Encrypted Apple iCloud Data

[BoldonLad]

This could be interesting https://www.bbc.co.uk/news/articles/c20g288yldko

I wonder if it is true that even Apple cannot access this data now?

 

[Psamathe]

On the assumption that Apple don't have the keys then they can't.

I have ADP enabled on my account and the enable process takes you through steps to check you really do have the codes. Anmd once enabled access to iCloud in a web browser stops working as that would mean Apple web servers decoding the data which they can't do.

Overreach by UK Gov. When the laws were being made UK Gov. assured Apple and Siognal (maybe others) that they wouldn't be dooinjg this. Looks like it didn't take them long to braek thos epromises.

And UK market for Apple & Signal is not big enough to override the hit they'd take if they weakened theit=r security so they likely would pull out of the UK.

nb. When I head off travelling I disable ADP (hanbd the encryption kes back to Apple) so I can srestore web access to iCloud data, just in case phone, etc. are stolen so I can still get to contacts, etc. Bt on getting home it's re-enabled.

Ian

 

[BoldonLad]

On the assumption that Apple don't have the keys then they can't.

I have ADP enabled on my account and the enable process takes you through steps to check you really do have the codes. Anmd once enabled access to iCloud in a web browser stops working as that would mean Apple web servers decoding the data which they can't do.

Overreach by UK Gov. When the laws were being made UK Gov. assured Apple and Siognal (maybe others) that they wouldn't be dooinjg this. Looks like it didn't take them long to braek thos epromises.

And UK market for Apple & Signal is not big enough to override the hit they'd take if they weakened theit=r security so they likely would pull out of the UK.

nb. When I head off travelling I disable ADP (hanbd the encryption kes back to Apple) so I can srestore web access to iCloud data, just in case phone, etc. are stolen so I can still get to contacts, etc. Bt on getting home it's re-enabled.

Ian

One of the points the article makes is, once there is a "back door", it is only a matter of time before people other than the original intended organisation(s) find it, and, gain entry, so, security is weakened, not only for UK, but, worldwide.

 

[Psamathe]

One of the points the article makes is, once there is a "back door", it is only a matter of time before people other than the original intended organisation(s) find it, and, gain entry, so, security is weakened, not only for UK, but, worldwide.

Thats' completely true. Many independent Computer Science academics were telling the Government this when they were making the law, except the UK Gov. thought they knew better.

And access wont help them anyway as communicating without being traced and without Gov. being able to understand what they see is trivial and easy. So this is not about stopping criminals.

Ian

 

[Psamathe]

Another interesting aspect is the international nature, UK seeking access to data for any Apple users worldwide. eg

One expert warned that the multinational nature of the order could lead to a clash with the EU, which has an agreement with the UK allowing the free flow of personal data between the EU and UK – such as a company in Europe using a datacentre in the UK. The agreement comes up for review this year.

“This may provide a backdoor for access to European citizen data which could go against our ability to retain the rights to share personal data without restriction between the UK and Europe,” said Ross McKenzie, a data protection partner at the UK law firm Addleshaw Goddard.
(from https://www.theguardian.com/technol...nd-for-cloud-backdoor-to-users-encrypted-data)

UK Gov. will back down as it's a beyond daft demand that wont affect their ability to catch criminals. Fortunately for UK Gov is that they have in place secrecy constraints meaning they don't release any details (this story is a leak) so they can back down with not much loss of face. If they pursue then there will be more noise from court hearings (even if hearings held in secret) and Apple would withdraw services from Uk which would have a massive impact not just on Apple users but on UK's reputation as as secure country for holding any data (even US doesn't have backdoors to ADP).

Ian

 

[BoldonLad]

It has made National News BBC so not exactly quiet.

 

[multitool]

The people who are, rightly or wrongly, complaining about invasion of privacy are the same people who will be screeching the next time a terrorist plot succeeds.

 

[BoldonLad]

The people who are, rightly or wrongly, complaining about invasion of privacy are the same people who will be screeching the next time a terrorist plot succeeds.

Links to support that assertion?

BBC are saying Government are doing this in connection with criminal activity, rather than terrorism.

 

[multitool]

Links to support that assertion?

BBC are saying Government are doing this in connection with criminal activity, rather than terrorism.

Terrorism is criminal activity.

 

[BoldonLad]

Terrorism is criminal activity.

With specialised Departments to deal with it, and, specific laws.

 

[multitool]

Terrorism is criminal activity.

If you knew anything about the agencies that deal with cyber (ie doughnutters), you'd know that they deal with both terrorism and organised crime.

 

[BoldonLad]

If you knew anything about the agencies that deal with cyber (ie doughnutters), you'd know that they deal with both terrorism and organised crime.

BBC coverage only mentioned child abuse. Links?

 

[multitool]

BBC coverage only mentioned child abuse. Links?

Knowledge doesn't revolve around 'links'.

 

[Psamathe]

The people who are, rightly or wrongly, complaining about invasion of privacy are the same people who will be screeching the next time a terrorist plot succeeds.

It's so easy for criminals and terrorists to avoid scrutiny even if Gov. has full access to their data. eg "I'll be visiting granny pm 10/Feb/2025" except only those in my inner circle know that day of month is actually day of month of posting message plus the day of month in the message (ie 7 (today)+10 (day in message=17th, etc. other rules for month, other rules for person. And the rules all change for the next post. Thousands of ways to mask what you are really saying and criminals and terrorists know them all us quite a few others. Backdoors don't help anybody know what is really being said.

Ian

 

[dutchguylivingintheuk]

Wasn't Apple the same compny who said that to the FBI about a iphone from a death terrorist? Only to come back a few years later with ''yes we could, but we took a stand'' and that same FBI later admitting they didn't need Apple at all and already had acces. (something with NSA)

Is this the same Apple that a few years back said they would scan all pictures for potential illegal's content? That Apple claims they do not have access? i find that very hard to believe, but i get why they want to keep the illusion they can't up.
Similarly i don't believe NSA/FBI and the UK authorities don't have access if they really want to.