And too few journalists and security professionals either understand or want to admit the complexity of Apple’s situation, which leads to oversimplified suggestions that “Apple could just…”Īpple does try to minimize customer risk by limiting what is backed up. Too many users lose access to their iCloud accounts - and thus to irretrievable family photos - for Apple to implement something that would unilaterally prevent data recovery. I would love to see Apple make customer-managed encryption for iCloud backups an option, but I see no viable path for it to become the default. Yes, it’s possible to regain access if you have more than one device, but many millions of Apple’s customers own just a single iPhone. If someone were to lose their device and couldn’t remember their iCloud credentials, which happens all the time, they would lose access to all their data forever.
However, allowing users to control encryption keys creates a massive usability problem. That’s why Apple can access customer data if required by law enforcement Apple controls the encryption key and can recover the data without the customer’s knowledge or permission.īefore you call this a massive security flaw, keep in mind that my sources tell me that Apple has seriously looked at encrypting these backups with customer-managed encryption.
RESET ENCRYPTED DATA APPLE PASSWORD
Apple encrypts those backups in storage, but they aren’t protected with a separate user-defined password or encryption key. The Difference between iCloud and iTunes Backups - By default, iOS devices try to back up to iCloud. While I wish that Apple hadn’t made this change, and I do consider it a hit to my personal security, I can see where Apple is coming from and how the company may see it as enhancing the safety of user data. In absolute terms, Apple’s change is a step backward for iOS security, but the nuances of real-world usage suggest that Apple believes it’s a net improvement for protecting user data from loss. IOS 11 Encrypted Backup Change Reduces Security, Boosts Data Safetyĭigital forensics firm Elcomsoft revealed this week that Apple has changed how encrypted iOS backups are protected, reducing security to improve the overall user experience.Įlcomsoft’s discovery kicked off a vigorous debate on Hacker News and Twitter, but does this change represent a real risk to the average Apple user? The answer is yes, but that answer has to be understood in the proper context. #1603: Replacing a 27-inch iMac, Luna Display turns a 27-inch iMac into a 5K display, OWC's affordable Thunderbolt 4 cables.
#1604: Universal Control how-to, show proxy icons in Monterey, Eat Your Books cookbook index.#1605: OS updates with security and bug fixes, April Fools article retrospective, Audio Hijack 4, 5G home Internet.#1606: Apple's self-sabotaging App Store policies, edit Slack messages easily, WWDC 2022 dates.#1607: TidBITS 32nd anniversary, moving from 1Password to KeePass, pasting plain text, Mail fixes anchor links, RIP Eolake.
0 kommentar(er)
