• Overzeetop@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      Isn’t e2ee messaging intended to encrypt data transfer between devices, not provide global security? The default iCloud backups are still encrypted, but the key is stored/recoverable by Apple. This is the ideal sort of encryption for 99%* of the population. For the 1%, an option to forego the Apple stored key is an option.

      * yes, I made that number up. I will stand by it.

      If you did a random survey of users if they want a secure backup, e2ee encrypted, they will say yes. Overwhelmingly. But if you ask the question based on the outcome of a forgotten password: “If you lose or damage your phone and have forgotten your Apple account password, would you like all of your iCloud photos, messages, emails, contacts, and documents to be instantly destroyed and unrecoverable or should Apple be able to restore everything if you can prove it’s your account?” they will almost certainly choose the latter.

      • Marcy_Stella@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        If a user wants more protections there is “Advanced Data Protection” which fully encrypts all iCloud data however Apple knows you might lose your password or something so they require a recovery method before turning it on and make sure you know Apple won’t be able to help you if you lose your password and recovery method.

        Also for certain sensitive data such as health data or passwords full end to end encryption is enabled even in standard mode as it’s determined it’s worse for someone else to get access to that data then it is for you to lose it where as generally losing your photos are worse then someone else getting access to them.

      • Overzeetop@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        No, they’re encrypted. But Apple stores a copy of your key because most people forget their Apple password at some point (usually after they’ve wiped their phone and are setting up a new one) and need Apple to reset their password/re-enable their encryption key on the new device.

          • Marcy_Stella@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Also know that if you still want iCloud backups but want everything stored encrypted you can enable “Advanced data protection” which means that Apple doesn’t store the encryption key, you do need to setup a recovery method such as a recovery key or recovery contact however if you lose your device and recovery method your data is forever lost and Apple can’t help you like it can in standard data protection mode.

            Also note certain sensitive categories such a health and passwords are always encrypted as it’s determined it’s worse for someone else to get access to that data then it is for the user to lose it meanwhile generally a user losing their photos and messages if they forget their password is worse then if a hacker resets the password and gets access.