Apple will finally let you encrypt iCloud backups
Apple will let people encrypt most data backed up to iCloud from their iPhones and iPads, the company said announced on Wednesday. The feature will be available in the US later this month and worldwide in 2023.
Previously, Apple only encrypted sensitive information, such as people’s health data, credit card information and passwords. But the new feature, known as Advanced Data Protection for iCloud, will allow users to encrypt device backups, which contain a copy of most personal data on an iPhone and iPad, as well as notes, voice memos, photos and more.
Encrypting data “end-to-end” means that the digital key required to unlock it is only stored locally on someone’s device, as opposed to on a server somewhere. No one, including hackers or the company the server belongs to, can access the data.
iPhones and iPads have been encrypted for years, but backups of those devices to iCloud, which can contain text messages and attachments, have not, leaving them vulnerable to attacks by hackers.
The new feature is also important because turning it on would prevent Apple from being able to hand over iCloud backups of devices to law enforcement agencies and governments in response to valid legal requests, something the company has done thousands of times so far. according to its own transparency report.
While the government may not like this development, digital rights campaigners do. “Being able to choose end-to-end iCloud backups is a very good thing,” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, a digital rights group based in San Francisco that has been asks Apple allowing people to encrypt iCloud backups for years, BuzzFeed News reported. “Law enforcement really loved using the iCloud backup loophole as a way to access the contents of people’s iPhones without having to obtain the phone itself or find a way to break into it.”
However, Apple said that iCloud email and contacts and calendars backed up to iCloud will not be encrypted, because these features must interact with apps and platforms belonging to other companies.
By default, Advanced Data Protection will be turned off on iPhones and iPads. When you sign up, Apple will ask you to enter a recovery key—a complex password that you can store in a safe place—or assign a trusted friend or family member as a recovery contact to help you unlock your encrypted iCloud when you get a new phone.
It’s important to set up a way to unlock backed up data by one of these means because it means only you can get into your backup, not Apple. But forget or lose the recovery key and you won’t be able to unlock the iCloud backup.
“I prefer strong defaults,” Galperin said. “But if you give users the power to lock themselves out of all their data forever, they will do that, and then they’ll get angry and stop using your product. So I understand the business case [for having to opt in] here.”
In addition to advanced data protection, Apple also announced security improvements to iMessage, which will allow people to share a code with each other to verify who they are chatting with. iMessage will now also alert people if state-sponsored attackers are trying to intercept their calls.
If you really need extreme security, you’ll also be able to make it so that you have to connect a hardware security key to your iPhone and iPad to unlock them.