Hacker News new | ask | show | jobs
by p0la 1811 days ago
Very true when each user is accessing its own encrypted data directly. But from what I read here in the comments, Apple is managing encryption on their own HW, which almost surely means that data is read and wrote from Apple’s machines. Such aggregation of read and write calls across users makes access traffic patterns analyses risk fairly minimal...
1 comments
pjerem 1811 days ago
« Their own HW » is in fact « their users devices »
link
nuker 1811 days ago
Nope, its Apple servers. User devices don’t connect directly to Google
link
qeternity 1811 days ago
This is not entirely true. Additionally Apple proxies traffic to GCP but key management still resides on user devices.
link
NorwegianDude 1811 days ago
If backup is enabled(which I guess it is as things are backed up), then the key is also shared with apple.
link
spookthesunset 1811 days ago
Wonder if they delegate the keystore to third party cloud services or that is one of those things they store in-house?
link
nuker 1811 days ago
> This is not entirely true

You mean user devices may connect directly to Google storage? Did you observe it connecting to IPs in Google owned ASNs?

link