There is major distinction between the San Bernardino and Stone cases. In the San Bernardino case, the FBI also wanted Apple to provide a backdoor into the shooter’s iPhone.
The government can legally obtain a warrant to search your iCloud account (stored on Apple’s servers) however, even with a legally obtained warrant Apple will NOT provide the contents of the device nor will they provide a backdoor.
Since data, such as iMessages and iCloud mail go through Apple’s servers the government can usually get their hands on what they need anyway. All perfectly legal...
Since iMessages are end-to-end encrypted can Apple really provide access to them if I don’t have an iCloud backup?
No. It can't provide the contents of such messages.
But it will provide iMessage capability query logs pursuant to an 18 USC §2703(d) court order.
If you have selected to back up iMessages to iCloud, then Apple can provide the contents. What do you think happens when you get a new iPhone and do a restore from an iCloud backup? All your iMessages get restored as well.
If you're really concerned about security you wouldn't back anything up to iCloud and do local encrypted backups to your computer via iTunes. Just be aware that if you lose the password for your encrypted backup you lose your data. Apple can't recover an encrypted iTunes backup.
For me I have just about everything set to backup to iCloud. The convenience of having a continuous and up-to-date backup (plus having items shared between devices) far outweighs my worries that the police or other agency are going to ever need to read my iMessages.
Are you sure iMessages aren’t encrypted when stored on iCloud? There’s no reason why they wouldn’t be. Messages are encrypted with the senders and recipients keys aren’t they? Doing a restore decrypts them just like encrypted email, which unfortunately isn’t the default way Mail is run.
There is major distinction between the San Bernardino and Stone cases. In the San Bernardino case, the FBI also wanted Apple to provide a backdoor into the shooter’s iPhone.
The government can legally obtain a warrant to search your iCloud account (stored on Apple’s servers) however, even with a legally obtained warrant Apple will NOT provide the contents of the device nor will they provide a backdoor.
Since data, such as iMessages and iCloud mail go through Apple’s servers the government can usually get their hands on what they need anyway. All perfectly legal...
Since iMessages are end-to-end encrypted can Apple really provide access to them if I don’t have an iCloud backup?
No. It can't provide the contents of such messages.
But it will provide iMessage capability query logs pursuant to an 18 USC §2703(d) court order.
If you have selected to back up iMessages to iCloud, then Apple can provide the contents. What do you think happens when you get a new iPhone and do a restore from an iCloud backup? All your iMessages get restored as well.
If you're really concerned about security you wouldn't back anything up to iCloud and do local encrypted backups to your computer via iTunes. Just be aware that if you lose the password for your encrypted backup you lose your data. Apple can't recover an encrypted iTunes backup.
For me I have just about everything set to backup to iCloud. The convenience of having a continuous and up-to-date backup (plus having items shared between devices) far outweighs my worries that the police or other agency are going to ever need to read my iMessages.
Are you sure iMessages aren’t encrypted when stored on iCloud? There’s no reason why they wouldn’t be. Messages are encrypted with the senders and recipients keys aren’t they? Doing a restore decrypts them just like encrypted email, which unfortunately isn’t the default way Mail is run.
iCloud stores content for the services that the subscriber has elected to maintain in the account while the subscriber’s account remains active. Apple does not retain deleted content once it is cleared from Apple’s servers. iCloud content may include email, stored photos, documents, contacts, calendars, bookmarks, Safari browsing history, Maps Search History, Messages and iOS device backups. iOS device backups may include photos and videos in the Camera Roll, device settings, app data, iMessage, Business Chat, SMS, and MMS messages and voicemail. All iCloud content data stored by Apple is encrypted at the location of the server. When third-party vendors are used to store data, Apple never gives them the keys. Apple retains the encryption keys in its U.S. data centers. iCloud content, as it exists in the subscriber’s account, may be provided in response to a search warrant issued upon a showing of probable cause.
But should there have been a difference? Drawing an absolute moral equivalency between all crimes (White color crime equaling mass murder in your example case), only makes Apple (and AppleInsider) appear to be a pandering partisan corporation. What next, handing information over to the government for parking tickets? So much for thinking different.
This is why I do not put my data in the cloud. I do not back up my phone to iCloud, it's only back up to my computers. And my data on my computer is encrypted.
Now we know Apple is slowing moving in a direction of removing all ports on that phone making it 100% wireless and they do not want the phone tied to iTunes anymore. When this happens your will have no choice and Apple will have your data free for and government to get warrant to request without you knowing.
Also keep in mind, we have been told that your iCloud data is encrypted and if someone got their hands on they could not use it since its encrypted. So how did the government unencrypted the iCloud backup. Did Apple provide the unencrypted data, or did the government hack it. Lots of things to think about.
BTW, do you know if communications are encrypted it's illegal for anyone to hack the encryption communications, so did Apple unencrypted someone private communications.
There is major distinction between the San Bernardino and Stone cases. In the San Bernardino case, the FBI also wanted Apple to provide a backdoor into the shooter’s iPhone.
The government can legally obtain a warrant to search your iCloud account (stored on Apple’s servers) however, even with a legally obtained warrant Apple will NOT provide the contents of the device nor will they provide a backdoor.
Since data, such as iMessages and iCloud mail go through Apple’s servers the government can usually get their hands on what they need anyway. All perfectly legal...
Since iMessages are end-to-end encrypted can Apple really provide access to them if I don’t have an iCloud backup?
No. It can't provide the contents of such messages.
But it will provide iMessage capability query logs pursuant to an 18 USC §2703(d) court order.
If you have selected to back up iMessages to iCloud, then Apple can provide the contents. What do you think happens when you get a new iPhone and do a restore from an iCloud backup? All your iMessages get restored as well.
If you're really concerned about security you wouldn't back anything up to iCloud and do local encrypted backups to your computer via iTunes. Just be aware that if you lose the password for your encrypted backup you lose your data. Apple can't recover an encrypted iTunes backup.
For me I have just about everything set to backup to iCloud. The convenience of having a continuous and up-to-date backup (plus having items shared between devices) far outweighs my worries that the police or other agency are going to ever need to read my iMessages.
Hi Eric, Sorry mate, but I disagree that Apple have access to the contents of iMessage to iCloud data. If you parse through the Apple iOS Security Guide it states:
"...CloudKit end-to-end encryption with a CloudKit service key protected by iCloud Keychain syncing. For these CloudKit containers, the key hierarchy is rooted in iCloud Keychain and therefore shares the security characteristics of iCloud Keychain—the keys are available only on the user’s trusted devices, and not to Apple or any third party."
Of course only the E2E functions of iCloud use CloudKit - iMessages, Home Data, iCloud Keychain etc. The other stuff (email, photos, contacts, non iMessage messages are stored encrypted at rest, but Apple has the key to that and can access that info if it is required to. It is still a good idea to back up your iPhone to your own computer, but you should be reasonably confident that your CloudKit data will be safe online. The other stuff, not so much (I'm looking at you, WhatsApp iCloud backups!!).
Also, when you get a new iPhone and restore your messages, you are adding the new iPhone to your 'circle of trust' on your E2E encryption. This is why you have to authenticate on your Mac etc before you can add the new iPhone.
I’m not seeing a problem, besides conspiracy theorists that don’t understand the process (of evidence collection). ....
Generally, conspiracy theorists, particularly the professional ones, don't give a darn about understanding anything. They only care about furthering their agenda.
From what I remember, Apple could have unlocked the San Bernadino suspects phone if the FBI had given it to them right away, but instead they got jumpy and tried to guess the password a bunch of times and in doing so locked the phone for good.
Ditto what Rob53 said. I would like a refresher course on iCloud backups. I believe mine is encrypted. Remember leakgate of celebrities a few years ago. I wonder why someone in the public eye (Stone) would not completely encrypt their Apple devices; especially the iCloud backup.
Basically, everything is stored encrypted, but Apple has the keys to unlock it at will. This includes your iCloud backup files. However, data that is end-to-end encrypted (such as iMessage contents, Health, Home data, et. al) is unable to be read by Apple. This is because the E2E systems mix your devices passcode into the encryption, and as we know Apple has no way to read or get a device’s passcode.
Edit - also note, Messages in iCloud is listed under the End-to-End encryption entries. Meaning Apple cannot read their contents. Since messages in iCloud removed the backing up of Messages as part of the iCloud backup, even if your iCloud backup were turned over to authorities, it would only include a copy of the key protecting the messages, but not the Messages themselves (since they are stored separate from the backup when using Messages in iCloud). So, I would deduce that perhaps it is possible for authorities to retrieve iMessage contents, since the document states “your backup includes a copy of the key protecting your Messages”. I wish Apple would provide more clarification on this.
From what I remember, Apple could have unlocked the San Bernadino suspects phone if the FBI had given it to them right away, but instead they got jumpy and tried to guess the password a bunch of times and in doing so locked the phone for good.
While the "got jumpy" part is mostly right, what the password change attempt did is prevent the phone from doing another iCloud backup -- which lead to the unlock order in a separate court action since the feds were concerned that there was data that they didn't have. It also caused some really ridiculous things to be said, like there was a "dormant cyber-pathogen" somehow lurking on the device.
Ultimately, the FBI contracted Cellebrite to break into the phone, and they didn't find anything. Nor was there any dormant virus, like the feds alluded too.
There is major distinction between the San Bernardino and Stone cases. In the San Bernardino case, the FBI also wanted Apple to provide a backdoor into the shooter’s iPhone.
The government can legally obtain a warrant to search your iCloud account (stored on Apple’s servers) however, even with a legally obtained warrant Apple will NOT provide the contents of the device nor will they provide a backdoor.
Since data, such as iMessages and iCloud mail go through Apple’s servers the government can usually get their hands on what they need anyway. All perfectly legal...
Right. I guess I'm not sure what you're saying that's different in the article?
Perhaps a clarification may help -- simply that data saved on an iPhone is not necessarily in iCloud. That is an important distinction between the San Bernadino case and the others (even though, IIRC, nothing found on that particular iPhone was of any value).
Since iMessages are end-to-end encrypted can Apple really provide access to them if I don’t have an iCloud backup?
No. It can't provide the contents of such messages.
But it will provide iMessage capability query logs pursuant to an 18 USC §2703(d) court order.
If you have selected to back up iMessages to iCloud, then Apple can provide the contents. What do you think happens when you get a new iPhone and do a restore from an iCloud backup? All your iMessages get restored as well.
If you're really concerned about security you wouldn't back anything up to iCloud and do local encrypted backups to your computer via iTunes. Just be aware that if you lose the password for your encrypted backup you lose your data. Apple can't recover an encrypted iTunes backup.
For me I have just about everything set to backup to iCloud. The convenience of having a continuous and up-to-date backup (plus having items shared between devices) far outweighs my worries that the police or other agency are going to ever need to read my iMessages.
The problem for Stone is not that he backed up to iCloud, but that he didn't choose for his backup to be encrypted. So, contrary to what you say above, my understanding is that an encrypted backup to iCloud is "Safe" for a user, because the encryption occurs on the phone, before being sent to the iCloud servers (unlike with Google, who encrypts your data for you once your data gets to their cloud, using a key that Google holds). Apple does not hold the key, your phone does; and this is how Apple likes it and wants it to remain.
So, yes, Apple can provide the "Content" from iCloud servers when requested, but my understanding is that the content itself may be gobbledy-gook to those looking at it, unless they have your unlocked phone to go with it. But if the iCloud backup is not encrypted by your phone, then it is plain and readable when that content is handed over.
So, you should be able to backup to iCloud with confidence of your content remaining private (ie, unreadable), if you have chosen encrypted backups.
In the case of the San Bernardino shooters, the content Apple handed over was encrypted and therefore useless to the FBI, so Apple was asked to also unlock the phones -- which Apple "can't" do, at least not without creating a general backdoor that compromises all Apple devices.
Thankfully, Apple uniquely remains unwilling to do this, though it gets constant pressure from all sorts of governments and agencies. In fact, Apple keeps working to keep third-party security companies from being able to "casually" unlock devices through brute-force tools (such as not allowing attached devices to access a phone without the owner inputting their unlock key).
From what I remember, Apple could have unlocked the San Bernadino suspects phone if the FBI had given it to them right away, but instead they got jumpy and tried to guess the password a bunch of times and in doing so locked the phone for good.
I think what you're referring to is what Apple said about San Bernardino County and the FBI changing the password for the iCloud account used on the iPhone, not attempts to unlock the iPhone using guessed passcodes.
The county was able to reset the password for the iCloud account so that the FBI could quickly get access to whatever iCloud backups might exist. Apple asserted, in its motion to vacate the ex parte order, that it might have been possible to force a new iCloud backup had that not been done.
The DOJ claimed, in response, that the iPhone had been found powered off so it wouldn't have automatically done another iCloud backup (e.g. if it was connected to a known WiFi network) anyway. The DOJ claimed that the iPhone would have first needed to be unlocked using the passcode. It also indicated that the automatic iCloud backup functionality had been disabled. Further, the DOJ argued that there would be information retrievable from the iPhone (if it were unlocked) that wouldn't have been part of an iCloud backup, even if a new one could have been forced.
So, in theory, what Apple suggested might have been possible had the iCloud password not been changed by San Bernardino County and the FBI. But, as it turned out, it likely wouldn't have worked.
Comments
Now we know Apple is slowing moving in a direction of removing all ports on that phone making it 100% wireless and they do not want the phone tied to iTunes anymore. When this happens your will have no choice and Apple will have your data free for and government to get warrant to request without you knowing.
Also keep in mind, we have been told that your iCloud data is encrypted and if someone got their hands on they could not use it since its encrypted. So how did the government unencrypted the iCloud backup. Did Apple provide the unencrypted data, or did the government hack it. Lots of things to think about.
BTW, do you know if communications are encrypted it's illegal for anyone to hack the encryption communications, so did Apple unencrypted someone private communications.
Sorry mate, but I disagree that Apple have access to the contents of iMessage to iCloud data.
If you parse through the Apple iOS Security Guide it states:
"...CloudKit end-to-end encryption with a CloudKit service key protected by iCloud Keychain syncing. For these CloudKit containers, the key hierarchy is rooted in iCloud Keychain and therefore shares the security characteristics of iCloud Keychain—the keys are available only on the user’s trusted devices, and not to Apple or any third party."
Of course only the E2E functions of iCloud use CloudKit - iMessages, Home Data, iCloud Keychain etc.
The other stuff (email, photos, contacts, non iMessage messages are stored encrypted at rest, but Apple has the key to that and can access that info if it is required to.
It is still a good idea to back up your iPhone to your own computer, but you should be reasonably confident that your CloudKit data will be safe online. The other stuff, not so much (I'm looking at you, WhatsApp iCloud backups!!).
Also, when you get a new iPhone and restore your messages, you are adding the new iPhone to your 'circle of trust' on your E2E encryption. This is why you have to authenticate on your Mac etc before you can add the new iPhone.
Basically, everything is stored encrypted, but Apple has the keys to unlock it at will. This includes your iCloud backup files. However, data that is end-to-end encrypted (such as iMessage contents, Health, Home data, et. al) is unable to be read by Apple. This is because the E2E systems mix your devices passcode into the encryption, and as we know Apple has no way to read or get a device’s passcode.
Edit - also note, Messages in iCloud is listed under the End-to-End encryption entries. Meaning Apple cannot read their contents. Since messages in iCloud removed the backing up of Messages as part of the iCloud backup, even if your iCloud backup were turned over to authorities, it would only include a copy of the key protecting the messages, but not the Messages themselves (since they are stored separate from the backup when using Messages in iCloud). So, I would deduce that perhaps it is possible for authorities to retrieve iMessage contents, since the document states “your backup includes a copy of the key protecting your Messages”. I wish Apple would provide more clarification on this.
The problem for Stone is not that he backed up to iCloud, but that he didn't choose for his backup to be encrypted. So, contrary to what you say above, my understanding is that an encrypted backup to iCloud is "Safe" for a user, because the encryption occurs on the phone, before being sent to the iCloud servers (unlike with Google, who encrypts your data for you once your data gets to their cloud, using a key that Google holds). Apple does not hold the key, your phone does; and this is how Apple likes it and wants it to remain.
So, yes, Apple can provide the "Content" from iCloud servers when requested, but my understanding is that the content itself may be gobbledy-gook to those looking at it, unless they have your unlocked phone to go with it. But if the iCloud backup is not encrypted by your phone, then it is plain and readable when that content is handed over.
So, you should be able to backup to iCloud with confidence of your content remaining private (ie, unreadable), if you have chosen encrypted backups.
In the case of the San Bernardino shooters, the content Apple handed over was encrypted and therefore useless to the FBI, so Apple was asked to also unlock the phones -- which Apple "can't" do, at least not without creating a general backdoor that compromises all Apple devices.
Thankfully, Apple uniquely remains unwilling to do this, though it gets constant pressure from all sorts of governments and agencies. In fact, Apple keeps working to keep third-party security companies from being able to "casually" unlock devices through brute-force tools (such as not allowing attached devices to access a phone without the owner inputting their unlock key).
The county was able to reset the password for the iCloud account so that the FBI could quickly get access to whatever iCloud backups might exist. Apple asserted, in its motion to vacate the ex parte order, that it might have been possible to force a new iCloud backup had that not been done.
The DOJ claimed, in response, that the iPhone had been found powered off so it wouldn't have automatically done another iCloud backup (e.g. if it was connected to a known WiFi network) anyway. The DOJ claimed that the iPhone would have first needed to be unlocked using the passcode. It also indicated that the automatic iCloud backup functionality had been disabled. Further, the DOJ argued that there would be information retrievable from the iPhone (if it were unlocked) that wouldn't have been part of an iCloud backup, even if a new one could have been forced.
So, in theory, what Apple suggested might have been possible had the iCloud password not been changed by San Bernardino County and the FBI. But, as it turned out, it likely wouldn't have worked.