[karlshea]

The Black Hat talk was really great: https://youtu.be/BLGFriOKz6U?t=6m55s (link is to SEP and on-device encryption, 22:30 is iCloud stuff)

> I know they said they could have accessed that San Bernardino terrorist’s iCloud backup if only they had one. Not sure if they’ve change the security architecture since then.

I actually think they have, the shooting was in 2015 and iOS 10 was released in 2016 and was first to have some of the features he talks about in the video.

[comstock]

Apple, very clearly states that only the following data is end-to-end encrypted:

iCloud Keychain Payment information Wi-Fi network information Home data Siri information

So everything else, pictures, notes etc. etc. part of the iCloud backup, are not. Please not spread misinformation about this.

https://support.apple.com/en-us/HT202303

[abalone]

Chill. You’re extrapolating incorrectly from that brief support document. It doesn’t say that Apple can read the other encrypted stuff. The security whitepaper notes that things like iCloud backups are encrypted with keys that are stuffed into the keychain, which is then transmitted end to end encrypted.

[comstock]

Would you care to link to the section of the security white paper that says that? There’s a small subset of data that is encrypted end-to-end. Your photos, notes, most and most other information is not include in that.

It’s pretty obvious really, they need to know the key for encrypted at rest data in order to be able to reset your password if you desire. They absolutely do don’t currently offset end-to-end encryption on the majority of data in iCloud backups.

[abalone]

Not obvious. p55: “changing the iCloud password won’t invalidate existing backups.“

But you’re right, the paper doesn’t say they do encrypted iCloud backups yet. The infrastructure is there to store encrypted backup keys in the keychain and escrow them so they’re recoverable yet Apple never has access. It’s probably the same foundation for iMessages in iCloud which they are just rolling out. That lets them store your very sensitive messages in the cloud and restore them to new devices and reset your password, all without them ever having access to your keys.

See the section on keychain escrow and recovery for more detail. It’s a game changer and makes storing data in adversarial clouds feasible.

[comstock]

Yes, they obviously have the infrastructure to do it. However, they don’t even optionally.

Part of the reason is that people sometimes forget their passwords and that would lock them out of their backups. So they want to allow email/other methods of resetting the password and giving access to data.

But it would be nice to have it as an option. It’s worrying though that even technical people seem to believe it is end-to-end encrypted. When it very obviously isn’t.

[abalone]

No, Apple doesn’t need to know your backup key to reset your password and retain backups. I explained why in my previous comment. If they’re not stuffing it in iCloud Keychain (yet) it’s not because the infrastructure can’t support it in principle. See: iCloud Keychain recovery. It’s probably just a matter of maturity; they still haven’t rolled out iMessages in iCloud which is a similar case.

[garmaine]

If that were the case you wouldn’t be able to restore from an iCloud backup to a fresh new device. But you can.

[abalone]

In a simpler system yes. But they’ve developed a sophisticated system for syncing secrets called iCloud Keychain. Apple never knows your keychain. Once a new device joins your keychain circle it would in theory be able to sync backup keys and then restore, all without Apple ever knowing. They’re about to roll this out for iMessages which are also not readable by Apple. Backups are probably in the pipeline if they’re not doing it already.