Thursday, February 28, 2019

EFF Calls on Apple to Let Users Encrypt iCloud Backups

Electronic Frontier Foundation (via MacRumors):

Today we are announcing Fix It Already, a new way to show companies we’re serious about the big security and privacy issues they need to fix. We are demanding fixes for different issues from nine tech companies and platforms, targeting social media companies, operating systems, and enterprise platforms on issues ranging from encryption design to retention policies.

Electronic Frontier Foundation:

Data on your Apple device is encrypted so that no one but you can access it, and that’s great for user privacy. But when data is backed up to iCloud, it’s encrypted so that Apple, and not just the user, can access it. That makes those backups vulnerable to government requests, third-party hacking, and disclosure by Apple employees. Apple should let users protect themselves and choose truly encrypted iCloud backups.


4 Comments RSS · Twitter

Sigh, the EFF has its heart in the right place but it really, deeply fails to understand that not everyone in the world is a computer nerd.

Apple is protecting users from catastrophic data loss by *not* encrypting cloud backups. If it offered encrypted backups, then there would be massive wailing and gnashing of teeth from millions of users who went with the encrypted option and then forgot their password, locking themselves out of ever seeing the data (precious family photos, etc) that was on their lost/broken phone ever again.

IMHO, Apple has made the right choice here.

@Glaurung Perhaps there’s a way around that using trusted devices?

I agree with Glaurung. I just think Apple should offer the option to do Encrypted Backup for those who cares about it. With a double warning sign that Apple won't be responsible for the loss of password and Data.

I still want a iOS Time Capsule. So no need to store it in "Cloud".

>not everyone in the world is a computer nerd

The problem here is not the EFF asking for encrypted backups, but the fact that most encryption solutions work in user-hostile ways.

Leave a Comment