Apple Dropped Plan for Encrypting Backups After FBI Complained (reuters.com) 134
Apple dropped plans to let iPhone users fully encrypt backups of their devices in the company's iCloud service after the FBI complained that the move would harm investigations, Reuters reported on Tuesday, citing six sources familiar with the matter. From the report: The tech giant's reversal, about two years ago, has not previously been reported. It shows how much Apple has been willing to help U.S. law enforcement and intelligence agencies, despite taking a harder line in high-profile legal disputes with the government and casting itself as a defender of its customers' information. The long-running tug of war between investigators' concerns about security and tech companies' desire for user privacy moved back into the public spotlight last week, as U.S. Attorney General William Barr took the rare step of publicly calling on Apple to unlock two iPhones used by a Saudi Air Force officer who shot dead three Americans at a Pensacola, Florida naval base last month.
U.S. President Donald Trump piled on, accusing Apple on Twitter of refusing to unlock phones used by "killers, drug dealers and other violent criminal elements." Republican and Democratic senators sounded a similar theme in a December hearing, threatening legislation against end-to-end encryption, citing unrecoverable evidence of crimes against children. Apple did in fact did turn over the shooter's iCloud backups in the Pensacola case, and said it rejected the characterization that it "has not provided substantive assistance." Behind the scenes, Apple has provided the U.S. Federal Bureau of Investigation with more sweeping help, not related to any specific probe.
U.S. President Donald Trump piled on, accusing Apple on Twitter of refusing to unlock phones used by "killers, drug dealers and other violent criminal elements." Republican and Democratic senators sounded a similar theme in a December hearing, threatening legislation against end-to-end encryption, citing unrecoverable evidence of crimes against children. Apple did in fact did turn over the shooter's iCloud backups in the Pensacola case, and said it rejected the characterization that it "has not provided substantive assistance." Behind the scenes, Apple has provided the U.S. Federal Bureau of Investigation with more sweeping help, not related to any specific probe.
i mean technically (Score:5, Informative)
https://www.apple.com/privacy/ [apple.com]
That page says nothing about encrypted backups
The Legal mess with the "cloud" (Score:3)
Way back during the post 9-11 insanity (some continues,) there were fights being fought and somewhat lost over 3rd party services. Deciding if you had the right to privacy of your documents when you just hand them over to a 3rd party. Email was one of many of these fights. The expectation of privacy would come up but somehow seems to not be a big deal today. Most every user would expect their internet backup service to be secure with their papers/documents (I'm phrasing like the 4th amendment.)
Warrants al
Re: (Score:3)
Way back during the post 9-11 insanity (some continues,) there were fights being fought and somewhat lost over 3rd party services. Deciding if you had the right to privacy of your documents when you just hand them over to a 3rd party. Email was one of many of these fights. The expectation of privacy would come up but somehow seems to not be a big deal today.
The rules for email have been decided - anything left on a 3rd party mail server for more than 6 months is considered abandoned. It doesn't matter if you actively use the account. What matters is the timestamp for receipt. The feds don't even need a warrant to get email more than 6 months old.
Re:The Legal mess with the "cloud" (Score:4, Insightful)
> The rules for email have been decided - anything left on a 3rd party mail server for more than 6 months is considered abandoned. It doesn't matter if you actively use the account. What matters is the timestamp for receipt. The feds don't even need a warrant to get email more than 6 months old.
For reference, the ECPA [wikipedia.org] was written in 1986, when most email programs would download email (and webmail was unknown until about 1993).
ECPA Really REALLY needs to be updated. But Congress as been conditioned by the "going dark" argument against taking any such action.
Re: (Score:2)
The rules for email have been decided - anything left on a 3rd party mail server for more than 6 months is considered abandoned. It doesn't matter if you actively use the account. What matters is the timestamp for receipt. The feds don't even need a warrant to get email more than 6 months old.
Which works out really nicely for the Feds when the service never deletes your email and only removes it from your view.
Re: (Score:2)
This is interesting. At least as recently as 2018, the description of iCloud on the Apple Web site claimed that it was secure because it used 128-bit encryption. (Obviously, the problem with that is that the user didn't control the key.) I don't see that any more on the iCloud Web page; all I see are general statements like these [apple.com]: "Two-factor authentication helps keep your data safe. Two-factor authentication is an extra layer of security designed to ensure that only you can access your account. ... Design
Re: (Score:2)
This is interesting. At least as recently as 2018, the description of iCloud on the Apple Web site claimed that it was secure because it used 128-bit encryption. (Obviously, the problem with that is that the user didn't control the key.) I don't see that any more on the iCloud Web page; all I see are general statements like these [apple.com]: "Two-factor authentication helps keep your data safe. Two-factor authentication is an extra layer of security designed to ensure that only you can access your account. ... Designed with your
privacy in mind. Apple takes the security of your data and the privacy of your personal information very seriously. Because of that, iCloud features are designed to keep your information safe, secure, and available only to you."
Evidently "only to you" doesn't mean "only to you"; it means "only to you (and Apple, and any random government agency, and anyone else Apple deems to be more important than you)."
I always assumed that Apple meant that the communications between you and your account were encrypted but not the stored data.
Re:i mean technically (Score:5, Informative)
In other news: The FBI is routinely using data from people's iCloud backups.
Re:i mean technically (Score:4, Insightful)
Well, it's a good thing no one will ever be able to steal anyone's iCloud backup info then, right? That would be a real fappening [wikipedia.org] if it ever happened...
Are cloud backups opt in or opt out? (Score:4, Insightful)
Re:Are cloud backups opt in or opt out? (Score:5, Informative)
Re: (Score:2)
So, third-party back-up programs?
Re:Are cloud backups opt in or opt out? (Score:5, Informative)
Or you can backup your iPhone to your own computer, fully encrypted.
^ This (Score:4, Insightful)
Re: (Score:2)
Re: (Score:3)
Unless it warns in serious flashing red letters or at least can't miss it bold text that checking that box is a serious security risk and not recommended it is still a very big problem.
That's like having a tent at the carnival with a sign that says "Bliss attraction" and asking passing customers if they'd like to go in and see it, meanwhile the tent contains a viper pit just inside the door. But hey, they opt'd in.
Re: (Score:2)
What is a "Bliss attraction"?
Re: Are cloud backups opt in or opt out? (Score:2)
A euphemism for a pit of vipers.
Re: (Score:2)
If you say 'Yes' good luck ever turning it off and having it stay turned off. We've tried to turn off the backup several times, but always a week or two later her iToy will start backing up to the iCloud again (until it fills up and Apple tries to charge her for additional storage.)
Re: (Score:3)
I have turned off all iCloud communications for my IOS phone and MacOS computers. I don't see any messages exhorting me to turn any of it on. I occasionally back up my phone to one of my computers (encrypted with a local key).
After an OS upgrade (a while ago) on our shared MacOS desktop, my wife didn't read through the prompts carefully when first logging into her account, and accidentally turned on some iCloud stuff. A phone call to Apple resulted in their assistance making sure it was all turned off an
Re: (Score:3)
Re: (Score:3)
I can’t speak to the current, non-iTunes version of MacOS, but - in iTunes, you can choose whether you want your iOS device to back up to iCloud or locally. Local backups can be optionally encrypted with a password of your choosing.
Re: Are cloud backups opt in or opt out? (Score:3)
Iâ(TM)m pretty sure that in Catalina, the backup/restore and Sync functions have been ported from iTunes to Finder, with little to no changes.
sensible (Score:4, Insightful)
For Apple, this makes sense too - they could have encrypted the iCloud backup and that might well have caused a regulatory requirement to open it up in perhaps even less desirable ways.
Re:sensible (Score:4, Interesting)
Also... I have to wonder about criminals who use their phones for planning nefarious activities and/or bring their phone with them when performing nefarious activities.
It's like having a smart speaker in the room where you discuss your plans for robbing the bank.... why would you take that kind of chance?
Re: (Score:1)
The police is not after smart criminals. They just want to fill their quota to they appear to do their job and there are plenty of dumb criminals around. The thing about encryption is different. That serves for spying and to create chilling effects. It has nothing to do with catching criminals.
Re: (Score:2)
"They just want to fill their quota to they appear to do their job" and you know this how?
Re: (Score:2)
Ever work around many cops? People don't become criminals because they're bored being rocket scientists, they become criminals because they're lazy and stupid. The reason why crime is still a viable career choice is because police aren't any smarter or more ambitious than they are.
Re: (Score:2)
I would imagine they use burners and phones bought by cut-outs or using stolen identities or other means of masking who the phone belongs to, in addition to using encrypted communications, weird code language, etc.
I mean there's a zillion phones out there and they can't monitor them all, as long as they can't link a specific phone to a specific person it might as well count as secure.
Re: (Score:1)
Re: (Score:2)
Then you're probably too dumb to be a threat to the PTB.
Re: (Score:2)
The average consumer isn't worried about privacy from the FBI most will never have a run in with them, what they are worried about is identity theft and so long as the unencrypted backups stay secure and out of the hands of thieves then everything is fine. The moment iCloud is hacked and that treasure trove of unencrypted data is stolen the FBI will be taking Apple and their customers' complaints.
Re:sensible (Score:5, Insightful)
"If you plan nefarious actions, then don't use any cloud service. Otherwise enjoy the comfort of the extra resilience cloud brings."
Wow, the old "if you have a problem with this you must have something to hide" argument. It hasn't magically become valid.
A technology company shouldn't even offer the option of opting in to seriously compromise your own security without jumping through some hoops and highly visible stringent security warnings to make sure nobody can choose that option without knowing the consequence. Otherwise it is nothing but a trap for the ignorant similar to the clickbait and phishing emails used by other criminal attackers.
Re: (Score:2)
A technology company shouldn't even offer the option of opting in to seriously compromise your own security without jumping through some hoops and highly visible stringent security warnings to make sure nobody can choose that option without knowing the consequence. Otherwise it is nothing but a trap for the ignorant similar to the clickbait and phishing emails used by other criminal attackers.
You say that as if end-to-end encryption doesn't have downsides, basically it's "lose your last house key, lose your house". If you want to prevent Apple from accessing your backups it also means they can't help you recover your Apple ID from security questions or email or anything like that, since they could just look up the answers and unlock it themselves. You will need either a working iDevice or a local backup of the key and the general public is rather terrible with both. For most people that very rea
Re: (Score:2)
I'm sorry most criminals aren't interested in hacking government anything it's all trouble, there is no money in it, but they are very interested in consumers credit cards, bank cards, etc... and once all the low hanging fruit is gone the problem won't go away they will just work harder to get what they want. You can count on them to find a way if it means they are making money.
Re: (Score:2)
It doesn't matter you can use accessory technologies to help with storing and backing up keys. Even prompt users to print a QR code that will do the trick which can be stored in the same off-site safety deposit box they store important documents in.
In security we don't consider anything to be absolutely secure. All you can really do is hope to raise the difficulty/cost of breaking in. For many things you can easily accomplish raising the cost beyond the value of the target. For example the solution I've men
Re:sensible (Score:5, Insightful)
Re: (Score:2)
Once upon a time you could board an airliner with a concealed weapon as long as you had a permit. Even earlier you didn't need a permit.
Re:sensible (Score:4, Insightful)
"... entrusting data that can incriminate you to a random company or third party just isn't the smartest thing to do."
True, and relevant to this case, but that leaves out some important elements: first, someone planning a suicide attack doesn't care whether they get caught or convicted after the fact. (In that case, their accomplices, if any, have the problem that they trusted the wrong person.)
The second problem is that there's no general way to know or predict which activities the government may deem "nefarious", now or in the future.
Re: (Score:2)
"there's no general way to know or predict which activities the government may deem "nefarious", now or in the future"
Which is why there is no way to know or predict whether you'll consider the government's intentions nefarious. Really, that is what freedom is about retaining the individual right to be the final arbiter of things exactly like this.
Re: (Score:2)
They said they were offering end-to-end encryption and then provided at rest backdoored encryption... these people didn't entrust the data to Apple. Apple misled them into thinking it didn't have access and left itself plausible deniability because if you looked more closely they never actually said they implemented the end-to-end encryption like they'd promised. In fact buried out there is a page which lists in transit, in storage and end-to-end encryption for their products.
Re: (Score:2)
What a great way to go about privacy rights!
I'm sure that $FAVORITE_POLITICIAN will make sure that only $BAD_PEOPLE have their data used against them, and that $HORRIBLE_POLITICIAN will never be able to have sufficient power to turn this against me and those I care about.
Re: (Score:2)
The question is... who has access to the service? Every day brings with it news of another business being compromised. Encryption is nice, just to ensure that backups sent offsite are protected, even if the remote site is completely taken over.
This is a standard operating practice with cloud backups, where they are encrypted before they leave the client site. Why should phone backups be any less secure?
As for phones, the most secure backups I know of are done by Titanium Backup which creates a public/pri
With one major problem... (Score:2)
If you plan nefarious actions, then don't use any cloud service. Otherwise enjoy the comfort of the extra resilience cloud brings.
The problem with your proposition being that you do not decide what the authorities consider nefarious, or potentially nefarious, or an indicator that you might become potentially nefarious.
So Apple are now complicit? (Score:3)
Re: (Score:2)
Re:So Apple are now complicit? (Score:4, Insightful)
Re: (Score:2)
That doesn't meet the burden of what I'm talking about. I'm talking more along the lines of what most browsers present when you are about to load a page with an expired or spoofed certificate. Big bold print and "Not recommended", maybe two or three stages of prompts
"You want to expose all of your data UNENCRYPTED on the internet?" (yes/no)
"You've selected to expose all your data in an internet accessible location without encryption, this is not recommended." (back to safety/proceed)
"Confirmation about to P
Re: (Score:2)
Re: (Score:3)
Same thing
Re: (Score:2)
Re: (Score:2)
No, it really is.
Not only is that a back door but random Apple employees certainly aren't on the list of who you want looking at that striptease video your wife sent you. If three people know something then the secret is compromised... how many employees does Apple have again? That is before we even get into other organizations like the FBI which Apple routinely turns this data over to.
Re: (Score:2)
Now complicit? They've been handing over iCloud data for years, and encryption has never been an option even though it was trivial to add even when the service was first introduced. IIRC (and I may not) the original plan was to use the customers' data for targeting advertising like Google does, but even the fanbois complained so that idea got shelved.
old news really (Score:2)
iOS 10 security check is approximately 2,500 times weaker compared to the old one that was used in iOS 9 backups. example speeds:
iOS 9 (CPU): 2,400 passwords per second (Intel i5)
iOS 9 (GPU): 150,000 passwords per second (NVIDIA GTX 1080)
iOS 10 (CPU): 6,000,000 passwords per second (Intel i5)
thats the local backup...
Re: old news really (Score:2)
Re: (Score:2)
Re: (Score:2)
not for me but for thee (Score:1)
So it is OK for the US government to train middle eastern terrorists but it is not OK for us to have privacy - noted!
https://www.timesunion.com/new... [timesunion.com]
Re: (Score:2)
Duh, we've been giving them weapons since Irgun was founded and used them against our British allies. Most of the time we're selling/gifting weapons to both sides of any conflict in the region.
Guns (Score:4, Insightful)
Extra credit question: What can be worse, a bad government or bad citizens?
Re: (Score:2)
Comment removed (Score:4, Insightful)
Re: (Score:2)
It's an interesting question. Harm does happen in rare cases (both scenarios)
However, I'd like to see how gun owners react to democracy actually being threatened by the Presdent using State powersin Ukraine to influence elections at home.
True, guns are for protecting freedom, but it seems gun owners are more concerned about power than freedom. So why have guns?
Re: (Score:2)
entertaining outdoor activity they should bow-hunt
Hunting with bows is mostly forbidden in european countries or has absurd regulations. They call it "animal cruelty". In sime countries, hunting at all is nearly forbidden.
Comment removed (Score:5, Insightful)
Re: (Score:2)
There it is... Who cares if the FBI's job is harder encryption is about protecting consumer from criminals not terrorists and it's not about privacy it's about security. There are far more cases of identity fraud than terrorism and the FBI investigates identity fraud so they are making it easier to investigate identity fraud by making identity fraud easier. This doesn't sound like a very good plan.
We need an FBI that is recommending encryption and properly securing data against theft even if it makes it har
Encryption guaranty (Score:2)
Apple owns exclusive right and freedom to change the ECC encryption anytime. Why go there? Data encrypted by branded method are SOL when patent holders change it. NeXT changed its elliptical encryption algorithm between OS updates in the 90's. Years of data turned to stone.
PHP pulled off the Internet for six months after initial release. Woke theorists didn't swallow the Phil Zimmerman rewrite explanation.
Criminals (Score:1)
So you thought your phone was protected? (Score:1)
How many IPhone users don't adjust their backups? All of your phone information is going to be backed up by default?
If that is true then NONE of your phone's information is secure from the governments of the world and you have a VERY false sense of security. If the governments can get it so can hackers, and Apple.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Closed ecosystems can suck it (Score:2, Informative)
And this folks is a primary reason why closed ecosystems can suck it. People are concerned about the wrong things and asking all the wrong questions. The question should not be why did they not buck the FBI. The question should be why does apple get to pick and choose what you do with what should be your phone and your operating system. The encryption you choose should not be something that Apple can see much less veto. The backup software you use should also not be something that they can see or veto. They
Re: (Score:3)
The question should be why does apple get to pick and choose what you do with what should be your phone and your operating system.
Because it's not your operating system, and barely even your phone. You have a *license* giving you permission to use THEIR operating system, which they can revoke at will. In your purchase you agreed to install no non-Apple operating system on the phone ever. They reserve the right to require you to update THEIR operating system on their schedule (using the data connection you pay for) or they can disable it. If their next version of OS makes iCloud backups mandatory that's their choice, not yours, and
Re: (Score:2)
Ever read a software license? MS, Apple, IBM (pre-Linux), Tandem, etc. you don't actually own the software. You own a license which gives you permission to use the software until such time as they decide otherwise.
Re: (Score:2)
And did you ever read a law?
I buy something: I own it.
Re: (Score:2)
You bought a **license** to use a product, with all of the constraints in the license agreement which you approved. If you didn't read the agreement that is not the fault of the software company. You may have bought a CD with Windows 95 on it, but unless you accept the license agreement on it you just *own* an expensive coaster.
Re: (Score:2)
Yes, and the license gives me nearly all rights which ownership gives me.
Perhaps yo should red the licenses. They can not be revoked as you claimed in your first post.
The only thing I can not do with a piece of software that I have licensed is: copying it and redistributing the copies.
Often certain phrases are invalid.
As I said: if I buy something I own it, they can not take it away.
Google does (Score:2)
FWIW, Android backups stored by Google are fully encrypted as of, IIRC, 9.0. Note that they're not a complete snapshot of what's on your device, though, because only apps that opt in get backed up.
Re: (Score:2)
I will be happy when they actually are restorable. I've yet to ever find an Android backup done by Google which could actually be restored after a factory reset and work.
Re: (Score:3)
Indeed. It's great that they are encrypted, but as far as I can tell, they are equally useful whether you have the key or not.
Re: (Score:2)
I've restored them after a factory reset once, and twice after getting a new phone. I wonder if it makes a difference what apps you have installed, my phone is mostly just a phone and a camera, I don't use it for much else.
Re: (Score:3)
I will be happy when they actually are restorable. I've yet to ever find an Android backup done by Google which could actually be restored after a factory reset and work.
I've used it the last couple of times I got a phone. When setting up a new phone (or an old phone after factory reset), you're given the option of using a cable to copy from the old phone or restoring from backup. Of course, very few apps opt in to backup as of yet, so not a lot is backed up or restored. Mostly you just get all of your old apps re-downloaded, but without data.
Re: (Score:2)
android 10 has changed this a bit... they've made the cloud backup opt-out, since developers seemed to have either been lazy or ignorant.
Really? Interesting. I missed that. Thanks.
Please do not quote unreliable sources (Score:2)
Quoting the president in the summary adds nothing to the facts of the story.
Re: (Score:2)
Re: (Score:3)
If you can't tell the difference between "I want to keep my photos private" and "I want to go hunting / do target practice / overthrow the tyrannical government", then it is you doing the revealing contortions.
Re: (Score:3)
I don't want encrypted backups (Score:4, Interesting)
Re: (Score:3)
Backup Exec? Steer clear of anything that Symantec has ever touched. More often than not your server OS has built in backup software that doesn't have all the pretty bells and whistles but which will do the job correctly and consistently. People don't like to use them since they're more work to set up and document, but IMNSHO they're worth the extra time and effort.
Re: (Score:2)
I have this issue where I work. We encrypt basically everything, including backups. When something fails and you need to recover, and encrypted backup is a major pain in the neck to restore. Sometimes, you can't restore it, particularly if the backup was taken a while ago. We sometimes need to recover historical data from backups. We often find that the encryption software can't read it, since they change the way it encrypts and it no longer knows how to read the old encryption format. We have to work with the company who supplies it to get a version that can read it again. We have failed to recover data a few times just because we couldn't decrypt it.
Would you be happier if you couldn't read your unencrypted backups due to a format change because the company couldn't be bothered to do basic testing on their software? This problem is really that a company is delivering a product they don't have the technical chops to pull off, it has nothing to do with encryption.
So Apple really, really cares about privacy (not) (Score:2)
Apple's theatrics about unlocking smartphones really wer just a publicity stunt. They knew full well that the government could unlock the phones without their assistance, so protesting made them look good without actually costing them anything.
If they don't encrypt user data that has been uploaded to the cloud, then that is a huge gaping hole in user privacy and security. Being kept conveniently open for use and abuse by the US government.
Who told the FBI??? (Score:4, Interesting)
What I want to know is, who told the FBI they were considering encrypting backups? You just do it, you don't go asking the enemy if they like the idea.
Re: (Score:2)
The FBI has routinely been accessing iCloud backups for years, it probably just came up when they went to pick up another data dump. "Hey, this process isn't going to work in a few months since we'll be starting to encrypt backups."
What I want to know is what bozo at Apple made the decision not to encrypt them when they started the service, that should have been the rule from Day One.
Re: (Score:3, Insightful)
No judge in their right mind is going to issue an arrest and seizure warrant because a federal agent said "trust me, these hand-made chat log files are totally legit."
Why not? Federal judges have issued warrants based on hand-made phone call logs. Heck, warrants have been issued based on "this super-secret confidential file totally justifies a warrant. No, we can't show you, because it's super secret, but trust me, these blank sheets of paper, I mean super secret files are totally legit."
I guess my point is, apparently there are a lot of judges that by your standard are not in their right mind.
Re: (Score:2)
Warrants are issued all the time based on 'anonymous tips'. In at least one case the 'tipster' was the detective's girlfriend listing evidence that he had acquired illegally so it couldn't have been used for the warrant.
Re:Already being downvoted (Score:4, Informative)
A lot of it isn't just "OMG, the gubmint". It is the fact that security breaches are the norm these days, and you want data and metadata protected every chance you get, because you never know if your ISP may get hacked (your phone number gets stolen via a SIM swap attack, and your IP logs used as blackmail), your cloud provider gets hacked and your files encrypted and you get a note saying that your secret pr0n stash will be sent to your wife and kids in 24 hours unless you cough up some bitcoins, your location is used so people can figure how to grab your kids, or you trigger some AI threshold somewhere, and some extremist group starts gunning for you because you made one too many political jibes (left or right) on social media that is watched by bots.
There are so many extremist groups out there, that privacy is more to protect yourself from them than anything else. This is why all the serious discussions have moved to Telegram, Signal, or MeWe, because there is far less chance of all the discussion being logged and slurped up, only to be used for blackmail/extortion later on.
The government is the least of my worries. I am more worried about dumb companies that slurp up lots of data, then get compromised (the C-levels seem to make a good bit of cash when they short their stock before the official announcement), than anything else.
Re: (Score:2)
Huh, you mean random crackers would have a harder time stealing my banking and credit card data? Damn, that would be awful! Who wants a future like that?
Re: (Score:2)
the whole net is going to start looking a lot more like Tor writ large
But that's not a bad thing.
Re: (Score:2)
Everybody has something to hide, even if they have done nothing wrong.
This is because some things are simply PRIVATE, not because there is anything nefarious happening.
I mean, we wear clothes every day when we are in public... not because there is necessarily anything *wrong* with our genitalia, which we are concealing from public view, but because those parts of our body are private.
So yes... privacy is important. To virtually everyone. To suggest otherwise is to choose willful ignorance of reality