iCloud Keychain (includes all of your saved accounts and passwords)
Quicktype Keyboard learned vocabulary (requires iOS 11 or later)
Apple encrypts everything else with its own key, so they are able to decrypt it to serve to you, or to comply with a warrant. I don’t know how securely they are able to transfer information to law enforcement because at some point it has to go into a police/court system they can’t control.
I don’t know how feasible it would be to e2e encrypt everything. I’d like to see it, though. I know a major benefit to a cloud storage provider of reading your files is deduplication of files and portions of files, which reduces storage costs. I would pay iCloud more for better encryption but I am certainly in the minority.
I know if MacSparky is reading this, he is thinking “I KNOW THE ANSWER”, but I don’t expect him to stick his legal neck out.
So cornchip. If Apple cannot un-encrypt the mentioned items, then (1), if law enforcement can’t read the data, what else would they be after, (other than illegal pics)? (2), if keychain is this well protected, why is Password Protector Apps so hot right now?
Before anyone says it, No, I am NOT trying to hide anything in iCloud. The discussion about backups got me to thinking deeper about cloud backups.
I don’t think you should have to apologize for protecting your data—not a fan of “having nothing to hide.”
Besides images of children etc, law enforcement is often after evidence of crimes in messages (bragging about a robbery, for example, or arranging a drug deal), financial crimes in documents, timestamps to prove whereabouts/activity while something else was happening, etc.
Password managers are popular because without them, it’s really hard to securely share credentials with others. Keychain is limited to the local computer or to the iCloud account to which it’s attached. Keychain is just as secure as something like 1password, though.
Apple announced some solid iCloud security updates today:
Conversations between users who have enabled iMessage Contact Key Verification receive automatic alerts if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications.
Now with Security Keys, users will have the choice to make use of third-party hardware security keys to enhance [two factor authentication].
For users who enable Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises to 23, including iCloud Backup, Notes, and Photos. The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar
iMessage Contact Key Verification will be available globally in 2023. Security Keys for Apple ID will be available globally in early 2023. Advanced Data Protection for iCloud is available in the US today for members of the Apple Beta Software Program, and will be available to US users by the end of the year. The feature will start rolling out to the rest of the world in early 2023.