[KingMachiavelli]

If Apple actually cared about security & privacy they would make iCloud et al. E2E encrypted but they don't.

A sophisticated hardware attack is probably going to be government sponsored anyway in which case that government can just request data from Apple directly.

[dpkonofa]

You can care about security and privacy and also still care of ease of use. For 99.99% of their customers, encryption is enforced by default and being able to recover their data is more important than E2E encryption.

[superdude12]

So make it an option.

[varenc]

It is an option! https://support.apple.com/en-us/HT205220

I make encrypted iOS backups to my computer. Happens automatically when I plug in my phone. Data never touches the cloud.

Also Apple does use E2EE for some iCloud backup data like Health, and Keychain (passwords). If you lose access to all of your iDevices you can't recover that data.

I totally agree that Apple should just make all iCloud backup data E2EE. Given that users already lose some types of data from their backup when they lose the key, that doesn't seem like that much of a barrier. Supposedly the reason they're not all E2EE is because of pressure from the FBI[0]. But people like me that care can still have encrypted backups.

[0] https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...

[ksec]

>I make encrypted iOS backups to my computer. Happens automatically when I plug in my phone. Data never touches the cloud.

I wish they make a iOS Time Capsule for that.

[chongli]

Making it an option results in people taking that option without fully understanding the consequences. Then those users forget their password and when Apple tells them it is impossible to recover their data they run to the local news station and Apple gets a black eye. Regular people see it on the news and stop buying iPhones.

On the other hand, by not making it an option, Apple annoys power users and others at the extreme tail of the distribution. These users write about it in the tech press and Apple gets a black eye there… But Apple has always been criticized in the tech press so it doesn’t really change anything.

[dpkonofa]

It literally is an option. You can make fully encrypted backups locally without ever touching iCloud.

[jachee]

They started making in-roads to making iCloud E2E encrypted, but the tech community lost their minds about it and they backtracked.

[josephcsible]

You seem to be implying that E2E is impossible without client-side CSAM scanning, but this is obviously false since other companies offer E2E without that.

[jachee]

Not technically impossible, but legally risky, and Apple are very risk-averse, legally-speaking.

Client-side CSAM detection would allow full client-side secrecy unless there’s a pattern of in-violation imagery destined to be sent (presumably E2E encrypted and thus undetectable) to iCloud.