Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Encryption Privacy Apple

Apple Dropped Plan for Encrypting Backups After FBI Complained (reuters.com) 134

Apple dropped plans to let iPhone users fully encrypt backups of their devices in the company's iCloud service after the FBI complained that the move would harm investigations, Reuters reported on Tuesday, citing six sources familiar with the matter. From the report: The tech giant's reversal, about two years ago, has not previously been reported. It shows how much Apple has been willing to help U.S. law enforcement and intelligence agencies, despite taking a harder line in high-profile legal disputes with the government and casting itself as a defender of its customers' information. The long-running tug of war between investigators' concerns about security and tech companies' desire for user privacy moved back into the public spotlight last week, as U.S. Attorney General William Barr took the rare step of publicly calling on Apple to unlock two iPhones used by a Saudi Air Force officer who shot dead three Americans at a Pensacola, Florida naval base last month.

U.S. President Donald Trump piled on, accusing Apple on Twitter of refusing to unlock phones used by "killers, drug dealers and other violent criminal elements." Republican and Democratic senators sounded a similar theme in a December hearing, threatening legislation against end-to-end encryption, citing unrecoverable evidence of crimes against children. Apple did in fact did turn over the shooter's iCloud backups in the Pensacola case, and said it rejected the characterization that it "has not provided substantive assistance." Behind the scenes, Apple has provided the U.S. Federal Bureau of Investigation with more sweeping help, not related to any specific probe.

This discussion has been archived. No new comments can be posted.

Apple Dropped Plan for Encrypting Backups After FBI Complained

Comments Filter:
  • i mean technically (Score:5, Informative)

    by mwfischer ( 1919758 ) on Tuesday January 21, 2020 @09:03AM (#59640496) Journal

    https://www.apple.com/privacy/ [apple.com]

    That page says nothing about encrypted backups

    • Way back during the post 9-11 insanity (some continues,) there were fights being fought and somewhat lost over 3rd party services. Deciding if you had the right to privacy of your documents when you just hand them over to a 3rd party. Email was one of many of these fights. The expectation of privacy would come up but somehow seems to not be a big deal today. Most every user would expect their internet backup service to be secure with their papers/documents (I'm phrasing like the 4th amendment.)

      Warrants al

      • Way back during the post 9-11 insanity (some continues,) there were fights being fought and somewhat lost over 3rd party services. Deciding if you had the right to privacy of your documents when you just hand them over to a 3rd party. Email was one of many of these fights. The expectation of privacy would come up but somehow seems to not be a big deal today.

        The rules for email have been decided - anything left on a 3rd party mail server for more than 6 months is considered abandoned. It doesn't matter if you actively use the account. What matters is the timestamp for receipt. The feds don't even need a warrant to get email more than 6 months old.

        • by sabt-pestnu ( 967671 ) on Tuesday January 21, 2020 @07:52PM (#59642846)

          > The rules for email have been decided - anything left on a 3rd party mail server for more than 6 months is considered abandoned. It doesn't matter if you actively use the account. What matters is the timestamp for receipt. The feds don't even need a warrant to get email more than 6 months old.

          For reference, the ECPA [wikipedia.org] was written in 1986, when most email programs would download email (and webmail was unknown until about 1993).

          ECPA Really REALLY needs to be updated. But Congress as been conditioned by the "going dark" argument against taking any such action.

        • by Agripa ( 139780 )

          The rules for email have been decided - anything left on a 3rd party mail server for more than 6 months is considered abandoned. It doesn't matter if you actively use the account. What matters is the timestamp for receipt. The feds don't even need a warrant to get email more than 6 months old.

          Which works out really nicely for the Feds when the service never deletes your email and only removes it from your view.

    • This is interesting. At least as recently as 2018, the description of iCloud on the Apple Web site claimed that it was secure because it used 128-bit encryption. (Obviously, the problem with that is that the user didn't control the key.) I don't see that any more on the iCloud Web page; all I see are general statements like these [apple.com]: "Two-factor authentication helps keep your data safe. Two-factor authentication is an extra layer of security designed to ensure that only you can access your account. ... Design

      • by Agripa ( 139780 )

        This is interesting. At least as recently as 2018, the description of iCloud on the Apple Web site claimed that it was secure because it used 128-bit encryption. (Obviously, the problem with that is that the user didn't control the key.) I don't see that any more on the iCloud Web page; all I see are general statements like these [apple.com]: "Two-factor authentication helps keep your data safe. Two-factor authentication is an extra layer of security designed to ensure that only you can access your account. ... Designed with your
        privacy in mind. Apple takes the security of your data and the privacy of your personal information very seriously. Because of that, iCloud features are designed to keep your information safe, secure, and available only to you."

        Evidently "only to you" doesn't mean "only to you"; it means "only to you (and Apple, and any random government agency, and anyone else Apple deems to be more important than you)."

        I always assumed that Apple meant that the communications between you and your account were encrypted but not the stored data.

  • by sinij ( 911942 ) on Tuesday January 21, 2020 @09:06AM (#59640504)
    If cloud backups opt in, then this is disappointing but not a problem. If cloud backups opt out (or worse, always enabled), then this is serious breach of privacy.
    • by KixWooder ( 5232441 ) on Tuesday January 21, 2020 @09:21AM (#59640542)
      They are opt-in. When setting up a new iPhone or iPad, it asks you if you want to backup to iCloud. You can say no and it'll never ask you again.
      • So, third-party back-up programs?

      • by Shaitan ( 22585 )

        Unless it warns in serious flashing red letters or at least can't miss it bold text that checking that box is a serious security risk and not recommended it is still a very big problem.

        That's like having a tent at the carnival with a sign that says "Bliss attraction" and asking passing customers if they'd like to go in and see it, meanwhile the tent contains a viper pit just inside the door. But hey, they opt'd in.

      • by cusco ( 717999 )

        If you say 'Yes' good luck ever turning it off and having it stay turned off. We've tried to turn off the backup several times, but always a week or two later her iToy will start backing up to the iCloud again (until it fills up and Apple tries to charge her for additional storage.)

    • I can’t speak to the current, non-iTunes version of MacOS, but - in iTunes, you can choose whether you want your iOS device to back up to iCloud or locally. Local backups can be optionally encrypted with a password of your choosing.

  • sensible (Score:4, Insightful)

    by Camembert ( 2891457 ) on Tuesday January 21, 2020 @09:10AM (#59640516)
    If you plan nefarious actions, then don't use any cloud service. Otherwise enjoy the comfort of the extra resilience cloud brings.
    For Apple, this makes sense too - they could have encrypted the iCloud backup and that might well have caused a regulatory requirement to open it up in perhaps even less desirable ways.
    • Re:sensible (Score:4, Interesting)

      by The-Ixian ( 168184 ) on Tuesday January 21, 2020 @09:18AM (#59640534)

      Also... I have to wonder about criminals who use their phones for planning nefarious activities and/or bring their phone with them when performing nefarious activities.

      It's like having a smart speaker in the room where you discuss your plans for robbing the bank.... why would you take that kind of chance?

      • by gweihir ( 88907 )

        The police is not after smart criminals. They just want to fill their quota to they appear to do their job and there are plenty of dumb criminals around. The thing about encryption is different. That serves for spying and to create chilling effects. It has nothing to do with catching criminals.

        • by gtall ( 79522 )

          "They just want to fill their quota to they appear to do their job" and you know this how?

          • by cusco ( 717999 )

            Ever work around many cops? People don't become criminals because they're bored being rocket scientists, they become criminals because they're lazy and stupid. The reason why crime is still a viable career choice is because police aren't any smarter or more ambitious than they are.

      • I would imagine they use burners and phones bought by cut-outs or using stolen identities or other means of masking who the phone belongs to, in addition to using encrypted communications, weird code language, etc.

        I mean there's a zillion phones out there and they can't monitor them all, as long as they can't link a specific phone to a specific person it might as well count as secure.

    • In other words, if you have nothing to hide...
    • The average consumer isn't worried about privacy from the FBI most will never have a run in with them, what they are worried about is identity theft and so long as the unencrypted backups stay secure and out of the hands of thieves then everything is fine. The moment iCloud is hacked and that treasure trove of unencrypted data is stolen the FBI will be taking Apple and their customers' complaints.

    • Re:sensible (Score:5, Insightful)

      by Shaitan ( 22585 ) on Tuesday January 21, 2020 @09:59AM (#59640658)

      "If you plan nefarious actions, then don't use any cloud service. Otherwise enjoy the comfort of the extra resilience cloud brings."

      Wow, the old "if you have a problem with this you must have something to hide" argument. It hasn't magically become valid.

      A technology company shouldn't even offer the option of opting in to seriously compromise your own security without jumping through some hoops and highly visible stringent security warnings to make sure nobody can choose that option without knowing the consequence. Otherwise it is nothing but a trap for the ignorant similar to the clickbait and phishing emails used by other criminal attackers.

      • by Kjella ( 173770 )

        A technology company shouldn't even offer the option of opting in to seriously compromise your own security without jumping through some hoops and highly visible stringent security warnings to make sure nobody can choose that option without knowing the consequence. Otherwise it is nothing but a trap for the ignorant similar to the clickbait and phishing emails used by other criminal attackers.

        You say that as if end-to-end encryption doesn't have downsides, basically it's "lose your last house key, lose your house". If you want to prevent Apple from accessing your backups it also means they can't help you recover your Apple ID from security questions or email or anything like that, since they could just look up the answers and unlock it themselves. You will need either a working iDevice or a local backup of the key and the general public is rather terrible with both. For most people that very rea

        • I'm sorry most criminals aren't interested in hacking government anything it's all trouble, there is no money in it, but they are very interested in consumers credit cards, bank cards, etc... and once all the low hanging fruit is gone the problem won't go away they will just work harder to get what they want. You can count on them to find a way if it means they are making money.

        • by Shaitan ( 22585 )

          It doesn't matter you can use accessory technologies to help with storing and backing up keys. Even prompt users to print a QR code that will do the trick which can be stored in the same off-site safety deposit box they store important documents in.

          In security we don't consider anything to be absolutely secure. All you can really do is hope to raise the difficulty/cost of breaking in. For many things you can easily accomplish raising the cost beyond the value of the target. For example the solution I've men

    • What a great way to go about privacy rights!

      I'm sure that $FAVORITE_POLITICIAN will make sure that only $BAD_PEOPLE have their data used against them, and that $HORRIBLE_POLITICIAN will never be able to have sufficient power to turn this against me and those I care about.

    • The question is... who has access to the service? Every day brings with it news of another business being compromised. Encryption is nice, just to ensure that backups sent offsite are protected, even if the remote site is completely taken over.

      This is a standard operating practice with cloud backups, where they are encrypted before they leave the client site. Why should phone backups be any less secure?

      As for phones, the most secure backups I know of are done by Titanium Backup which creates a public/pri

    • If you plan nefarious actions, then don't use any cloud service. Otherwise enjoy the comfort of the extra resilience cloud brings.

      The problem with your proposition being that you do not decide what the authorities consider nefarious, or potentially nefarious, or an indicator that you might become potentially nefarious.

  • by bazmail ( 764941 ) on Tuesday January 21, 2020 @09:10AM (#59640518)
    This is bigger news than it might first appear.
    • Complicit in regards to what? iCloud backups are opt-in and completely optional.
    • by cusco ( 717999 )

      Now complicit? They've been handing over iCloud data for years, and encryption has never been an option even though it was trivial to add even when the service was first introduced. IIRC (and I may not) the original plan was to use the customers' data for targeting advertising like Google does, but even the fanbois complained so that idea got shelved.

  • iOS 10 security check is approximately 2,500 times weaker compared to the old one that was used in iOS 9 backups. example speeds:

    iOS 9 (CPU): 2,400 passwords per second (Intel i5)
    iOS 9 (GPU): 150,000 passwords per second (NVIDIA GTX 1080)
    iOS 10 (CPU): 6,000,000 passwords per second (Intel i5)

    thats the local backup...

    • You realize, of course, that iOS 10 is the 2016 version; iOS 13.3 is current.
      • I can speak to this because I maintain tools designed to read and write iOS backups. iOS 10.0 inadvertently introduced a weaker scheme for encrypting the files. The 10.2 release finally fixed it by preventing attackers from using known-cleartext metadata to facilitate brute force attacks. Here's a writeup of the issue. [imazing.com] Actually, as of iOS 10.2 the encryption scheme takes nearly 10 seconds to validate a single password using the extremely fast fastpbkdf2_hmac_sha256 implementation on my powerful workstation.
    • I can speak to this because I maintain tools designed to read and write iOS backups. iOS 10.0 inadvertently introduced a weaker scheme for encrypting the files. The 10.2 release finally fixed it by preventing attackers from using known-cleartext metadata to facilitate brute force attacks. Here's a writeup of the issue. [imazing.com] Actually, as of iOS 10.2 the encryption scheme takes nearly 10 seconds to validate a single password using the extremely fast fastpbkdf2_hmac_sha256 implementation on my powerfu
  • So it is OK for the US government to train middle eastern terrorists but it is not OK for us to have privacy - noted!

    https://www.timesunion.com/new... [timesunion.com]

    • by cusco ( 717999 )

      Duh, we've been giving them weapons since Irgun was founded and used them against our British allies. Most of the time we're selling/gifting weapons to both sides of any conflict in the region.

  • Guns (Score:4, Insightful)

    by kackle ( 910159 ) on Tuesday January 21, 2020 @09:31AM (#59640580)
    Ain't this exactly the same argument over the guns? It (encryption) is a tool, one that can be used for good or evil, which is often a matter of perspective. Should we protect ourselves from a future oppressive government with protection of the "tools" now, or allow those tools to be permanently controlled by the government at the sacrifice of safety when some citizens use the tools to do harm?

    Extra credit question: What can be worse, a bad government or bad citizens?
    • by GoTeam ( 5042081 )
      Trick question. It takes bad citizens working within the government to make a bad government. We are (assuming democratic countries are being spoken of) a government run by citizens.
    • Comment removed (Score:4, Insightful)

      by account_deleted ( 4530225 ) on Tuesday January 21, 2020 @11:21AM (#59640894)
      Comment removed based on user account deletion
    • It's an interesting question. Harm does happen in rare cases (both scenarios)

      However, I'd like to see how gun owners react to democracy actually being threatened by the Presdent using State powersin Ukraine to influence elections at home.
      True, guns are for protecting freedom, but it seems gun owners are more concerned about power than freedom. So why have guns?

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Tuesday January 21, 2020 @09:37AM (#59640590)
    Comment removed based on user account deletion
    • There it is... Who cares if the FBI's job is harder encryption is about protecting consumer from criminals not terrorists and it's not about privacy it's about security. There are far more cases of identity fraud than terrorism and the FBI investigates identity fraud so they are making it easier to investigate identity fraud by making identity fraud easier. This doesn't sound like a very good plan.

      We need an FBI that is recommending encryption and properly securing data against theft even if it makes it har

  • Apple owns exclusive right and freedom to change the ECC encryption anytime. Why go there? Data encrypted by branded method are SOL when patent holders change it. NeXT changed its elliptical encryption algorithm between OS updates in the 90's. Years of data turned to stone.

    PHP pulled off the Internet for six months after initial release. Woke theorists didn't swallow the Phil Zimmerman rewrite explanation.

  • Who don't take their digital security seriously deserves to be caught.
  • How many IPhone users don't adjust their backups? All of your phone information is going to be backed up by default?

    If that is true then NONE of your phone's information is secure from the governments of the world and you have a VERY false sense of security. If the governments can get it so can hackers, and Apple.

    • Considering that free iCloud backup is limited to 5GB size restrictions for all devices (not per), I can see that many users don’t even use it. That not cover my music collection much less movies. Sure you could pay for more size but how many users would pay?
      • If your music collection is sourced from iTunes, then there's no reason to include that in your backups since the collection can always be redownloaded. (Or, if ripped from CDs, then you have the physical backup.) You can pick-and-choose what is backed up.
        • And if it is not? Much of my music came from CDs. There iTunes Match; however, it does not get everything. But the point again is that 5GB is small. How about photos which are not purchased? What about home movies?
  • And this folks is a primary reason why closed ecosystems can suck it. People are concerned about the wrong things and asking all the wrong questions. The question should not be why did they not buck the FBI. The question should be why does apple get to pick and choose what you do with what should be your phone and your operating system. The encryption you choose should not be something that Apple can see much less veto. The backup software you use should also not be something that they can see or veto. They

    • by cusco ( 717999 )

      The question should be why does apple get to pick and choose what you do with what should be your phone and your operating system.

      Because it's not your operating system, and barely even your phone. You have a *license* giving you permission to use THEIR operating system, which they can revoke at will. In your purchase you agreed to install no non-Apple operating system on the phone ever. They reserve the right to require you to update THEIR operating system on their schedule (using the data connection you pay for) or they can disable it. If their next version of OS makes iCloud backups mandatory that's their choice, not yours, and

  • FWIW, Android backups stored by Google are fully encrypted as of, IIRC, 9.0. Note that they're not a complete snapshot of what's on your device, though, because only apps that opt in get backed up.

    • I will be happy when they actually are restorable. I've yet to ever find an Android backup done by Google which could actually be restored after a factory reset and work.

      • by amorsen ( 7485 )

        Indeed. It's great that they are encrypted, but as far as I can tell, they are equally useful whether you have the key or not.

      • by cusco ( 717999 )

        I've restored them after a factory reset once, and twice after getting a new phone. I wonder if it makes a difference what apps you have installed, my phone is mostly just a phone and a camera, I don't use it for much else.

      • I will be happy when they actually are restorable. I've yet to ever find an Android backup done by Google which could actually be restored after a factory reset and work.

        I've used it the last couple of times I got a phone. When setting up a new phone (or an old phone after factory reset), you're given the option of using a cable to copy from the old phone or restoring from backup. Of course, very few apps opt in to backup as of yet, so not a lot is backed up or restored. Mostly you just get all of your old apps re-downloaded, but without data.

  • Quoting the president in the summary adds nothing to the facts of the story.

    • By making it political, many slashdot users just went into severe highly revealing contortions trying to differentiate encryption control from gun control, even so far as getting them to invoke "think of the children" and other fascist drivel. The evidence of this is in the comments.
      • by amorsen ( 7485 )

        If you can't tell the difference between "I want to keep my photos private" and "I want to go hunting / do target practice / overthrow the tyrannical government", then it is you doing the revealing contortions.

    • The problem is that the source reporting the President’s words is reliable. The President himself adding nothing to the conversation is not their fault. Unfortunately what he says matters even if it is incoherent at best.
  • by jfdavis668 ( 1414919 ) on Tuesday January 21, 2020 @10:33AM (#59640728)
    I have this issue where I work. We encrypt basically everything, including backups. When something fails and you need to recover, and encrypted backup is a major pain in the neck to restore. Sometimes, you can't restore it, particularly if the backup was taken a while ago. We sometimes need to recover historical data from backups. We often find that the encryption software can't read it, since they change the way it encrypts and it no longer knows how to read the old encryption format. We have to work with the company who supplies it to get a version that can read it again. We have failed to recover data a few times just because we couldn't decrypt it.
    • by cusco ( 717999 )

      Backup Exec? Steer clear of anything that Symantec has ever touched. More often than not your server OS has built in backup software that doesn't have all the pretty bells and whistles but which will do the job correctly and consistently. People don't like to use them since they're more work to set up and document, but IMNSHO they're worth the extra time and effort.

    • by shess ( 31691 )

      I have this issue where I work. We encrypt basically everything, including backups. When something fails and you need to recover, and encrypted backup is a major pain in the neck to restore. Sometimes, you can't restore it, particularly if the backup was taken a while ago. We sometimes need to recover historical data from backups. We often find that the encryption software can't read it, since they change the way it encrypts and it no longer knows how to read the old encryption format. We have to work with the company who supplies it to get a version that can read it again. We have failed to recover data a few times just because we couldn't decrypt it.

      Would you be happier if you couldn't read your unencrypted backups due to a format change because the company couldn't be bothered to do basic testing on their software? This problem is really that a company is delivering a product they don't have the technical chops to pull off, it has nothing to do with encryption.

  • Apple's theatrics about unlocking smartphones really wer just a publicity stunt. They knew full well that the government could unlock the phones without their assistance, so protesting made them look good without actually costing them anything.

    If they don't encrypt user data that has been uploaded to the cloud, then that is a huge gaping hole in user privacy and security. Being kept conveniently open for use and abuse by the US government.

  • Who told the FBI??? (Score:4, Interesting)

    by thedarb ( 181754 ) on Tuesday January 21, 2020 @01:50PM (#59641556)

    What I want to know is, who told the FBI they were considering encrypting backups? You just do it, you don't go asking the enemy if they like the idea.

    • by cusco ( 717999 )

      The FBI has routinely been accessing iCloud backups for years, it probably just came up when they went to pick up another data dump. "Hey, this process isn't going to work in a few months since we'll be starting to encrypt backups."

      What I want to know is what bozo at Apple made the decision not to encrypt them when they started the service, that should have been the rule from Day One.

You know you've landed gear-up when it takes full power to taxi.

Working...