iCloud Security / End To End Encryption, Yea But

In reading the notes from Apple about iCloud security, https://support.apple.com/en-us/HT202303 , it brings up a few questions in my mind.

With 2FA turned on of course, are ALL files, docs, pdf’s, etc, encrypted end to end, AND on the servers?

And if the answer is yes, then how does law enforcement read the data that they have obtained by a legal process?

Mostly thinking about this since Apple has really been hyping themselves as being more secure with our data. Data that they don’t want to be responsible for anyway, (I can’t blame them there).

Law enforcement and Apple can read everything in iCloud but these (from the e2e portion of that document):

  • Home data
  • Health data (requires iOS 12 or later)
  • iCloud Keychain (includes all of your saved accounts and passwords)
  • Payment information
  • Quicktype Keyboard learned vocabulary (requires iOS 11 or later)
  • Screen Time
  • Siri information
  • Wi-Fi passwords

Apple encrypts everything else with its own key, so they are able to decrypt it to serve to you, or to comply with a warrant. I don’t know how securely they are able to transfer information to law enforcement because at some point it has to go into a police/court system they can’t control.

I don’t know how feasible it would be to e2e encrypt everything. I’d like to see it, though. I know a major benefit to a cloud storage provider of reading your files is deduplication of files and portions of files, which reduces storage costs. I would pay iCloud more for better encryption but I am certainly in the minority.

1 Like

cornchip, you are reading my mind on this!

I know if MacSparky is reading this, he is thinking “I KNOW THE ANSWER”, but I don’t expect him to stick his legal neck out.

So cornchip. If Apple cannot un-encrypt the mentioned items, then (1), if law enforcement can’t read the data, what else would they be after, (other than illegal pics)? (2), if keychain is this well protected, why is Password Protector Apps so hot right now?

Before anyone says it, No, I am NOT trying to hide anything in iCloud. The discussion about backups got me to thinking deeper about cloud backups.

I don’t think you should have to apologize for protecting your data—not a fan of “having nothing to hide.”

  1. Besides images of children etc, law enforcement is often after evidence of crimes in messages (bragging about a robbery, for example, or arranging a drug deal), financial crimes in documents, timestamps to prove whereabouts/activity while something else was happening, etc.

  2. Password managers are popular because without them, it’s really hard to securely share credentials with others. Keychain is limited to the local computer or to the iCloud account to which it’s attached. Keychain is just as secure as something like 1password, though.

1 Like

Your answers were well my friend! Thank you for explaining it out more.

1 Like