Why you should care about Apple’s huge encryption update


Ask any tech enthusiast why they prefer Apple’s ecosystem, and they will answer “security” as one of the key factors. Is Apple’s security fortress really unbreachable? No. There are plenty of hacking incidents to prove it. Zero-day vulnerabilities pop up from time to time, and against sophisticated spyware like Pegasus, even Apple has proved to be clueless.

What Apple offers is a higher standard of protection, which also explains why the company has kept piling up on its ecosystem gatekeeping. For example, Apple doesn’t allow sideloading and likely never will. It has its own set of tangible benefits. In 2022, Apple is further fortifying its security infrastructure with a trio of features.

Andrew Martonik/Digital Trends

First in line is an iMessage Contact Key Verification feature that will alert users if a third party is snooping on their chat. Next, we get support for physical security keys, which is arguably the safest commercially available option for users to keep their data safe. But the biggest change is coming to iCloud, which has continued to be a chink in Apple’s armor for a while now.

What is Advanced Data Protection?

Apple is offering a system called Advanced Data Protection for iCloud that lets you opt-in towards an end-to-end iCloud backup system. The company says, “for users who enable Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises to 23, including iCloud Backup, Notes, and Photos.”

Advanced Data Protection is currently rolling out to registered beta testers in the U.S., but it will be widely available by the end of this year. In “early 2023,” it will be available to users across the globe. On the software side, it will be seeded with the iOS 16.2, iPadOS 16.2, and macOS 13.1 updates.

Data protection changes coming to iCloud.
Nadeem Sarwar / DigitalTrends

Now, Apple’s security protections are divided across Standard and Advanced tiers. The former only offers pipeline and server-level encryption for your iCloud backup, iCloud Drive, Photos, Notes, Reminders, Voice Memos, Bookmarks, and Siri Shortcuts. The Advanced tier protects all of it behind end-to-end encryption.

That’s a huge upgrade from a privacy perspective, as photos, notes, and voice memos often contain the most sensitive kind of information. This is also the kind of information that has often been weaponized against dissenters, activists, and journalists, among other target groups.

Why all of this matters so much

Only you have access to your data when it is end-to-end encrypted. That’s because only you possess the decryption keys stored in a secure enclave on your device. For example, no one can access or decipher your chats happening over an end-to-end encryption service like iMessage or WhatsApp.

Apps that can access iCloud data.
Nadeem Sarwar / DigitalTrends

But when your data is merely protected behind a wall of encryption with no end-to-end protection, both the user and the company that owns the data –in this case, Apple — can view the data whenever they want.

Since iCloud backups are merely hidden behind a layer of one-side encryption, Apple has access to all of it. Aside from non-personally identifying data like device settings, iCloud backups occasionally also contain your images and texts. The infamous Pegasus could break in and steal data on the cloud.

Of course, Apple is not spying on its users, but it is still technically possible to see your chats and images. Moreover, if pressed, Apple has to hand over that data to law enforcement agencies. In the U.S., where privacy and data protection laws are stringent, a court order is needed to get that data.

An iPhone 14 lying on a table.
Joe Maring/Digital Trends

Apple recently admitted that it helps agencies with the necessary data when there is a valid need, especially with the recent AirTags stalking fiasco that has now escalated into a class-action lawsuit.

However, the aforementioned legal safeguards are typically absent in less democratic countries, which means users’ iCloud backups are always at the mercy of a regime. There is no dearth of such arm-twisting tactics being deployed in Asia and the Middle East. Even law enforcement agencies in the U.S. have stopped Apple from encrypting cloud backups. According to a Reuters report, the FBI asked Apple to stop plans to encrypt iCloud backups in 2020 because it would hamper investigations.

Apple MacBook Pro seen from the side.
Mark Coppock/Digital Trends

So far, Apple has also avoided end-to-end encryption for iCloud backups on the justification that “what if users lose their passwords” and never get back access to valuable information. But this is Apple’s ecosystem we’re talking about here.

Apple recently revealed that its 2-factor authentication system is being used by 95% of its device users. If that’s the level of safety awareness, why not let the user choose whether they want to enable end-to-end encryption for iCloud backups?

If users accept the risks, they won’t have to pick between convenience, security, privacy, and peace of mind. Thanks to Advanced Data Protection, Apple has finally solved the entire puzzle in one go.

Apple’s privacy claims are now more justified

Apple’s products have a high aspirational value, and they really stand out. But as a company, Apple is far from a messiah. Developers often complain about the arbitrary rejection of their apps, the double standards in applying policies, the unrelenting attitude at collecting a 30% revenue cut, and the dislike for unionization.

Someone holding the yellow iPad (2022) in front of trees with orange, yellow leaves.
Joe Maring/Digital Trends

But when it comes to safety and security, Apple has set high standards — and the fans know it, too. Such is the trust and goodwill generated by Apple that in 2016, people gathered outside a store in San Francisco to support its strict attitude towards encryption, at a time when law enforcement agencies wanted broader backdoor access.

When was the last time that people willingly came out in support of a company, let alone a Big Tech brand? With an opt-in end-to-end encryption pipeline for a more diverse set of sensitive iCloud data, Apple has closed a huge vulnerability.

Not only are users protected from hackers, but they can also sleep easy knowing that Apple can’t be forced by an agency or regime to rat on you. Apple’s claims of offering a secure ecosystem have recently fallen on deaf ears, because of its alleged lopsided policies and monopolistic conduct.

Apple’s claims of a safe and secure ecosystem now have more teeth.

Investigations into Apple are in full throttle at home, and abroad. Apple’s latest iCloud move probably won’t stop that antitrust scrutiny, but at least Apple’s claims of a safe and secure ecosystem now have more teeth. It is going to win Apple a lot of new fans, and that’s a huge victory in itself.

Will law enforcement agencies challenge Apple’s latest move? Most likely. After all, authorities nabbed a Chinese spy using iCloud backups, as per a Bloomberg report. But in doing so, they would only make Apple look like a messiah for user privacy and security — more so than it ever was.

Editors’ Recommendations








Source link

Denial of responsibility! galaxyconcerns is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave A Reply

Your email address will not be published.