That's a good point. How does this actually get handled? If the backup file were encrypted with the same encryption they are claiming is used on the physical phone, you wouldn't be able to restore it if a password reset had occurred in-between backup and restore. And if it's not the same encryption, then it doesn't matter how strongly the data is encrypted on the device...the iCloud backup would be available to law enforcement with a proper warrant...
If the encryption in iCloud backup relied on a device specific key you also wouldn't be able to restore an iCloud backup of a device to a new device (say an iPhone 5 backup restored onto an iPhone 6? ) so while iCloud backups may be encrypted I would doubt it is to the same level as data on any given device using a device specific key so it could well be accessible to people with the right warrant.
This is likely one of the reasons why Apple give you the option at App level to include / exclude what goes into an iCloud backup so you can skip stuff you don't want in the cloud. but as a rule of thumb If your data is really that sensitive you shouldn't be putting it anywhere near a service with "cloud" in the title, encrypted or otherwise.
If the encryption in iCloud backup relied on a device specific key you also wouldn't be able to restore an iCloud backup of a device to a new device (say an iPhone 5 backup restored onto an iPhone 6? ) so while iCloud backups may be encrypted I would doubt it is to the same level as data on any given device using a device specific key so it could well be accessible to people with the right warrant.
This is likely one of the reasons why Apple give you the option at App level to include / exclude what goes into an iCloud backup so you can skip stuff you don't want in the cloud. but as a rule of thumb If your data is really that sensitive you shouldn't be putting it anywhere near a service with "cloud" in the title, encrypted or otherwise.
The generic advice "if you have anything even remotely sensitive, don't put it anywhere on the Internet" is obvious... But as a solutions architect and the go-to guy for questions about all things technical for dozens of friends, family members and clients, I'd like to have as full and understanding as possible about how things actually work - and in this case, where the real exposures exist.
Apple can only reset the password if you can answer those annoying questions "where did your parents meet" etc the guy at apple is faced with these questions and cannot reset unless they are answered it therefore possibly means the questions are part of the encryption.
Take into account that, if Apple has the capability to reset your password without loss of encrypted backup data, it means that Apple has full access to backup data. Plain and simple.
The connection to your data is through your AppleId, not the password. Any user can initiate a reset, which triggers an email to the primary email address on record for the AppleId - the only one who can proceed further is the person who owns this primary email address. And, Apple could have designed it so they would have no way of gaining access. The big question, in my opinion, is whether to believe them or not. What would they have to gain in accessing your data, vs what would they have to lose.
I believe Apple not only doesn't seek our data, but doesn't want it. t don't think it's simply because they are being honorable - It doesn't fit their business model - and, they don't want to jeopardize their core business which is selling products.
IANAL... however as I understand the law in America, no matter where your data is: cloud, phone, hard drive, NAS, etc., when the feds or law enforcement agencies come calling with a warrant in hand, you ARE REQUIRED to obey that warrant or suffer the consequences of contempt of court. Naturally, you would consult a lawyer FIRST... but even they may suggest complying.
The same goes for the companies offering encrypted storage services. WITH A WARRANT... no company offering those services in America can lawfully say "no", without immediate judicial proceedings against them. They also may have a gag order placed upon them if the warrant and discovery process is part or portion of a sting operation.
I'm also not sure, but if you followed that case closely, it MAY be unlawful in America to even offer a storage service of ANY KIND without having the encryption keys to open it for law enforcement(?).
*** LavaBit owner Ladar Levison actually tried to be strong and fight the order and apeal for community help.... but he was even silenced by a gag order by the prosecuter and FBI to even say why or for what he needed help.
Here's a telling experience (from the linked article above) why "secure encrypted services" are almost impossible to have in America.
[I]Company CEO Michael Janke told TechCrunch that given his user base, [B]he knew the government was going to come after them sooner or later:[/B]
There are some very high-profile people on Silent Circle—and I mean very targeted people—as well as heads of state, human rights groups, reporters, special operations units from many countries. We wanted to be proactive because we knew USG would come after us due to the sheer amount of people who use us—let alone the “highly targeted high-profile people.” They are completely secure and clean on Silent Phone, Silent Text, and Silent Eyes, but e-mail is broken because govt can force us to turn over what we have. So to protect everyone and to drive them to use the other three peer to peer products–we made the decision to do this before men on [SIC] suits show up. Now—they are completely shut down—nothing they can get from us or try and force from us–we literally have nothing anywhere.[/I] [B][SIZE=4] *** In summary: absolutely NO DATA of any kind on any device, is safe from the Feds or law enforcement if they want it. None.[/SIZE][/B]
^^^^ Addendum to my above post from the other thread ^^^^^
[QUOTE][B][I]Cook goes on to explain current Apple privacy policies and the need for greater transparency in reporting government data requests,[/I][/B] a topic of concern for privacy advocates. In May, Apple announced it would routinely issue data request reports to keep the public apprised of U.S. national security orders and account information requests from various state agencies.[/QUOTE]
True that... until the judge signing the warrant adds a gag order. Once again: contempt of court if they offer any details other than numbers of requests. That also may be taken away from them via court order... so I think this is an appeal to the public and other organizations to help in advocating laws prohibiting all-inclusive "gag orders" and provisions of a warrant.
I wonder if the security is due to the iPay system? I don't care if my selfies and poor taste in music is snooped by anyone but if we start using a mobile as a payment device then it is good if my mobile is stolen that it can't be exploited (assuming I have an adequate pin etc).
Will the fingerprint recognition be better than the current tech that can be bypassed using a photo of your fingerprint?
The connection to your data is through your AppleId, not the password. Any user can initiate a reset, which triggers an email to the primary email address on record for the AppleId - the only one who can proceed further is the person who owns this primary email address. And, Apple could have designed it so they would have no way of gaining access.
If cloud data backup is encrypted using AppleId (and not your password), then Apple has access to the content, because Apple knows you Apple Id.
The point is not if Apple allows third-party people to access data (obviously no), but if Apple can be forced to disclose your data. The only way to declare that Apple cannot be forced to provide that data, is to encrypt them with a user-provided password not stored anywhere. But then, if you reset password, you would lose the backup data.
Take into account that, if Apple has the capability to reset your password without loss of encrypted backup data, it means that Apple has full access to backup data. Plain and simple.
Only no. Apple can not reset a password protected by 2-step without the correct information.
And this is coming from the guy who almost lost thousands of dollars worth of iTunes content and did lose a shit load of personal content through a 2-step mishap. Apple, being awesome, graced me and copied my purchases to a new account - everything else was lost.
If cloud data backup is encrypted using AppleId (and not your password), then Apple has access to the content, because Apple knows you Apple Id.
The point is not if Apple allows third-party people to access data (obviously no), but if Apple can be forced to disclose your data. The only way to declare that Apple cannot be forced to provide that data, is to encrypt them with a user-provided password not stored anywhere. But then, if you reset password, you would lose the backup data.
See my post above why your assumption is wrong. American justice can force any company to disclose your data, including you.
If you really get down to it, it really makes NO difference because unless your a terrorist plotting against the government and it's citizens (or some movie star twit with nude pics) who really cares, there is security in place to protect you, probably some of the best in the world, besides if the government really wants to know about you they can and will find out...
I did. More than once. I don't see anywhere where this is addressed.
The article said that data on the cloud can be accessed, but if that data were encrypted beyond normal iCloud encryption, Apple still shouldn't be able to decrypt it. For example, 1Password can be synced through the cloud, but it is certainly encrypted by the users password. In this case, seeing it in the cloud would be no different than seeing it on a device. My question was whether or not iPhone backups work in the same manner.
Cool system for everybody. In particular, law enforcement needs probable cause to get the information in the first place. Since NSA has had none for the most part, they never had Constitutional authority for any of it.
Apple may not be able to decrypt, but that doesn't mean NSA cannot request the encrypted data, and work on decoding themselves. The key, if you will, is the strength of the encryption method. Are there backdoors, even unknown by Apple, which would allow decryption?
*** In summary: absolutely NO DATA of any kind on any device, is safe from the Feds or law enforcement if they want it. None.
Unfortunately this is true. Although this is a nice extra hurdle that's exactly only what it is. If they want the data they will be able to get it. There are even forensic software packages out there you can buy that allow you to recover data from a locked iOS (or any other OS) device. The idea that data can be secure from government requests is an illusion unfortunately.
But every hurdle helps of course. P.s. this seems more for Apple's own convenience so they aren't continuously asked to bypass the passcode.
THis is an awesome claim Android will never be able to make.
It's optional, but there are native and 3rd party encryption solutions on Android. The native system is easy to use, and "not technically feasible" to crack.
I did. More than once. I don't see anywhere where this is addressed.
The article said that data on the cloud can be accessed, but if that data were encrypted beyond normal iCloud encryption, Apple still shouldn't be able to decrypt it. For example, 1Password can be synced through the cloud, but it is certainly encrypted by the users password. In this case, seeing it in the cloud would be no different than seeing it on a device. My question was whether or not iPhone backups work in the same manner.
If you backup you data on your PC with a password, Apple CANNOT do anything with it. There is no way to recover the password or the data. My son did this and forgot his password. Apple support could do nothing for him. He had to remove and reinstall iTunes, and re-do the backup with a new password.
If you do 2-step authentication, Apple can no longer reset your password PERIOD. They tell you this multiple times when you enable it that the only method (if you forget your password, and lose a trusted device) is with the recovery key which Apple does NOT have. If you lose the recovery key, then you will have to create a new Apple account, and hope they will be nice enough to transfer everything over to it. They really are under no obligation to do so, but as previously mentioned, they have done it for people in the past.
Comments
wow,i agree with you
____________________
More Exciting Content http://www.rsgoldget.com ; Waiting For You.
If the encryption in iCloud backup relied on a device specific key you also wouldn't be able to restore an iCloud backup of a device to a new device (say an iPhone 5 backup restored onto an iPhone 6?
This is likely one of the reasons why Apple give you the option at App level to include / exclude what goes into an iCloud backup so you can skip stuff you don't want in the cloud. but as a rule of thumb If your data is really that sensitive you shouldn't be putting it anywhere near a service with "cloud" in the title, encrypted or otherwise.
Apple can only reset the password if you can answer those annoying questions "where did your parents meet" etc the guy at apple is faced with these questions and cannot reset unless they are answered it therefore possibly means the questions are part of the encryption.
Could be wrong.
Anyway "I HAVE NOTHING TO HIDE"
Take into account that, if Apple has the capability to reset your password without loss of encrypted backup data, it means that Apple has full access to backup data. Plain and simple.
The connection to your data is through your AppleId, not the password. Any user can initiate a reset, which triggers an email to the primary email address on record for the AppleId - the only one who can proceed further is the person who owns this primary email address. And, Apple could have designed it so they would have no way of gaining access. The big question, in my opinion, is whether to believe them or not. What would they have to gain in accessing your data, vs what would they have to lose.
I believe Apple not only doesn't seek our data, but doesn't want it. t don't think it's simply because they are being honorable - It doesn't fit their business model - and, they don't want to jeopardize their core business which is selling products.
Plain and simple...
The same goes for the companies offering encrypted storage services. WITH A WARRANT... no company offering those services in America can lawfully say "no", without immediate judicial proceedings against them. They also may have a gag order placed upon them if the warrant and discovery process is part or portion of a sting operation.
Please read [URL=http://arstechnica.com/tech-policy/2013/08/in-wake-of-lavabit-shutdown-another-secure-e-mail-service-goes-offline/]what happened to LavaBit (and others)[/URL] when they tried to deny access to their users accounts for more info, claiming they didn't have the encryption keys. ***
I'm also not sure, but if you followed that case closely, it MAY be unlawful in America to even offer a storage service of ANY KIND without having the encryption keys to open it for law enforcement(?).
*** LavaBit owner Ladar Levison actually tried to be strong and fight the order and apeal for community help.... but he was even silenced by a gag order by the prosecuter and FBI to even say why or for what he needed help.
Here's a telling experience (from the linked article above) why "secure encrypted services" are almost impossible to have in America.
[I]Company CEO Michael Janke told TechCrunch that given his user base, [B]he knew the government was going to come after them sooner or later:[/B]
There are some very high-profile people on Silent Circle—and I mean very targeted people—as well as heads of state, human rights groups, reporters, special operations units from many countries. We wanted to be proactive because we knew USG would come after us due to the sheer amount of people who use us—let alone the “highly targeted high-profile people.” They are completely secure and clean on Silent Phone, Silent Text, and Silent Eyes, but e-mail is broken because govt can force us to turn over what we have. So to protect everyone and to drive them to use the other three peer to peer products–we made the decision to do this before men on [SIC] suits show up. Now—they are completely shut down—nothing they can get from us or try and force from us–we literally have nothing anywhere.[/I]
[B][SIZE=4]
*** In summary: absolutely NO DATA of any kind on any device, is safe from the Feds or law enforcement if they want it. None.[/SIZE][/B]
[QUOTE][B][I]Cook goes on to explain current Apple privacy policies and the need for greater transparency in reporting government data requests,[/I][/B] a topic of concern for privacy advocates. In May, Apple announced it would routinely issue data request reports to keep the public apprised of U.S. national security orders and account information requests from various state agencies.[/QUOTE]
True that... until the judge signing the warrant adds a gag order. Once again: contempt of court if they offer any details other than numbers of requests. That also may be taken away from them via court order... so I think this is an appeal to the public and other organizations to help in advocating laws prohibiting all-inclusive "gag orders" and provisions of a warrant.
I wonder if the security is due to the iPay system? I don't care if my selfies and poor taste in music is snooped by anyone but if we start using a mobile as a payment device then it is good if my mobile is stolen that it can't be exploited (assuming I have an adequate pin etc).
Will the fingerprint recognition be better than the current tech that can be bypassed using a photo of your fingerprint?
Dobby.
If cloud data backup is encrypted using AppleId (and not your password), then Apple has access to the content, because Apple knows you Apple Id.
The point is not if Apple allows third-party people to access data (obviously no), but if Apple can be forced to disclose your data. The only way to declare that Apple cannot be forced to provide that data, is to encrypt them with a user-provided password not stored anywhere. But then, if you reset password, you would lose the backup data.
Only no. Apple can not reset a password protected by 2-step without the correct information.
And this is coming from the guy who almost lost thousands of dollars worth of iTunes content and did lose a shit load of personal content through a 2-step mishap. Apple, being awesome, graced me and copied my purchases to a new account - everything else was lost.
See my post above why your assumption is wrong. American justice can force any company to disclose your data, including you.
I did. More than once. I don't see anywhere where this is addressed.
The article said that data on the cloud can be accessed, but if that data were encrypted beyond normal iCloud encryption, Apple still shouldn't be able to decrypt it. For example, 1Password can be synced through the cloud, but it is certainly encrypted by the users password. In this case, seeing it in the cloud would be no different than seeing it on a device. My question was whether or not iPhone backups work in the same manner.
Cool, iOS 8, the system for terrorists!
Cool system for everybody. In particular, law enforcement needs probable cause to get the information in the first place. Since NSA has had none for the most part, they never had Constitutional authority for any of it.
Apple may not be able to decrypt, but that doesn't mean NSA cannot request the encrypted data, and work on decoding themselves. The key, if you will, is the strength of the encryption method. Are there backdoors, even unknown by Apple, which would allow decryption?
Few more thoughts and things you can do to make sure you're secure.
Unfortunately this is true. Although this is a nice extra hurdle that's exactly only what it is. If they want the data they will be able to get it. There are even forensic software packages out there you can buy that allow you to recover data from a locked iOS (or any other OS) device. The idea that data can be secure from government requests is an illusion unfortunately.
But every hurdle helps of course. P.s. this seems more for Apple's own convenience so they aren't continuously asked to bypass the passcode.
THis is an awesome claim Android will never be able to make.
It's optional, but there are native and 3rd party encryption solutions on Android. The native system is easy to use, and "not technically feasible" to crack.
This has been in place since Android 3.0.
I did. More than once. I don't see anywhere where this is addressed.
The article said that data on the cloud can be accessed, but if that data were encrypted beyond normal iCloud encryption, Apple still shouldn't be able to decrypt it. For example, 1Password can be synced through the cloud, but it is certainly encrypted by the users password. In this case, seeing it in the cloud would be no different than seeing it on a device. My question was whether or not iPhone backups work in the same manner.
If you backup you data on your PC with a password, Apple CANNOT do anything with it. There is no way to recover the password or the data. My son did this and forgot his password. Apple support could do nothing for him. He had to remove and reinstall iTunes, and re-do the backup with a new password.
If you do 2-step authentication, Apple can no longer reset your password PERIOD. They tell you this multiple times when you enable it that the only method (if you forget your password, and lose a trusted device) is with the recovery key which Apple does NOT have. If you lose the recovery key, then you will have to create a new Apple account, and hope they will be nice enough to transfer everything over to it. They really are under no obligation to do so, but as previously mentioned, they have done it for people in the past.