Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple's Data Encryption Changes in the UK Explained

centauratlas said:
There are a lot of people who are not criminals who turn it on. Do you want everyone looking at every photo you've ever taken? The NSA, MI5/JIO, CCCPC, BND, FSB etc having access to everything on your iPhone? Some random person?

When there is ONE key (or one group of keys) that encrypt all the data held in Apple's iCloud environment (which in turn is held at AWS, Google etc, just encrypted - but then likely available to be copied by the NSA for example) many if not all of these agencies have copies of iCloud backups. They are encrypted in transit and at rest there, but these agencies (particularly the NSA) vacuum up all the data that they can and store it. After that all it takes is one corrupt employee, one blackmailed employee, one incompetent employee, one phished employee etc who had access to the keys to let them slip. And then everyone's data is out there. It is a huge target, one that any of these agencies or criminals would like to get ahold of and consequently there would be a huge financial reward to doing so.

The 3 letter agencies keep copies of it from 1, 5, 10 or whatever years ago so that when a key is leaked, they can get access whenever they want to do so. Whether it is for a true investigation, to leak something damaging to someone else (e.g. the tax returns from the IRS), or to look up an old boyfriend or girlfriend they'll have access. Think about journalists reporting on assassinations or something and say Iran gets their data unlocked. Or the US, or the UK etc.

If you have to attack each phone individually, it is much more difficult and much less of a huge target. If I can get access to 1 billion's people's bank password vs 1, which is a better thing to try? If I can get access to every actor and actresses photos (if they don't have ADP on) vs 1, which would I want? If I can get access to every CEO or other managers financial data a week before a company announces it vs just one, which would be a bigger target?

And there are hundreds of other scenarios similar to that - an abusive spouse, police investigations etc.
Click to expand...
I’ve not heard of hackers attacking individuals. They usually go for the data centre where they access millions of records.

What are hackers going to do with your photos? They can easily get them from your Facebook account.

The NSA can already listen to everyone’s phone calls and read everyone’s emails now. They don’t need to hack into your iPhone.
 
Aeronauts said:
If this is such an important issue why didn’t Apple automatically enable ADP and make it such that it couldn’t be switched off by anyone.
Click to expand...
As others have stated, it becomes a liability issue for Apple if people are forced to use a system that might ultimately cause data loss if there is a problem on the user's end of things.
 
  • Like
Reactions: cyanite
clayj said:
As others have stated, it becomes a liability issue for Apple if people are forced to use a system that might ultimately cause data loss if there is a problem on the user's end of things.
Click to expand...
Surely that’s no different to the past when we stored our data on the computers hard drive. Apple were not considered liable for data loss if the hard drive in your Mac failed.
 
Anyone here remember truecrypt from around 2010? They decided to shut down their service rather than succumb to government pressures. In a statement, they said that every encryption service still running has a back door now.
 
ELman said:
The end user only holds the keys if Advanced Data Protection is enabled. Apple holds the keys if it is not
Click to expand...

Did you even read the article? That’s for some categories of data. For many, it’s always end to end encrypted, and that’s what’s talked about here.
 
ISP`s know all about us anyway. Where we go, what we do, and what we look at. You would think disseminaton of
that information would be enough. But no they need even finer details of a users life.
Following a users trail would not be that hard for them why they need files beyond me.
Governments already have the best dogs for hunting in their arsenal.
 

Attachments

  • IMG_1338.png
    IMG_1338.png
    654.9 KB · Views: 38
What they also don't tell you about the ADP feature is that only certain hardware devices are compatible. I tried to enable it, but then I would have to remove all of my devices from my iCloud, except for four. And I have like 20. So I couldn't enable it. I think that's a bunch of BS.
 
DougieS said:
And this is after GCHQ only recently was telling people to enable this feature before the Home Office pulled this stunt..

apple.news

Public told to use Apple security tool Home Office tried to crack — The Telegraph

GCHQ-backed cyber agency advocated Advanced Data Protection for online safety
apple.news apple.news

Can I also file a hate crime against Ben Wallace for effective calling us all nonces??!
Click to expand...

BS!!!! Pedo! How about people who are sick of being data mined. How about those who have created intellectual properties stored in their cloud services. This delusional person is an example of the problems in government and the ignorance of people in decision making roles.
 
  • Like
Reactions: rcopus and DougieS
JonathanParker said:
‘Advanced Data Protection’ shouldn’t exist. All iCloud data should be end to end encrypted for everyone as the standard. And Apple should’ve withdrew all iCloud services from the UK, not removed an important encryption feature.
Click to expand...
It is a hardware limiatation with in ADP. Only new hardware devices are suppported with ADP.
 
cyanite said:
Did you even read the article? That’s for some categories of data. For many, it’s always end to end encrypted, and that’s what’s talked about here.
Click to expand...
Did you read the person question I was responding too?

This difference is in how the encryption keys are stored:

Protection LevelEncryptionKey Storage
Standard data protectionIn transit and on serverApple
Advanced Data Protection (ADP)End-to-endTrusted devices only
 
zarmanto said:
And right there, you've hit upon the fight that Apple has no desire to take on.

If Apple were to require ADP across the board, the inevitable result is that somebody would eventually lose their encryption keys -- and then blame Apple for the loss of access to their encrypted personal data, likely even going so far as to sue the company.

Instead, Apple chose a default configuration which allows Apple themselves to be the trusted agent, holding the keys for their users... and helpfully assisting them to get their data back when something goes awry. This creates the most desirable outcome for the vast majority of their user base.

And of course, with ADP as an opt-in feature for users who understand and are willing to accept the risk, Apple provides a good solution for their needs as well, without taking away the easier option from the rest of their user base.

Further, making it optional ensures that situations like this one can be handled with a fallback plan of disabling the optional feature in just the affected jurisdiction. If ADP were mandatory across all iOS devices, I expect it would be much more difficult to escape the UK's backdoor requirements.
Click to expand...
You nailed it. As always people that are interested in technology (macrumors forum users), know the pitfalls of data mining and breaches. As such most of us become a bit paranoid and try to reduce our exposure. Everyone of us then makes a risk/benefit analysis. How much inconvenience are we willing to deal with to protect our data.

The bigger issue than ADP is how insecure our data is kept by entities we cannot control. The amount of data breach letters I got in 2024? I've lost count. I could probably get "free" credit monitoring for the rest of my life based on the joke of an effort companies put in.

As for the US government... Well, they have been hacked so badly that other than possibly your tax data, foreign governments already have all the info they want about you. Soooo :-(

As many have said privacy is an illusion to some extent and we just try to mitigate and feel in control of the data we can control. I have my own NAS and keep my own cloud BUT I also have some items on iCloud because it is so easy...

Philly
 
jhfenton said:
It was not sarcasm. I agree it might make sense to add it as a startup option at some point. But turning on unrecoverable encrypted backups for everyone would just end up with a lot of lost data and angry customers.
Click to expand...
I now better understand what you said. The PR nightmare for apple is not worth it. The headlines Apple denies widow access to data etc. Just isn't worth it to them. ADP is an informed decision at which point apple can say... Hey, we warned you .
 
  • Like
Reactions: jhfenton
con2apple said:
Two problems:

Firstly, the authorities never get enough. Because in the logic of the state, the citizen is an enemy.
Because the citizen wants to change the state. Replace the politicians. Adapt the authorities.

Secondly, it makes the technology more vulnerable to criminals. In other words, “thanks” to the state's backdoors, citizens are at the mercy of criminals without protection.
That includes also car keys, apartment doors or safes.
Click to expand...

Perfect summary. The UK continues heinous acts against its own citizens and is trying to come after US citizens for its thought crimes laws. They forget we have oh so many guns
 
  • Like
  • Angry
Reactions: Apple Crusader, UpsetTheAppleCart, 0049190 and 1 other person
amt2002 said:
I must admit, I had ADP turned off already. Didn't even know it existed. Feels a bit like a storm in a teacup.
Click to expand...

it there's a data breach your data can be accessed. I enabled it. It means I am protected. Not even law enforcement can spy on your nice photos
 
DougieS said:
And this is after GCHQ only recently was telling people to enable this feature before the Home Office pulled this stunt..

apple.news

Public told to use Apple security tool Home Office tried to crack — The Telegraph

GCHQ-backed cyber agency advocated Advanced Data Protection for online safety
apple.news apple.news

Can I also file a hate crime against Ben Wallace for effective calling us all nonces??!
Click to expand...
Calling your opponents pedophiles is unfortunately usual discourse in politics today.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back