Electronic Frontier Foundation 'Fix it Already' program demands fixes to security & privac...

Posted:
in iCloud
The Electronic Frontier Foundation on Thursday launched "Fix It Already," a campaign directed at nine tech companies including Apple, pressuring them to solve privacy and security issues with their platforms.

Apple Mesa data center


In the case of Apple, the EFF is arguing that the company should offer people the choice to set tighter encryption on iCloud backups. Such backups are already encrypted, the EFF noted, but can be decrypted on-demand by Apple -- and hence handed over in government search requests. The data could also theoretically be raided by hackers.

"The good news," the EFF said, "is that Apple CEO Tim Cook already thinks that encrypting iCloud backups is a good idea and seems to want to implement it in the future."

Apple complies with most government search requests for iCloud data, the only criteria typically being whether due process was followed. That includes not just law enforcement but spy agencies, such as the U.S. National Security Agency.

This can become a serious threat in countries like China and Russia, where autocrats regularly have opposition members imprisoned or killed. Apple has come under fire for obeying laws in those countries requiring local data hosting -- stronger iCloud backups could be a way out of the controversy, though it would likely face pressure to weaken security if it wants to keep doing business.

The EFF suggests that heightened encryption should be optional because Apple can help people recover data when they can't remember passwords.

iCloud backups can contain a range of content, from photos, videos, and texts to app data and HomeKit setups. Things like contacts, notes, and email are stored separately.

Comments

  • Reply 1 of 10
    I guess “Fix It Again Tony” was already taken. 
  • Reply 2 of 10
    Good initiative. I hope Apple finds a way to balance convenience & security. 
    lostkiwi
  • Reply 3 of 10
    cpsrocpsro Posts: 2,475member
    The prime complaint about Android (app-specific access to the Internet) also goes for iOS and is duly noted by the EFF as applying to Apple, too. I've been harping on this for ages but until now have felt alone in my concerns. Thanks, EFF.
    edited February 28
  • Reply 4 of 10
    AppleExposedAppleExposed Posts: 1,381unconfirmed, member

    All while Samsung laughs in their face,

  • Reply 5 of 10
    rcfarcfa Posts: 775member
    Does Apple document somewhere what data they can and cannot decrypt without the user handing over their password by free will?
  • Reply 6 of 10
    knowitallknowitall Posts: 1,409member
    I wonder what request Facebook got. Terminate the company?
    AppleExposedtyler82chasmlostkiwiwatto_cobra
  • Reply 7 of 10
    auxioauxio Posts: 2,002member
    rcfa said:
    Does Apple document somewhere what data they can and cannot decrypt without the user handing over their password by free will?
    https://support.apple.com/en-us/HT202303

    russwelijahgbala1234
  • Reply 8 of 10
    chasmchasm Posts: 1,643member
    While I (and apparently Tim) agree broadly with this initiative, I find it wildly hypocritical of the EFF to flag Apple about this — the one company that actually gives a shit about user privacy — and doesn’t call out, you know, Google and Facebook (for starters). This smells like a publicity stunt aimed at people who don’t read past the headlines.
    lostkiwiwatto_cobra
  • Reply 9 of 10
    chasm said:
    While I (and apparently Tim) agree broadly with this initiative, I find it wildly hypocritical of the EFF to flag Apple about this — the one company that actually gives a shit about user privacy — and doesn’t call out, you know, Google and Facebook (for starters). This smells like a publicity stunt aimed at people who don’t read past the headlines.
    Don’t be do fast on the “hypocrite” card. Facebook, Android, Verizon, Twitter are all mentioned in separate posts. Scroll down to the bottom:

    https://fixitalready.eff.org/apple/#/

    I’m sure the plea to Google is coming one day.
  • Reply 10 of 10
    gatorguygatorguy Posts: 20,898member
    chasm said:
    While I (and apparently Tim) agree broadly with this initiative, I find it wildly hypocritical of the EFF to flag Apple about this — the one company that actually gives a shit about user privacy — and doesn’t call out, you know, Google and Facebook (for starters). This smells like a publicity stunt aimed at people who don’t read past the headlines.
    Did you think about following the links? That's why you thought it was "wildly hypocritical" since you didn't.

    Android:
    https://fixitalready.eff.org/android

    Facebook:
    https://fixitalready.eff.org/facebook

    You're welcome.
    edited March 1
Sign In or Register to comment.