesn’t make sense. Storing your data twice, once not E2E encrypted is the same as only storing it once without E2E.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Promotes iCloud's Advanced End-to-End Encryption Feature as Data Breaches Increase
- Thread starter MacRumors
- Start date
- Sort by reaction score
NO, it is not forced obsolescence when new feature requirements include hardware specs that do not exist on older devices. I guess if you try to run AI programs on an old Windows laptop and it failed, you would also say that is forced obsolescence?
It feels like if most people have had their data stolen in the past year, and it's only increasing, at what point do people become soft to that notion and stop caring?
For instance, why would someone go out of their way to buy an Apple device because it's more secure when they just know they are going to lose all of their data regardless? I mean, I guess it keeps your messages and such safe. And I personally see the benefit. But how can we stop our data from being stolen from other companies? We don't live in a vacuum.
This is only going to get worse after Apple is forced to allow side loading. Not saying that shouldn't be an option, but the fact remains that it's only going to get worse because of that, especially if for some reason they are forced to have it turned on by default with a range of App Stores pre-installed.
It would be great if every company supported Apple's sign in and payment services, and then at least if our account is breached we could have fake iCloud email addresses and all the payment info would be anonymous.
One service I have started using a lot is privacy.com. You can create fake cards that are tied to your real cards, and set limits on how much can be spent, or use as a one-time card. Then if that company stores your info and gets hacked, it either severely limits the damage or prevents it. Then I don't have to worry about getting new cards issued quite so often from data breaches. The only problem is this: What happens if privacy.com gets hacked?
For instance, why would someone go out of their way to buy an Apple device because it's more secure when they just know they are going to lose all of their data regardless? I mean, I guess it keeps your messages and such safe. And I personally see the benefit. But how can we stop our data from being stolen from other companies? We don't live in a vacuum.
This is only going to get worse after Apple is forced to allow side loading. Not saying that shouldn't be an option, but the fact remains that it's only going to get worse because of that, especially if for some reason they are forced to have it turned on by default with a range of App Stores pre-installed.
It would be great if every company supported Apple's sign in and payment services, and then at least if our account is breached we could have fake iCloud email addresses and all the payment info would be anonymous.
One service I have started using a lot is privacy.com. You can create fake cards that are tied to your real cards, and set limits on how much can be spent, or use as a one-time card. Then if that company stores your info and gets hacked, it either severely limits the damage or prevents it. Then I don't have to worry about getting new cards issued quite so often from data breaches. The only problem is this: What happens if privacy.com gets hacked?
I used OpenCore Legacy Patcher to install Ventura (and now Sonoma) on my unsupported 2015 iMac to enable Advanced Data Protection. There were a few limitations at first, but now everything (that I need) works.
I recommend looking into it if one wants to get more life out of a Mac that's no longer supported.
I've been keen to get on board with Apple's latest encryption, but their policy of sidelining older devices is a real pain in the a*s. The requirement of MacOS Ventura or newer for this feature puts my 2015 MBP out of the running, as it's stuck with Monterey. Without completely cutting it off from iCloud, encryption remains a distant dream. And it's not just the MacBook; my older iPhone falls into the same trap. This approach by Apple seems like a clever ruse to drive us towards newer purchases, all in the name of privacy.
It's baffling why Apple wouldn't accommodate slightly older models for such a crucial feature.
It's baffling why Apple wouldn't accommodate slightly older models for such a crucial feature.
You should be able to restict it to "not on this device" whatsoever, no exceptions.
I somehow though it was all the same setting, where enabling it does everything at once.
My bad.
ADP is end-to-end encryption for all your stuff in iCloud.
I was thinking about Private Relay.
Older devices not running the latest iOS version are vulnerable to local and some drive by exploits (which are also used for jailbreaking). Now, just imagine to leave your phone unattended for a minute and someone could just jailbreak it in seconds and with full access to the device, your local device's private keys are theft. Access to your saved data, because your private key got stolen in such in easy way. Therefore, it's fully correct to limit this function to supported devices running the latest version.
And it will be interesting how it will be handled in the future.
I locked everything up with a few YubiKeys (the USB-C + NFC version).
I have one on my work key ring and keep two at home in different locations.
The only real drawback is that I've got to insert the YubiKey into the USB port of the computers at work if I need to access iCloud from one of the desktop PCs. Sometimes I need to upload larger documents or folders from my work PC to my iCloud drive, so when I log in to iCloud from my desktop PC, I have to insert my YubiKey. But I'm totally fine with this arrangement.
Otherwise, I've had no issues at all after turning on ADP. It's otherwise invisible when using my Macs and iDevices.
I did have to make sure that all the devices connected to my iCloud account were modern and up to date (so things like older AppleTVs), but that wasn't too much of an issue to be honest, and was a good excuse to upgrade the bedroom TV.
I was expecting to have to have to insert or tap my YubiKey to my new iPhone 15 Pro when I upgraded from my previous phone, but I didn't have to. Authorizing from the old phone was apparently enough.
But I'm satisfied that if somehow my iCloud password leaks that no one will be able to get in around the 2FA and YubiKey.
My data is far more likely to be leaked from some business that I use rather than anything I store on iCloud.
Not entirely true, you can also designate a trusted person as a Recovery Contact who can generate a recovery key for you in the event of a catastrophic loss of all of your devices. This would be a viable alternative to creating an alphanumeric recovery key and needing a secure place to store it.
You can set up a Legacy Contact who would be entitled to gain access to your account in the event you were incapacitated or deceased so that they could access your data.
LOLOLOL!!! I love Apple tech as much as the next guy or girl here but basically being forced to spend $1500+ for what in today's age should be the default in personal data safety is stupid. And while I am ranting, they NEED to separate apps from the OS. my $3000 2016 MacBook Pro doesn't have any up-to-date services (Apple One subscriber) simply because the copy and paste code base of macOS's of the last 6 years doesn't run on my top of the line computer?
Self hosting everything but emails is the way to go
I've been wanting to use this feature since it came out, but since they are so crazy with the hardware/software requirements I can't use it. I have a dozen different apple devices tied to my apple ID, and as long as one of them is too old, or isn't running the latest OS I can't enable this on any of my devices. That is very shortsighted on Apple's part. If this doesn't change, I guess I won't ever be able to try this out.
Agreed. And for emails, use a secure email service (e.g., Tuta).
This is why it is important for consumers to have access to the best practical encryption for all their data, and government should not compel companies to grant access or to make backdoors or whatnots.
Some users, including on here, still ask, "What do you have to hide?" The answer is EVERYTHING. We want to hide everything, regardless of the nature of the data, not because we are criminals, but because of OTHER PEOPLE are criminals, and even governments can misuse our data.
It is not our job to expose our data. It is the companies' job to protect our data. It is the government's job to hunt criminals without needing us to expose our data, because it is also the government's job to protect us from criminals, not by accessing our data, but by protecting our data.
Some users, including on here, still ask, "What do you have to hide?" The answer is EVERYTHING. We want to hide everything, regardless of the nature of the data, not because we are criminals, but because of OTHER PEOPLE are criminals, and even governments can misuse our data.
It is not our job to expose our data. It is the companies' job to protect our data. It is the government's job to hunt criminals without needing us to expose our data, because it is also the government's job to protect us from criminals, not by accessing our data, but by protecting our data.
Last edited:
Thanks dad!
Cameron Jay Ortis testified in Ontario Superior Court that a foreign ally told him of a plan to encourage targets to begin using Tutanota, an online encryption service that he called a "storefront" operation created by intelligence agents to snoop on adversaries.
Ortis said he began enticing investigative targets through promises of secret information, with the actual aim of getting them to communicate with him via Tutanota.
This! This is what I want to know.
ADP mentioned iMessage backup, but a web-based iMessage with true end-to-end encryption would be nice.
By the way, have you ever used macOS FileVault? It's very similar but for an online version. I wonder if anyone has ever been able to crack FileVault.
Well that is certainty interesting information, and I appreciate you bringing it to my attention. I am not sure what to make of Mr. Ortis’s claims.
When I had been looking for a secure email service a couple of years ago, Tuta seemed like the best option. I didn’t opt for the far more popular Proton Mail, in large part because I was concerned that they could be linked to USA intelligence services. I don’t know how ordinary users like me can assure themselves that any of the secure email services are actually secure and not being run by intelligence agents. Although I know I can’t trust Google or Yahoo, who can I trust for email?
Not for everyone, but I upgraded over Thanksgiving..2 Yubico keys for less than $55 shipped including taxes (California) and designated my significant other as the legacy contact and emergency contact.
My cat photo are safe!
Local full disk encryption backups as well.
It is becoming very simple and easy to secure your digital life these days. TB spinners are cheap, and even SATA III SSD’s are pretty darn cheap to use as full iCloud backups should you opt to.
My cat photo are safe!
Local full disk encryption backups as well.
It is becoming very simple and easy to secure your digital life these days. TB spinners are cheap, and even SATA III SSD’s are pretty darn cheap to use as full iCloud backups should you opt to.
Attachments
These are the ones I bought, too. I added three to my account (just in case). They work great and virtually never need to use them except when logging in from my Windows PC at work, which isn't all that often to be honest.