iCloud Is iCloud a Spy tool for the NSA?

[DWHH1]

Here's my question. Apple offers a basic zero cost 5 GB data storage option on its iCloud service with costed options to store more data but I am planning that my next Mac computer have at least 4 TB ssd, up from my current 1TB ssd. 4TB is 800x their basic iCloud offering so I, and you, could and should be able to store ALL my/your emails, photos and other documents only on our/my local machines since it is 800x 'bigger' than the current limit.

Why is Apple interested in acquiring my data and holding it on their servers when I/we could keep it locally? Now you could argue that synchronising files across all devices needs temporary space in the cloud to store the data but once the docs/files have been synchronised across all local machines the iCloud space could be released but Apple makes it hard to switch off iCloud and just store locally. I assume most folks here remember the CSAM hiatus. Apple was scanning image files to find 'bad' activities - a laudible aim - but to do that they would have to scan images to find other stuff including who attends Republican or Democrat rallies, or NRA activities, you name it - your private and entirely legitimate activities could also be reviewed once the data is held in cloud servers.

So I will ask again why can't ALL my/our emails, photos, files etc be stored entirely on the local machine when even iPhones and iPad can store so much and the amount is increasing every year?

Surely the NSA is not encouraging or forcing Apple, Google etc etc to offer cloud storage to make their work easier. When Apple makes the claim that our data is not what they sell/offer why does it appear not to be the case?

Alternatively, can somone tell me how to store ALL my emails, photos etc JUST and soley on my local devices in such a way that i can see the data on all my devices without involving the cloud?

 

[BrianBaughn]

Do you have more specific requirements for this? Such as:

• Do you want the emails, photos and etc accessible on all devices?
• Do you want every device to have its own copy of that data?
• Exactly what devices are you wanting this on?
• Do you want that data to be encrypted in a way that only you on your devices can access it?

 

[BaldiMac]

Here's my question. Apple offers a basic zero cost 5 GB data storage option on its iCloud service with costed options to store more data but I am planning that my next Mac computer have at least 4 TB ssd, up from my current 1TB ssd. 4TB is 800x their basic iCloud offering so I, and you, could and should be able to store ALL my/your emails, photos and other documents only on our/my local machines since it is 800x 'bigger' than the current limit.

Why is Apple interested in acquiring my data and holding it on their servers when I/we could keep it locally? Now you could argue that synchronising files across all devices needs temporary space in the cloud to store the data but once the docs/files have been synchronised across all local machines the iCloud space could be released but Apple makes it hard to switch off iCloud and just store locally. I assume most folks here remember the CSAM hiatus. Apple was scanning image files to find 'bad' activities - a laudible aim - but to do that they would have to scan images to find other stuff including who attends Republican or Democrat rallies, or NRA activities, you name it - your private and entirely legitimate activities could also be reviewed once the data is held in cloud servers.

So I will ask again why can't ALL my/our emails, photos, files etc be stored entirely on the local machine when even iPhones and iPad can store so much and the amount is increasing every year?

Surely the NSA is not encouraging or forcing Apple, Google etc etc to offer cloud storage to make their work easier. When Apple makes the claim that our data is not what they sell/offer why does it appear not to be the case?

Alternatively, can somone tell me how to store ALL my emails, photos etc JUST and soley on my local devices in such a way that i can see the data on all my devices without involving the cloud?

!. You can store everything locally. Cloud storage is a convenience with benefits and tradeoffs.
2. Apple never released the CSAM scanning that you are referring to.

 

[turbineseaplane]

2. Apple never implemented the CSAM scanning that you are referring to.

"yet"

This is one to watch as time goes on right now (for all the reasons one could guess)

 

[BaldiMac]

"yet"

This is one to watch as time goes on right now (for all the reasons one could guess)

Absolutely. I was just correcting the OP's claim that Apple "was scanning" for CSAM.

 

[doogm]

I assume most folks here remember the CSAM hiatus. Apple was scanning image files to find 'bad' activities - a laudible aim - but to do that they would have to scan images to find other stuff including who attends Republican or Democrat rallies, or NRA activities, you name it - your private and entirely legitimate activities could also be reviewed once the data is held in cloud servers.

The CSAM scanning was announced but never implemented, but it never involved scanning on iCloud. All of the scanning was done locally on the device, not by cloud server computers.

https://www.apple.com/child-safety/pdf/CSAM_Detection_Technical_Summary.pdf

Apple’s method of detecting known CSAM is designed with user privacy in mind. Instead of scanning
images in the cloud, the system performs on-device matching using a database of known CSAM image
hashes provided by NCMEC and other child-safety organizations. Apple further transforms this database
into an unreadable set of hashes, which is securely stored on users’ devices.

The hashing technology, called NeuralHash, analyzes an image and converts it to a unique number specific
to that image. Only another image that appears nearly identical can produce the same number; for
example, images that differ in size or transcoded quality will still have the same NeuralHash value.
Before an image is stored in iCloud Photos, an on-device matching process is performed for that image
against the database of known CSAM hashes. This matching process is powered by a cryptographic
technology called private set intersection, which determines whether there is a match without revealing the
result. The device creates a cryptographic safety voucher that encodes the match result. It also encrypts
the image’s NeuralHash and a visual derivative. This voucher is uploaded to iCloud Photos along with the
image.

 

[Eric Idle]

Absolutley bizarre post. Incredible and shockingly brazen.

 

[cateye]

Absolutley bizarre post. Incredible and shockingly brazen.

The best part is asking about storing emails, given that email is…. A cloud-based service and unencrypted at all stages of travel by design. Meanwhile, everything else in Apple’s cloud can be end to end encrypted with ADP. But sure, NSA, boogie man, etc.

 

[Eric Idle]

Here's my question. Apple offers a basic zero cost 5 GB data storage option on its iCloud service with costed options to store more data but I am planning that my next Mac computer have at least 4 TB ssd, up from my current 1TB ssd. 4TB is 800x their basic iCloud offering so I, and you, could and should be able to store ALL my/your emails, photos and other documents only on our/my local machines since it is 800x 'bigger' than the current limit.

Why is Apple interested in acquiring my data and holding it on their servers when I/we could keep it locally? Now you could argue that synchronising files across all devices needs temporary space in the cloud to store the data but once the docs/files have been synchronised across all local machines the iCloud space could be released but Apple makes it hard to switch off iCloud and just store locally. I assume most folks here remember the CSAM hiatus. Apple was scanning image files to find 'bad' activities - a laudible aim - but to do that they would have to scan images to find other stuff including who attends Republican or Democrat rallies, or NRA activities, you name it - your private and entirely legitimate activities could also be reviewed once the data is held in cloud servers.

So I will ask again why can't ALL my/our emails, photos, files etc be stored entirely on the local machine when even iPhones and iPad can store so much and the amount is increasing every year?

Surely the NSA is not encouraging or forcing Apple, Google etc etc to offer cloud storage to make their work easier. When Apple makes the claim that our data is not what they sell/offer why does it appear not to be the case?

Alternatively, can somone tell me how to store ALL my emails, photos etc JUST and soley on my local devices in such a way that i can see the data on all my devices without involving the cloud?

I am pleased to see the forum's response to your post.

 

[Rainbow Apple]

So long as your data is available to any human working for Apple: iCloud is a spy tool for anyone who compromises Apple (be it from government corrosion, or just someone hacking the iCloud servers). Maybe iCloud's "Advanced Data Protection" function (if I'm remembering that name right) will be enough to protect your data from those who compromise Apple, maybe not. But I would trust a third-party encryption service (such as Cryptomator) more then anything from Apple.

Bottom line: The only reliable way to stop data leaks from iCloud (be it from hackers, the NSA, or whatever) is if iCloud doesn't have the data to leak, in the first place. If you data is protected by good encryption, so that even if a leak happens: The leaked data cannot be decrypted.

the CSAM hiatus. Apple was scanning image files to find 'bad' activities - a laudible aim

Don't even go there! What matters is that Apple announced plans to snoop on people's private photos. The excuses Apple made to try to justify that that do not matter, and we should not take their excuses seriously enough to even mention them. What matters is what Apple does, and what Apple says they're going to do.

 

[doogm]

So long as your data is available to any human working for Apple: iCloud is a spy tool for anyone who compromises Apple (be it from government corrosion, or just someone hacking the iCloud servers).

They would need to hack all of Apple's private keys as well, because everything on iCloud is encrypted.

Don't even go there! What matters is that Apple announced plans to snoop on people's private photos. The excuses Apple made to try to justify that that do not matter, and we should not take their excuses seriously enough to even mention them. What matters is what Apple does, and what Apple says they're going to do.

Not an accurate description of the proposed CSAM scanning (which was never implemented, and Apple dropped plans to implement ever again.) A simplified description of the process is that the system created hashed signatures from photos - cryptographic hashes cannot be reversed back to the original content - and looked to see if it matched the hashed signatures of known CSAM content provided to Apple by organizations that collected these images (again, hashes cannot be reversed to actual images, so none of these images were actually going to be installed on devices). And all of this checking was done on the device, not by Apple's servers.

 

[Rainbow Apple]

They would need to hack all of Apple's private keys as well, because everything on iCloud is encrypted.

I would hope so (so long as "Advanced Data Protection" is enabled, I presume that's what you're referring to)! So long as that encryption is good enough that even Apple themselves could not read your data (even if they wanted to), then it's secure. But if Apple themselves are able to read your data, then so can anyone who compromises Apple.

Not an accurate description of the proposed CSAM scanning

I think you're splitting hairs. Once such a system is set up, it's inevitable that it will expand well beyond child porn! How long until the Saudis have Apple scanning for Christian images, the Chinese have Apple scanning for pro-democracy images, the Europeans have Apple scanning for "hate speech" images, etc.?

In short: Child porn was just the excuse used to justify the creation of this system, it's not what the system would have actually been about!

which was never implemented, and Apple dropped plans to implement ever again

Yes, good on Apple for dropping those plans. But that the public had to pressure Apple to drop the plans in the first place: This shows that Apple was, at best, dangerously naive.

 

[Howard2k]

Here's my question. Apple offers a basic zero cost 5 GB data storage option on its iCloud service with costed options to store more data but I am planning that my next Mac computer have at least 4 TB ssd, up from my current 1TB ssd. 4TB is 800x their basic iCloud offering so I, and you, could and should be able to store ALL my/your emails, photos and other documents only on our/my local machines since it is 800x 'bigger' than the current limit.

Why is Apple interested in acquiring my data and holding it on their servers when I/we could keep it locally? Now you could argue that synchronising files across all devices needs temporary space in the cloud to store the data but once the docs/files have been synchronised across all local machines the iCloud space could be released but Apple makes it hard to switch off iCloud and just store locally. I assume most folks here remember the CSAM hiatus. Apple was scanning image files to find 'bad' activities - a laudible aim - but to do that they would have to scan images to find other stuff including who attends Republican or Democrat rallies, or NRA activities, you name it - your private and entirely legitimate activities could also be reviewed once the data is held in cloud servers.

So I will ask again why can't ALL my/our emails, photos, files etc be stored entirely on the local machine when even iPhones and iPad can store so much and the amount is increasing every year?

Surely the NSA is not encouraging or forcing Apple, Google etc etc to offer cloud storage to make their work easier. When Apple makes the claim that our data is not what they sell/offer why does it appear not to be the case?

Alternatively, can somone tell me how to store ALL my emails, photos etc JUST and soley on my local devices in such a way that i can see the data on all my devices without involving the cloud?

Seriously, it's good to ask questions.


But start here:

How to turn on Advanced Data Protection for iCloud - Apple Support (CA)

Advanced Data Protection for iCloud offers our highest level of cloud data security and protects the majority of your iCloud data using end-to-end encryption.

support.apple.com

 

[doogm]

I would hope so (so long as "Advanced Data Protection" is enabled, I presume that's what you're referring to)!

No - I mean that everything in iCloud is encrypted, and there is no "master key" that decrypts it all. Apple does have a way to hold keys to data that is not encrypted with ADP but I presume that all of those keys are not stored along with the data. So iCloud data is encrypted at rest; Apple has a key to decrypt anything if you don't have ADP turned on. But if someone somehow "hacks" into iCloud all they will see is a pseudo-random blob of data - without decryption keys, the data remains encrypted.