Apple Announces iCloud+ With Privacy-focused Features

Apple is rolling out some updates to iCloud under the name iCloud+. Existing paid iCloud users are going to get those iCloud+ features for the same monthly subscription price. From a report: In Safari, Apple is going to launch a new privacy feature called Private Relay. It sounds a bit like the new DNS feature that Apple has been developing with Cloudflare. Originally named Oblivious DNS-over-HTTPS, Private Relay could be a better name for something quite simple -- a combination of DNS-over-HTTPS with proxy servers. When Private Relay is turned on, nobody can track your browsing history -- not your internet service provider, anyone standing in the middle of your request between your device and the server you're requesting information from.

The second iCloud+ feature is 'Hide my email.' It lets you generate random email addresses when you sign up to a newsletter or when you create an account on a website. If you've used 'Sign in with Apple,' you know that Apple offers you the option to use fake iCloud email addresses. This works similarly, but for any app. Finally, Apple is overhauling HomeKit Secure Video. With the name iCloud+, Apple is separating free iCloud users from paid iCloud users. Basically, you used to pay for more storage. Now, you pay for more storage and more features. Subscriptions start at $0.99 per month for 50GB (and iCloud+ features).

Spammers will regex the fake address formats

[xack]

And ask for your real address.

Re:

[teg]

And ask for your real address.

From what they showed, detecting these as non-normal addresses that's going to be quite a challenge... they looked just like normal icloud.com addresses to me. It did not look like a decipherable scheme like the "+" on gmail.

Re:

[tlhIngan]

It did not look like a decipherable scheme like the "+" on gmail.

+ is a valid email address character since the beginning. It means to the MTA that the account is the part before +, while any email processor can use the bit after the + for sorting and filtering. This was to help people keep their inboxes organized - if you wrote a piece of software, you could have people send you questions to email+software@example.com which will filter out software related questions saving you from having to do it yourself

Re:

[TuballoyThunder]

I wish that was universally true. Plus addressing is not necessarily enabled by all mail delivery agents (MDAs). In addition, some websites will not accept plus addressing as a valid email.

Re:

[R.Mo_Robert]

+ is a valid email address character since the beginning. [...]

I think the issue being pointed out here is that it's simple to "undo" this process and obtain the user's "real" e-mail address (just remove the "+" and everything between it and the "@"), so it's not very useful for avoiding spam and whatnot — not whether "+" is valid (though I have seen the rare form that refuses to let it be input as such...).

The hope, then, is that Apple's process is not easily reversible — or ideally not at from anything external to their own system (perhaps a stored dictio

Re:

[Anubis IV]

In theory, sure, they could. In practice? The incentives aren't lined up the way you think, so it almost never happens.

Think about it this way: who has the motive and ability to do so? Criminal spammers have the motivation, but they don't run the sites where we provide addresses, so they have no ability to influence those rules. Legitimate companies that are spammy with their marketing newsletters have the ability, but they also follow CAN-SPAM's requirements [wikipedia.org], so your email address is never more than a clic

nobody can track your browsing history?

[bagofbeans]

When Private Relay is turned on, nobody can track your browsing history -- not your internet service provider, anyone standing in the middle of your request between your device and the server you're requesting information from.

Erm, I think Apple can "track your browsing history", and as Mr Snowden pointed out, they are part of NSA's PRISM surveillance program.

Re:

[BeepBoopBeep]

If NSA is on your ass, you got bigger problems than browsing history.

Re:

[mitchy]

Excellent point! That said:

Which major tech/FAANG companies are NOT part of the PRISM program? Do we have any (mainstream) options?

I qualify with (mainstream) because some obscure, less-than-automatic DIY approach will not work for my wife, dad, neighbor, etc. Even ProtonMail for example, never really caught on, as it was just too hard for non-technical folks.

Re: nobody can track your browsing history?

[ArmoredDragon]

I wouldn't be surprised at all if PRISM is no more. When spy organizations have their tactics exposed, they change tactics.

Re:

[Jeremi]

I wouldn't be surprised at all if PRISM is no more. When spy organizations have their tactics exposed, they change tactics.

Why change tactics when it's cheaper just to change names?

"I can assure you, Senator, that the PRISM program has been shut down and remains inactive." (just don't ask about our new JISM program that looks suspiciously similar!)

Re:

[ArmoredDragon]

Why would they need anything cheaper? This is the US government we're talking about, it basically has a credit card with no spending limit.

Re:

[Jeremi]

There are some things money can't buy (such as working code completed and usable before a deadline)

Re:

[dfghjk]

Way to miss the point, in true /. tradition.

Re:

[superdave80]

Isn't the NSA technically on everybody's ass?

Re:

[bagofbeans]

Yup. That's why it's called mass surveillance, and the point that dfghjk was making to Bro Beep

Re:

[BeepBoopBeep]

Having access to your ass vs being on your ass are very different things. The NSA is not a social monitoring group as implemented in China various internet thin skin programs.

Re:

[bagofbeans]

The NSA is not a social monitoring group, sure. But it operates a surveillance machine that passes info to orgs such as FBI that do operate social monitoring groups. FBI got slapped recently for tracking BLM protesters, a protected 1st amendment activity.

Ending Key Escrow?

[bill_mcgonigle]

Is Apple still holding your private keys under Privacy+?

Re:

[teg]

Is Apple still holding your private keys under Privacy+?

I thought they weren't able to decrypt at least some parts of the data - ref. the FBI vs Apple battle [wikipedia.org]? They did announce some new ways to recover accounts which must be at odds with this, though - "digital legacy" (who gets selected parts of your data when you die... I guess I should enable that on photos, just in case) and some recovery mechanism as well.

FBI vs Apple

[bagofbeans]

Everything one icloud (and every other cloud) is fair game, as is any outgoing and incoming data.

Big Fruit maintained that they can't decrypt a locked phone, and FBI backed out from the demand because they couldn't risk a court limiting their decryption actions.

Re:

[rtb61]

I want a more secure iCloud. Apple better pull it's finger out, else some one else will get there first. I want a local box to store my stuff, so I can access and the box to back up an encrypted version in a software box to the cloud, if I want to back it up. Else it runs most stuff locally, that requires local storage and data analysis. No need to bother Apple services with anything day to day, just back up. I would like a box that does it own email serving, direct and gets backed up, an Apple account addr

Re:

[tlhIngan]

I thought they weren't able to decrypt at least some parts of the data - ref. the FBI vs Apple battle? They did announce some new ways to recover accounts which must be at odds with this, though - "digital legacy" (who gets selected parts of your data when you die... I guess I should enable that on photos, just in case) and some recovery mechanism as well.

Everything on iCloud isn't encrypted. It's because it has access to your mail, calendar, notes, etc. Ditto your iCloud backups of your phone, though that

Re:Ending Key Escrow?

[Anubis IV]

Is Apple still holding your private keys under Privacy+?

Depends what keys and services you're talking about specifically, I'd guess, as well as what you mean.

As things are today, Apple doesn't hold all the keys. For instance, if you buy a new iPhone, don't enable iCloud Backup when the option is offered (I can't recall if this is actually necessary or not, but let's say that it is, just to be safe), and then send an iMessage to someone, Apple won't have any ability to access to it. It's true E2E encryption: private keys that stay on-device, on-device encryption/decryption for all messages, etc.. Those private keys live in the Secure Enclave, so they never leave your device; the contract between it and the rest of the system doesn't allow for private key retrieval. Likewise, FaceTime is solid.

On the other hand, if you enable iCloud Backup they will have at least some level of access to your data on their servers (maybe not iMessages, but definitely some other data, and if you opt-in to message syncing between devices, I seem to recall that they get a copy of iMessages as well). I thought they had said a number of years ago—maybe just a bit after the San Bernardino shooting—that they would work to harden iCloud Backup, but they got enough pushback from law enforcement (and no corresponding PR blowback from the media) that they never actually carried out that hardening, so far as I'm aware.

Anyway, you'll have to check through Apple's white papers on a case-by-case basis. Some stuff is rock solid. Other stuff leaves the keys in Apple's hands. In all cases, however, Apple's white papers are very approachable, even to security newbies, and they're very thorough in covering all of their products and services. For the most part, Apple's stuff is decently secure, but inasmuch as you start to hit areas where you sacrifice usability in significant ways (e.g. if Apple doesn't have the keys, iCloud Backup is useless in the vast majority of cases in which a clueless user needs it, so there's a valid case to be made either way), you start to hit areas where they created small openings for themselves. They're honest about it, and they explain why in many cases, and it's still decently secure, but the soft spots are still there.

Keeping prices high..

[luvirini]

Where other companies like Google have lowered their prices for storage plans, Apple keeps their price high by adding "features".

Re:

[King_TJ]

I guess.... although Google's the one who just got rid of the unlimited free photo storage (free users only get a 15GB allotment to share among any Google apps). And I haven't seen any notable price drops on the cost of DropBox storage lately?

All in all, my experience is that trying to use "free" cloud services has resulted in the regular need to gather up my content and move it from place to place, because someone's always taking away or restricting their free tier. (This has held true since back in the d

Re:Keeping prices high..

[Moridineas]

Meh. I pay $10/month for 2TB of cloud storage that's shared among multiple iCloud accounts. I'm cool with that.

worst keynote ever.

[presearch]

It was just goofy. Almost nothing for developers, mostly OS features that stomp on 3rd parties.
Is it that the millennials have taken over? They act like we're all children now.
Your watch can now tell you that you're loved, every fifteen minutes. It's embarrassing.

And what is with all of these photogenic presenters? Is that the primary hiring criteria now?
The beautiful people only hang with their own kind so hiring is "I can get you in".
Fiilled with shallow workers that will be demanding stylists and makeup

Disagree, lots of cool developer stuff

[SuperKendall]

Almost nothing for developers

I didn't get that at all. Just being able to build and submit apps all on the iPad is huge, and then added onto that you have Xcode Cloud continuous integration which looks really nice...

Then on top of that the async/await/actor stuff coming to Swift will be REALLY helpful for a lot of people and catches Swift up with other languages in terms of modern concurrency support.

This was actually a really good keynote for developers I thought... the SOTU was not as good in fact, becau

Re:

[mcswell]

"So Apple is going after Zoom, with all of the zoom-ish features baked into the OS."

IMHO that makes a lot of sense, given that we're going to have a lot more on-line meetings after the pandemic than we did before (although not as many as during). So a zoomish interface makes a lot of sense.

"Swipe from the top, the bottom, the corners.. Near impossible to discover."

On that, we agree; swipe makes no sense and isn't s.t. I'll remember next time. Discoverability was a principle of GUIs back in the good old da

Unrelated pedantry

[Dixie_Flatline]

Are techcrunch articles usually this badly written? This one is full of grammatical errors and appears to have several words missing. I know they're on a deadline since this info just dropped, but it's pretty bad for a professional tech site.

Privacy as a Paid Premium Feature

[FrankOVD]

What a time to be alive!

lol

[Anonymous Coward]

When Private Relay is turned on, nobody can track your browsing history -- not your internet service provider, anyone standing in the middle of your request between your device and the server you're requesting information from.

Said nobody ever who was familiar with internet protocols.

Ever since SNI (Server Name Indication) was introducted to the TLS protocol it is trivial for ISPs, or any intermediary relay, to sniff the unencrypted client_hello packets to see where you're trying to connect. This feature w

privacy

[Drechsler]

There should be understanding of privacy and secrecy. People can so easily give up their privacy that it's sometimes scary. iCloud+ features look promising, but is it going to last like forever? Settings >>> Privacy >>> Down in the menu >>> Apple Advertising My Apple review on cheapessaywriter.co.uk [cheapessaywriter.co.uk]