:rolleyes: iCloud is encrypted. iCloud documents are encrypted. 1Password is encrypted. Everybody is encrypted. This isn't the unique snowflake feature that some of you think it is.
Sweet, I accept your capitulation and await significant reparations (I accept Major credit cards/Paypal). :smokey:
And 1Password is encrypted by itself, I think with better encryption than iCloud. That can be synced via iCloud which is stored on their servers in an encrypted format and Rx/Tx encrypted. If you're iCloud password gets compromised so does your iCloud keychain, but your 1Password DB is still encrypted. That said, the benefit of 1Password over iCloud Keychain has to do with features that have already been mentioned ad nauseam.
And 1Password is encrypted by itself, I think with better encryption than iCloud. That can be synced via iCloud which is stored on their servers in an encrypted format and Rx/Tx encrypted. If you're iCloud password gets compromised so does your iCloud keychain, but your 1Password DB is still encrypted. That said, the benefit of 1Password over iCloud Keychain has to do with features that have already been mentioned ad nauseam.
Sigh. So? If your 1Password is compromised, so is your iCloud. Also, you forgot to include the preceding "Apple is doomed!" before your hypothetical assumption there was a problem. Different encryption, or similar encryption marketed differently? Kinda seems like 1Password is dependent on an OS's built-in encryption features. It certainly looks like their iOS app went 256-bit AES only after iOS6 introduced that feature in the SDK.
These features you mention aren't impressive enough to warrant the extra system boat. But sure, continue to explain why anyone should waste around $50 on a redundant app. Security theater?
Have all you 1Password fans also installed the Chrome malware? This would explain some of the pressing need and fervent condemnation of any other method for remembering passwords.
<span style="line-height:1.4em;">Ok... </span>
<img alt=":rolleyes:" src="http://forums-files.appleinsider.com/images/smilies/1rolleyes.gif" style="line-height:1.4em;">
<span style="line-height:1.4em;"> </span>
<span style="line-height:1.4em;">You made out the </span>
<span style="line-height:1.4em;">individual</span>
<span style="line-height:1.4em;"> words, </span>
<span style="line-height:1.4em;">but then confused 1st and 2nd person. </span>
You should probably get and install1Grammatical-Personright away,
so this can be the last time you're ever embarrassed about how pronouns work!
Really? If it's a location... and you live there, "All upside your head" would have nothing to do with first or second person. Just what happens to people that live there.
Your attempt at being clever and making location to mean something else entirely for your own chuckles... well, it was an "attempt". You swung and missed. But definitely, keep on laughing at yourself... :rolleyes:
Really? If it's a location... and you live there, "All upside your head" would have nothing to do with first or second person. Just what happens to people that live there.
Wrong again. If you now want a literal interpretation "All upside your head" is merely the name of the location, no action or 'happenings' are implied "to people that live there".
Originally Posted by ThePixelDoc
Your attempt at being clever and making location to mean something else entirely for your own chuckles... well, it was an "attempt". You swung and missed. But definitely, keep on laughing at yourself...
Please clarify:
Should I keep laughing at myself? Or are you using 'universal pronoun compactor' again, and really mean that I should keep laughing at you?
Though I am glad that doctorate is in the graphic arts and not medicine! Drive the attending staff insane, never know if the doctor or patient is supposed to be getting the injection. Seriously though, art is a beautiful thing. Walk-walka-walka!
:rolleyes: iCloud is encrypted. iCloud documents are encrypted. 1Password is encrypted. Everybody is encrypted. This isn't the unique snowflake feature that some of you think it is.
lol - ignorance is bliss.
iCloud documents ARE NOT encrypted. Ever access your documents from the web? Used the iWork beta? That stuff doesn't work if it's encrypted. I'd pull out the reference in the recent iOS security guide that calls this out but screw it, if you really want to know you can go find it yourself.
Also, not all encryption is the same. Session encryption (which iCloud does use via SSL) is entirely different than data at rest encryption (which is what 1Password excels at for it's password safe).
Your overconfidence that you "get" encryption are leaving our assets hanging out there
Please define "1Password is compromised" - what exactly does that mean to you? What exactly does iCloud being compromised mean to you?
Words have meaning and context is important.
Thanks for showing up late to a dead thread, putting no real little effort into reading comprehension, and then asking for it all to be re-explained to you.
Yes, context is important... and probably something you should have groked before raising the same, already tired nonsense.
Ever access your documents from the web? Used the iWork beta? That stuff doesn't work if it's encrypted. I'd pull out the reference in the recent iOS security guide that calls this out but screw it, if you really want to know you can go find it yourself.
Answers:
No.
No.
Apple already has clearly posted iCloud encryption details, but please continue to refute them.
Quote:
Originally Posted by DocNo42
Also, not all encryption is the same. Session encryption (which iCloud does use via SSL) is entirely different than data at rest encryption (which is what 1Password excels at for it's password safe).
Yes, there are different types of encryption! Do you want your fish treat now or later? 1Password has certainly trained you well to jump through their hoops. Where would I be without their special magic encryption? Oh yeah, right here and still secure.
Quote:
Originally Posted by DocNo42
Your overconfidence that you "get" encryption are leaving our assets hanging out there
"Our assets"? I not leaving anybody's assets hanging out there.
Ok, technically iCloud documents are encrypted when stored on Amazon or Azure - wherever they landed in your account.
However the keys they are encrypted with are escrowed by Apple and provided when you authenticate, or when an Apple service needs data. I don't consider that "encryption" since it's pretty much transparent to me or Apple.
There are multiple entry points into iCloud. Apple just recently fixed in the last couple of days a way where there was no rate limiting to brute force password attempts against Apple ID's.
Complexity - it's the enemy of security.
Apple already has clearly posted iCloud encryption details, but please continue to refute them.
Yup - but it's not the same kind of encryption that solutions like 1Password offer - it's more equivalent to session encryption like SSL than what most would think of as true data at rest encryption, and why I don't really think of it as "encryption" in the context of what we are discussing.
If I was the only one who could decrypt the iCloud encryption and Apple couldn't then we would be talking the same thing - we aren't. Apple can (and must due to the way many services that depend on iCloud documents work) decrypt everything in your iCloud since it escrows those keys.
Yes, there are different types of encryption! Do you want your fish treat now or later? 1Password has certainly trained you well to jump through their hoops. Where would I be without their special magic encryption? Oh yeah, right here and still secure.
lol - again, your ignorance is showing. There is no way Apple - or AgileBits - can decrypt my 1Password password store. I'm the only one that can, unless I pick an exceedingly stupid password.
To get to your password list in iCloud all someone has to do is find one way into your account or iCloud - of which there are multiple potential entry points. I'm a huge fan of Apple, have two factor authentication enabled but still wish they would take some extra steps.
For example, two factor won't stop someone who guesses your password from restoring a backup to a different device. Apple is considering changing that (good!). If someone gets some malware onto your computer and steals your iTunes authentication token, bam - they can get also get to your backup. If you opened your password doc on any of your mobile devices, it could be cached on it and in your backup - bam, they have your password list.
That's what I'm talking about with multiple entry points. I'm sure more could be pointed out with a bit more effort - but why try - that's already three too easy for me. With 1Password there is one, and only one entry point. It doesn't matter if someone get's a copy of my file - the encryption algorithm used for the master password has rate limiting built into it's core (see PBKDF2). iCloud encryption has none of that safety built in. Which is not a problem since that's not what it's encryption was ever intended to solve! iCloud's encryption was designed to keep your data safe from others while on Apple's service providers networks (again, just as SSL is designed to keep your communication private between you and a server on the Internet, but does nothing to encrypt your data on the server itself). iCloud encryption was never meant to shield it from Apple or large chunks of the Apple ecosystem like iWork. Back to the different encryption styles you still openly mock out of what is obvious ignorance (or stupidity/stubbornness).
TL;dr - That the encryption iCloud and 1Password both use a password at one point is about all they have in common.
Anyway, suffer under your false sense of security. It's obvious your never going to listen to reason. Hopefully mine and others responses to you might show someone else reading this thread that thought you might have a clue instead just how wrong they would be and can save them some potential heartache.
Comments
And 1Password is encrypted by itself, I think with better encryption than iCloud. That can be synced via iCloud which is stored on their servers in an encrypted format and Rx/Tx encrypted. If you're iCloud password gets compromised so does your iCloud keychain, but your 1Password DB is still encrypted. That said, the benefit of 1Password over iCloud Keychain has to do with features that have already been mentioned ad nauseam.
And 1Password is encrypted by itself, I think with better encryption than iCloud. That can be synced via iCloud which is stored on their servers in an encrypted format and Rx/Tx encrypted. If you're iCloud password gets compromised so does your iCloud keychain, but your 1Password DB is still encrypted. That said, the benefit of 1Password over iCloud Keychain has to do with features that have already been mentioned ad nauseam.
Sigh. So? If your 1Password is compromised, so is your iCloud. Also, you forgot to include the preceding "Apple is doomed!" before your hypothetical assumption there was a problem. Different encryption, or similar encryption marketed differently? Kinda seems like 1Password is dependent on an OS's built-in encryption features. It certainly looks like their iOS app went 256-bit AES only after iOS6 introduced that feature in the SDK.
These features you mention aren't impressive enough to warrant the extra system boat. But sure, continue to explain why anyone should waste around $50 on a redundant app. Security theater?
Have all you 1Password fans also installed the Chrome malware? This would explain some of the pressing need and fervent condemnation of any other method for remembering passwords.
Nope. Pay attention.
:no:
Nope. Pay attention.
Nice try.
Remember this is your hypothetical thread about iCloud hypothetically being compromised.
Quid pro quo. Then 1Password can also be hypothetically hacked.
So... in order for 1Password to be 'more' secure, you need to contrive a situation where other secure products are insecure?
Increase you dependancies and use your silly 3rd app if you need to, but stop pretending that you can't be secure using the built-in tools correctly.
Nope. Pay attention.
Your stated profile location: "All upside your head" leads me to believe you've taken too many... and need to move on.
Just sayin'... :smokey:
Your stated profile location: "All upside your head" leads me to believe you've taken too many... and need to move on.
Just sayin'...
Ok...
You made out the individual words, but then confused 1st and 2nd person.
You should probably get and install 1Grammatical-Person right away,
so this can be the last time you're ever embarrassed about how pronouns work!
" src="http://forums-files.appleinsider.com/images/smilies//lol.gif" />
Really? If it's a location... and you live there, "All upside your head" would have nothing to do with first or second person. Just what happens to people that live there.
Your attempt at being clever and making location to mean something else entirely for your own chuckles... well, it was an "attempt". You swung and missed. But definitely, keep on laughing at yourself... :rolleyes:
Really? If it's a location... and you live there, "All upside your head" would have nothing to do with first or second person. Just what happens to people that live there.
Your attempt at being clever and making location to mean something else entirely for your own chuckles... well, it was an "attempt". You swung and missed. But definitely, keep on laughing at yourself...
Please clarify:
Should I keep laughing at myself? Or are you using 'universal pronoun compactor' again, and really mean that I should keep laughing at you?
Though I am glad that doctorate is in the graphic arts and not medicine! Drive the attending staff insane, never know if the doctor or patient is supposed to be getting the injection. Seriously though, art is a beautiful thing. Walk-walka-walka!
lol - ignorance is bliss.
iCloud documents ARE NOT encrypted. Ever access your documents from the web? Used the iWork beta? That stuff doesn't work if it's encrypted. I'd pull out the reference in the recent iOS security guide that calls this out but screw it, if you really want to know you can go find it yourself.
Also, not all encryption is the same. Session encryption (which iCloud does use via SSL) is entirely different than data at rest encryption (which is what 1Password excels at for it's password safe).
Your overconfidence that you "get" encryption are leaving our assets hanging out there
The two aren't related in the least.
Please define "1Password is compromised" - what exactly does that mean to you? What exactly does iCloud being compromised mean to you?
Words have meaning and context is important.
The two aren't related in the least.
Please define "1Password is compromised" - what exactly does that mean to you? What exactly does iCloud being compromised mean to you?
Words have meaning and context is important.
Thanks for showing up late to a dead thread, putting no real little effort into reading comprehension, and then asking for it all to be re-explained to you.
Yes, context is important... and probably something you should have groked before raising the same, already tired nonsense.
lol - ignorance is bliss.
iCloud documents ARE NOT encrypted.
Incorrect.
Ever access your documents from the web? Used the iWork beta? That stuff doesn't work if it's encrypted. I'd pull out the reference in the recent iOS security guide that calls this out but screw it, if you really want to know you can go find it yourself.
Also, not all encryption is the same. Session encryption (which iCloud does use via SSL) is entirely different than data at rest encryption (which is what 1Password excels at for it's password safe).
Yes, there are different types of encryption! Do you want your fish treat now or later? 1Password has certainly trained you well to jump through their hoops. Where would I be without their special magic encryption? Oh yeah, right here and still secure.
Your overconfidence that you "get" encryption are leaving our assets hanging out there
I think this thread has been compromised...by brute force!
Or at the very least by someone who needs to learn some how to communicate without looking like a complete twat.
Ok, technically iCloud documents are encrypted when stored on Amazon or Azure - wherever they landed in your account.
However the keys they are encrypted with are escrowed by Apple and provided when you authenticate, or when an Apple service needs data. I don't consider that "encryption" since it's pretty much transparent to me or Apple.
There are multiple entry points into iCloud. Apple just recently fixed in the last couple of days a way where there was no rate limiting to brute force password attempts against Apple ID's.
Complexity - it's the enemy of security.
Yup - but it's not the same kind of encryption that solutions like 1Password offer - it's more equivalent to session encryption like SSL than what most would think of as true data at rest encryption, and why I don't really think of it as "encryption" in the context of what we are discussing.
If I was the only one who could decrypt the iCloud encryption and Apple couldn't then we would be talking the same thing - we aren't. Apple can (and must due to the way many services that depend on iCloud documents work) decrypt everything in your iCloud since it escrows those keys.
lol - again, your ignorance is showing. There is no way Apple - or AgileBits - can decrypt my 1Password password store. I'm the only one that can, unless I pick an exceedingly stupid password.
To get to your password list in iCloud all someone has to do is find one way into your account or iCloud - of which there are multiple potential entry points. I'm a huge fan of Apple, have two factor authentication enabled but still wish they would take some extra steps.
For example, two factor won't stop someone who guesses your password from restoring a backup to a different device. Apple is considering changing that (good!). If someone gets some malware onto your computer and steals your iTunes authentication token, bam - they can get also get to your backup. If you opened your password doc on any of your mobile devices, it could be cached on it and in your backup - bam, they have your password list.
That's what I'm talking about with multiple entry points. I'm sure more could be pointed out with a bit more effort - but why try - that's already three too easy for me. With 1Password there is one, and only one entry point. It doesn't matter if someone get's a copy of my file - the encryption algorithm used for the master password has rate limiting built into it's core (see PBKDF2). iCloud encryption has none of that safety built in. Which is not a problem since that's not what it's encryption was ever intended to solve! iCloud's encryption was designed to keep your data safe from others while on Apple's service providers networks (again, just as SSL is designed to keep your communication private between you and a server on the Internet, but does nothing to encrypt your data on the server itself). iCloud encryption was never meant to shield it from Apple or large chunks of the Apple ecosystem like iWork. Back to the different encryption styles you still openly mock out of what is obvious ignorance (or stupidity/stubbornness).
TL;dr - That the encryption iCloud and 1Password both use a password at one point is about all they have in common.
Humans really do suck at assessing risk
Anyway, suffer under your false sense of security. It's obvious your never going to listen to reason. Hopefully mine and others responses to you might show someone else reading this thread that thought you might have a clue instead just how wrong they would be and can save them some potential heartache.
lol - I love how you didn't answer the questions.