/article-new/2014/05/icloud_icon_blue.jpg?lossy){kind=icon}
Apple is working to further harden iCloud security so that even it won't be able to access user information stored on its data servers, The Wall Street Journal has reported.
According to yesterday's report, which cites "people familiar with the matter", Apple executives are actively considering how to bolster iCloud encryption without inconveniencing users.
Currently, encrypted data kept on the cloud service is accessible by Apple using a key, which is used for restoring account information if, for example, a user forgets their password. Apple's access also allows the company to provide relevant information it has to law enforcement agencies that approach it with proper, legal requests.
However, Apple appears to be concerned that keeping a copy of the key means it could be compromised by hackers or that the company could be legally compelled to turn it over to governments.
The news contrasts with a report earlier this month suggesting that Apple viewed privacy and security issues differently between physical devices that can be lost and its iCloud service.
However, according to The Wall Street Journal, an Apple spokesperson pointed to comments made by senior VP of software engineering Craig Federighi in reference to the company's fresh concerns. "Security is an endless race—one that you can lead but never decisively win," he wrote in a March 6 opinion piece in The Washington Post. "Yesterday's best defenses cannot fend off the attacks of today or tomorrow."
iCloud backups contain user iMessages and texts, content purchase history, photos and videos, device settings, app data, voicemail password, and health data. Any steps Apple takes to close off access to these backups are likely to further antagonize law enforcement authorities, especially given the company's current fight with the FBI over the latter's demand for help to unlock the iPhone at the center of the San Bernadino shooter investigation.
A court hearing to address the iPhone backdoor issue is scheduled for next Tuesday, March 22, the day after Apple's media event, where it is expected to introduce a new 4-inch "iPhone SE" and a new 9.7-inch iPad, as well as make additional announcements.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Top Rated Comments
(View all)The government should be able to do this with proper search warrants. The question is how to enable the government without enabling hackers.
You can't. Encryption is a surprisingly absolute thing. You either have it, or you don't. Brilliant encryption, that can only be broken by a key that a government has, isn't brilliant encryption. The government has to accept that there are some things they can't control.No one should be able to enter my digital house and look at my pictures and take them. Hackers can do this. The government should be able to do this with proper search warrants.
And therein lies the rub.The question is how to enable the government without enabling hackers.
How would Apple protect 500 million iPhone users' privacy... while simultaneously providing law enforcement access to a far smaller number of bad guys' iPhones?
Imagine what sort of information you could find on people's phones these days: their home address, pictures of their children, their children's school, schedules, emails, access to door locks, garage door openers, health data, etc. Do you really want that stuff to be easily accessible to any common criminal?
I certainly don't. It should be as secure as it can possibly be.
But by keeping that information secure... it also prevents law enforcement from getting into criminals' phones too.
I can't imagine any way to selectively make some phones secure while making other phones easy to open.
It's sort of an "all or nothing" deal.
Nice. Although I am curious about how they're going to give me the key to my stuff in the event of a restore if even Apple doesn't have it.
If you lose the key, you won't be able to get your stuff. Period. Even Apple won't be able to help you get it. This is the goal.