681: Cloudy with a Chance of Beachballs


Best show title ever.


Personally I don’t think the cost-benefit of turning on Advanced Data Protection is worth it. The threat models that ADP covers (Apple getting breached, me getting a subpoena) seem far less likely than me getting locked out of my account for whatever reason.

I don’t plan to turn on ADP anytime soon.


Good grief Stephen, just watch The IT Crowd already - in fact how is that not a criteria to becoming a RelayFM host?

Yes, it can get a bit weird at times, but then all great comedy does.


For every user who has problems with iCloud. Its been flawless for me.

Also, I use my custom domain with Apple Mail and generally quite happy with it.


I turned on ADP because I was curious. I created a recovery key and stored it in 1Password before completing the process which was pretty straightforward.

So now my Advanced Data Protection flag says On :yawning_face:

IMO this could be useful to journalists and others that feel the need to take extra precautions, but it offers very little for us normal folk. Especially since most people are probably at a greater risk of getting locked out of their account by an observant pickpocket than a hacker.

Oh my I LOVE that show. And am reminded I’m due for a rewatch!


Yes, it definitely makes sense for high-risk/targeted types of people.

I’ve got Hide My Email through Apple and Mask Emails through Fastmail and 1Password. Every time I create a new account anywhere, Apple and Fastmail/1P fight it out for control of the text box. I prefer Masked Emails, since they’re both simpler and cross platform, but it’s really difficult to get Safari to accept them.

Does anyone know if it’s possible to turn off the Hide My Email suggestions?

You can get 10TB if each person in the family upgrades their iCloud separately and chooses to share their iCloud storage. See if that helps :grinning:. @MacSparky

that sounds like expensive… is time to put some Archive offline and not have everything on the cloud.

True, this is an interim maybe.

I use a lot of iCloud services. Family Sharing, Secure Video, custom domain emails. For the most part, it mostly works. I did have to call Apple last week because it never shared iCloud storage with my son, and the fix was to take him out of family sharing and put him back in. Strangely my Logitech camera has stopped giving notifications or recording. I’m not sure if it’s the camera or home kit.

One thing that can’t be family shared is an iTunes Match library. Apple Music, Yes. iTunes Match, no. I had a legacy account that I was using for media/purchase and I was using that on all devices to get around that, but I want to work my way off of that.

We are re-watching now … 10th time maybe? The Final Countdown episode is just the best!

1 Like

I need to listen to the episode. I just noodled around with encryption options for tax returns and other financial info, after filing my tax return this year. For years, I have just had them on Dropbox (with a strong password in 1P and 2FA turned on). But elsewhere I see people preaching (David, included, I believe, in the past at least), that such sensitive info should ALWAYS be encrypted before being saved to the cloud. Is that as much true in 2023 with 2FA? If so, isn’t ADP a terrific native iCloud solution? I experimented with Cryptomator and at the moment have saved things as an encrypted dmg, and also files in a free Sync.com account (zero knowledge encryption). But ADP would let me avoid using that stuff maybe.

My problem at the moment with ADP is an old Mac mini in the loop which is capped at Catalina, so until I either upgrade it or sign it out of my iCloud account I can’t turn it on.

I’m not a security expert. But part of my job for nearly thirty years was protecting company data so I have some experience. And some opinions. I’m one of those encrypt before upload people. I protect tax returns and anything else with my social security number with my strongest options.

It could be more important today than at any time in the past. A decent consumer PC with the right software can guess thousands of passwords per second. I understand it’s possible one of those could break an 8 character password while your pizza is getting cold. Who knows what dedicated cracking computers can do IF they can download your data.

I think some worry way too much about “privacy”. I am serious about protecting my SSN and access to my banking credentials, etc. Not as worried about my medical information. And I don’t worry at all about the content of my email.

Why I protect my SSN and financial credentials is obvious. I’m not as worried about my medical info because it doesn’t contain anything that isn’t known by most people who know me or could be guessed by anyone who sees me on the street. (I’ve over 70 and carrying an extra 20 lbs or so. Do you think my blood pressure might be a bit high?). And I don’t worry about email because it is impossible to protect data that is not in your possession.

Would I put my tax files online in an encrypted dmg file? No. I have copies of the years I’m required to keep in 1Password and older ones on local storage and in TNO backups online. How about my medical files? I keep the notes from doctor visits in my Google Workspace account and have access to most of the rest of my data through my health provider’s websites/apps.

Bottom line, IMO. There is no need to take a one size fits all approach to privacy. Put the really important stuff in the “bank vault” and the rest of your data where you think it belongs. And don’t worry about things you cannot control.

Maybe, depending on what you are wanting it to protect. (I would not use it to store “Top Secret” data). As long as no one with your phone and your passcode can get to it.

Thank you for the insight! I am willing to be persuaded. Like you, I am only really mainly worried about tax/SSN info. I sometimes think I overwork about it because you’re never REALLY safe. I mean, my bank has my info – I can’t control it being protected because they just have it. IRS also has my info, the Social Security Office, etc., etc.

I figured the encrypted dmg file was good enough for sure. I will have to rethink that.

My current file/cloud/backup routine is: (1) local on Mac, (2) cloud (Dropbox, etc), (3) Backblaze, and (4) Time Machine (which stopped working the other say so I had to delete everything and start over - that made me kind of nervous I was just hoping TM is rock solid).

What else should I be doing, or doing differently?

I didn’t fully explain. I don’t like to depend on encrypted files to protect tax records, etc. online, because they can be downloaded and hammered by anyone determined to know how little I made last year. I feel AES 256 encryption is about the best we can use at this time. And there is nothing wrong using it if you are comfortable storing your most important files online.

I’m already paying 1Password to keep my digital credentials, my most important files, safe so I also use 1PW to store other important information. In for a penny, in for a pound.

Your backup strategy includes local and offsite (B2) backups which is good. Keep in mind if your Dropbox files are syncing to your computer that really isn’t a back up. My only suggestion is to test your backups from time to time to insure that you can 1. actually restore your files and 2. verify that they are useable. Every month or so I will restore 2 or 3 files from each of my backups then open them to make sure they are good. Takes me five or ten minutes.

I’ve been doing this since the early 90’s when I lost 3 days of company data because my backup system had been telling me everything was good, but it lied.

BTW, your TM problem is not unusual. Failing to delete old backups when it runs out of storage has been a problem for years.

1 Like

I have heard the 1P solution several times. I have resisted for some reason but maybe that it is my best solution. I wish it had folders (I know I can use tags) but otherwise using it makes a lot of sense if I am determined to store sensitive things in the cloud.

As I recall, you can have unlimited logins, passwords, & notes in a personal 1PW account but attachments are limited to 1gb.