Apple advances user security with powerful new data protections

TLDR this is full end-end encryption for iCloud Drive, iCloud backup, Photos, Notes, Reminders, Messages backups, etc.

3 Likes

Excellent news!

ikr, apple just set the standard on what secure (consumer) cloud backup looks like.

1 Like

Lots of important gotchas here. Don’t get me wrong, this is great, but there are definitely drawbacks to be aware of. The main one being their use of convergent encryption for file deduplication:

Some metadata and usage information stored in iCloud remains under standard data protection, even when Advanced Data Protection is enabled. For example, dates and times when a file or object was modified are used to sort your information, and checksums of file and photo data are used to help Apple de-duplicate and optimize your iCloud and device storage — all without having access to the files and photos themselves.

“Standard data protection” here means that the data is protected with a key Apple controls, not end-to-end encrypted. For example, the following metadata is not end-to-end encrypted with files in iCloud Drive:

  • The raw byte checksums of the file content and the file name
  • Type of file, when it was created, last modified, or last opened
  • Whether the file has been marked as a favorite
  • Size of the file
  • Signature of any app installers (.pkg signature) and bundle signature
  • Whether a synced file is an executable

This is actually extremely significant metadata. With checksums and file names available, an attacker only needs the original file to determine whether you have a copy. Sure, if your files are unique they wouldn’t be readable, but this is something to keep in mind if it’s in your threat model.

6 Likes

Given that the photo checksum is set as “raw byte” rather than “perceptual,” that sounds rather benign. Since any scaling, recompression, or altering would produce a different checksum, it is almost worthless to determine if you have a specific photo. Again, this is not my are of expertise. I think this is huge win. Also, It sounds like they want it to be E2EE at some point.

This metadata is always encrypted, but the encryption keys are still stored by Apple. As we continue to strengthen security protections for all users, Apple is committed to ensuring more data, including this kind of metadata, is end-to-end encrypted when Advanced Data Protection is enabled.

This isn’t a major concern for a majority of people.
If not, there is also Android, Google Photos, Dropbox, and Whatsapp. /j

I suppose this is probably more applicable to files in iCloud Drive than photos in iCloud Photos for that reason, sure. A potential attack against documents from the Wikipedia article I linked, for example:

Even more alarming than the confirmation attack is the “learn the remaining information attack” described by Drew Perttula in 2008.[9] This type of attack applies to the encryption of files that are only slight variations of a public document. For example, if the defender encrypts a bank form including a ten digit bank account number, an attacker that is aware of generic bank form format may extract defender’s bank account number by producing bank forms for all possible bank account numbers, encrypt them and then by comparing those encryptions with defender’s encrypted file deduce the bank account number. Note that this attack can be extended to attack a large number of targets at once (all spelling variations of a target bank customer in the example above, or even all potential bank customers), and the presence of this problem extends to any type of form document: tax returns, financial documents, healthcare forms, employment forms, etc.

1 Like

People seems to be calling apple encryption “weak” due to implementing convergent encryption.

Please correct me if I am wrong.

  • Apple uses convergent encryption to encrypt file uploaded to iCloud.
  • This gives Apple the ability to make iCloud file storage platforms cost-effective. Since it allows the same identical anonymous blob saved by a number of users to just require one unit of space as opposed to one unit per user.
  • This is clearly a something to be concern about since for a clear text file they can always check if somebody has it stored on the service.
  • However, this not make encryption weak. If done right, it is secure as any encryption method.
  • Given data is broken in to chunks, then encrypted, then stored this will not leak anything? (don’t have evidence of apple doing this)
  • Further, apple stated that they are “committed” to E2E encrypt such metadata. From my understanding, this will fix the issue?

This feature was released today with iOS 16.2 (in the US, at least)

Based on your posts across several topics…you seem to have some sort of personal vendetta against Apple that far outstrips any claims anyone on PG is actually making.

5 Likes

The update(iOS & iPadOS 16.2 and macOS Ventura 13.1) is available to everyone, but for now only in US you can enable Advance Data Protection

1 Like

I can’t speculate as to how they will fix this in the future exactly so I’m not sure, but based on what they’ve said it should fix the issue. We shall see whether they actually do fix it.

2 Likes

Based on your posts across several topics…you seem to have some sort of personal vendetta against Apple

Hes not wrong regarding Apple itself tho but he actually could have voiced his opinion in a more polite way, and oc theres also no need for attacking the pricacyguides mods/admins

1 Like

Update:
iOS 16.3 and macOS 13.2 brings iCloud Advanced Data Protection feature to all users worldwide.

2 Likes

Now that everyone can test this feature, I wonder which E2EE backup method should be preferred for apps like WhatsApp that already implemented that feature independently (How WhatsApp is enabling end-to-end encrypted backups). I suppose that iCloud Backup will perform a more complete backup that the one from WhatsApp (including settings, blocked contacts, audio messages, etc.), but I don’t know if there is a technical detail, like the convergent encryption, that could fit a thread model for someone in one case and not in the other.

1 Like

It is up to you. If you want you can use both iCloud backup and WhatsApp built in backup method.

I don’t use WhatsApp, but I assume WhatsApp will give you choice to which data to back up (photos, messages etc), whereas with iCloud backup everything in WhatsApp.

There is a high chance you prob don’t need to worry about convergent encryption.