iCloud Backups Not as Secure as iOS Devices to Make Restoring Data Easier

by

icloud_icon_blueApple's ongoing fight with the FBI over whether the company can be compelled to help the government unlock the iPhone 5c used by San Bernardino shooter Syed Farook has brought the full range of Apple's privacy policies into the spotlight.

The details surrounding the case have made it clear that while Apple is unable to access information on iOS devices, the same is not true of iCloud backups. Apple can decrypt an iCloud backup and provide the information to authorities when ordered to do so via a warrant, as it did in the San Bernardino case.

In a piece posted on The Verge entitled "The iCloud Loophole," Walt Mossberg takes a look at Apple's iCloud backups and explains the reason why iCloud data can't be made as secure as data stored solely on an iPhone or iPad.

Apple is able to decrypt "most" of the data included in an iCloud backup, and an Apple official told Mossberg that's because the company views privacy and security issues differently between physical devices that can be lost and iCloud. With iCloud, it needs to be accessible by Apple so it can be used for restoring data.

However, in the case of iCloud, while security must also be strong, Apple says it must leave itself the ability to help the user restore their data, since that's a key purpose of the service. This difference also helps dictate Apple's response to law enforcement requests. The company's position is that it will provide whatever relevant information it has to government agencies with proper, legal requests. However, it says, it doesn't have the information needed to open a passcode-protected iPhone, so it has nothing to give. In the case of iCloud backups, however, it can access the information, so it can comply.

iCloud backups contain iMessages and texts, content purchase history, photos and videos, device settings, app data, voicemail password, and health data. Backups don't include information that's easily downloadable, such as emails from servers or apps, and while iCloud backup does encompass iCloud keychain, Wi-Fi passwords, and passwords for third-party services, that information is encrypted in a way that makes it inaccessible to Apple.

Mossberg suggests customers who don't want to upload data to Apple via an iCloud backup make local encrypted backups through iTunes using a Mac or PC, and he points out that other cloud storage services, like Dropbox, are no more secure.

Mossberg's full exploration of iCloud is available over at The Verge and is well worth reading for anyone interested in the security of data stored in the cloud.

Tags: iCloud, The Verge
Related Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+

Popular Stories

iphone 16 display

iPhone 17's Scratch Resistant Anti-Reflective Display Coating Canceled

Monday April 28, 2025 12:48 pm PDT by
Apple may have canceled the super scratch resistant anti-reflective display coating that it planned to use for the iPhone 17 Pro models, according to a source with reliable information that spoke to MacRumors. Last spring, Weibo leaker Instant Digital suggested Apple was working on a new anti-reflective display layer that was more scratch resistant than the Ceramic Shield. We haven't heard...
Read Full Article111 comments
apple watch ultra yellow

What's Next for the Apple Watch Ultra 3 and Apple Watch SE 3

Friday April 25, 2025 2:44 pm PDT by
This week marks the 10th anniversary of the Apple Watch, which launched on April 24, 2015. Yesterday, we recapped features rumored for the Apple Watch Series 11, but since 2015, the Apple Watch has also branched out into the Apple Watch Ultra and the Apple Watch SE, so we thought we'd take a look at what's next for those product lines, too. 2025 Apple Watch Ultra 3 Apple didn't update the...
Read Full Article65 comments
iPhone 17 Air Pastel Feature

iPhone 17 Reaches Key Milestone Ahead of Mass Production

Monday April 28, 2025 8:44 am PDT by
Apple has completed Engineering Validation Testing (EVT) for at least one iPhone 17 model, according to a paywalled preview of an upcoming DigiTimes report. iPhone 17 Air mockup based on rumored design The EVT stage involves Apple testing iPhone 17 prototypes to ensure the hardware works as expected. There are still DVT (Design Validation Test) and PVT (Production Validation Test) stages to...
Read Full Article27 comments
Beyond iPhone 13 Better Blue

20th Anniversary iPhone Likely to Be Made in China Due to 'Extraordinarily Complex' Design

Monday April 28, 2025 4:29 am PDT by
Apple will likely manufacture its 20th anniversary iPhone models in China, despite broader efforts to shift production to India, according to Bloomberg's Mark Gurman. In 2027, Apple is planning a "major shake-up" for the iPhone lineup to mark two decades since the original model launched. Gurman's previous reporting indicates the company will introduce a foldable iPhone alongside a "bold"...
Read Full Article122 comments
iPhone 17 Air Pastel Feature

iPhone 17 Air Launching Later This Year With These 16 New Features

Thursday April 24, 2025 8:24 am PDT by
While the so-called "iPhone 17 Air" is not expected to launch until September, there are already plenty of rumors about the ultra-thin device. Overall, the iPhone 17 Air sounds like a mixed bag. While the device is expected to have an impressively thin and light design, rumors indicate it will have some compromises compared to iPhone 17 Pro models, including only a single rear camera, a...
Read Full Article101 comments
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching Later This Year With These 13 New Features

Wednesday April 23, 2025 8:31 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of April 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
Read Full Article
iphone 17 air iphone 16 pro

iPhone 17 Air USB-C Port May Have This Unusual Design Quirk

Wednesday April 30, 2025 3:59 am PDT by
Apple is preparing to launch a dramatically thinner iPhone this September, and if recent leaks are anything to go by, the so-called iPhone 17 Air could boast one of the most radical design shifts in recent years. iPhone 17 Air dummy model alongside iPhone 16 Pro (credit: AppleTrack) At just 5.5mm thick (excluding a slightly raised camera bump), the 6.6-inch iPhone 17 Air is expected to become ...
Read Full Article128 comments

Top Rated Comments

Mums Avatar
Mums
120 months ago
This is called security theater.
Score: 7 Votes (Like | Disagree)
Rigby Avatar
Rigby
120 months ago
Technically Apple could absolutely offer a cloud backup solution where even they couldn't access the data. For example, they could let the user pick a backup password (same as they already do for encrypted iTunes backup) and use it to encrypt the data before uploading to iCloud. Of course this means that users who forget the password couldn't restore their backup, which is why they should probably make this optional and give the user a proper warning. And, BTW, there are cloud services that use similar approaches to encrypt their users' data, e.g. Spideroak and the backup service Crashplan.
Score: 7 Votes (Like | Disagree)
appleguy123 Avatar
appleguy123
120 months ago
Technically Apple could absolutely offer a cloud backup solution where even they couldn't access the data. For example, they could let the user pick a backup password (same as they already do for encrypted iTunes backup) and use it to encrypt the data before uploading to iCloud. Of course this means that users who forget the password couldn't restore their backup, which is why they should probably make this optional and give the user a proper warning. And, BTW, there are cloud services that use similar approaches to encrypt their users' data, e.g. Spideroak and the backup service Crashplan.
Wouldn't Apple would have to store enencryption keys in the cloud though to make it work on a different device than the original phone?
Score: 5 Votes (Like | Disagree)
RedOrchestra Avatar
RedOrchestra
120 months ago
Now everyone will want a 1TB iPhone, since they won't want to be backing up all that secure stuff they own to the iCloud.
Score: 5 Votes (Like | Disagree)
ParanoidDroid Avatar
ParanoidDroid
120 months ago
I guessed that already, but now it's a fact on public record. The only 'safe' solution is to delete all our iCloud backups data, and not use any iCloud services.

But here is the problem! Apple is increasingly integrating iCloud services deep into its iOS and Mac OS X. It's almost impossible to use Apple products without iCloud. This is scary... :eek:

We're all already trapped deep in total surveillance by the NSA and god knows by whom else. The orwellian society is real! :(

I feel like a chimp sitting in a zoo while constantly being watched. Welcome to the 21st century's privacy striptease.

The only way out of our modern tech zoo is going low-tech and to move to an isolated island, dig a cave there (beware spy satellites), and hide there forever.
Score: 5 Votes (Like | Disagree)
tentales Avatar
tentales
120 months ago
Now everyone will want a 1TB iPhone, since they won't want to be backing up all that secure stuff they own to the iCloud.
1TB hard drives are very inexpensive nowadays. Unless you don't have access to a computer, backing your iPhone up to an encrypted drive or two or three, storing one in a bank vault, you're more secure than backing up to any cloud.
Score: 5 Votes (Like | Disagree)
Read All Comments