Apple is expanding end-to-end encryption options for users and finally offering E2EE for their iCloud backup.
Advanced Data Protection for iCloud
“iCloud already protects 14 sensitive data categories using end-to-end encryption by default, including passwords in iCloud Keychain and Health data. For users who enable Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises to 23, including iCloud Backup, Notes, and Photos,” the company said in a recent announcement.
“The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar because of the need to interoperate with the global email, contacts, and calendar systems.”
Advanced Data Protection for iCloud is not on by default. US users will be offered the option to switch it on by the end of this year, and users around the world sometime in early 2023.
The requirements for it include:
- An Apple ID with two-factor authentication (2FA) enabled and devices secured with a passcode/password
- Users’ Apple devices will have to be updated to: iOS 16.2, iPadOS 16.2, macOS 13.1, tvOS 16.2, watchOS 9.2, and the latest version of iCloud for Windows
- Users must set up at least one alternative recovery method so they can recover their iCloud data if they lose access to their account.
Switching on Advanced Data Protection triggers the removal of the available-after-authentication service keys from Apple data centres.
“As these keys are protected by iCloud HSMs, this deletion is immediate, permanent, and irrevocable. After the keys are deleted, Apple can no longer access any of the data protected by the user’s service keys,” Apple explains.
“The ability to opt-in to encrypted iCloud backups is a really big win for users and bad news for law enforcement, who loved to request iCloud backups to save them the trouble of breaking into a phone,” noted Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation.
Cryptographer and professor at Johns Hopkins University Matthew Green said that Apple’s move today “is an important step that will send a clear message to certain attackers that deeper investment in cloud attacks is probably not worthwhile.”
Yes, the feature is not on by default, and attackers have other ways to compromise someone’s data – phone theft, password guessing, targeted malware, etc. – “but none of these attacks will be quite as easy as attacks on non-E2E cloud backup, and none will offer quite the same level convenience and scale,” he pointed out.
Along with this new feature, Apple has confirmed that it has abandoned its plans to scan users’ iCloud photos for child sexual abuse material (CSAM).
New security-focused features
Two new features will also be made available to users globally in 2023: Security Keys for Apple ID and iMessage Contact Key Verification, both “designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and members of government.”
Security Keys for Apple ID will allow users to make a third-party hardware security key their second authentication factor, so that attackers can’t obtain it via phishing.
iMessage Contact Key Verification is an additional layer of security to make sure conversations are private between two people who have the feature switched on.
“Conversations between users who have enabled iMessage Contact Key Verification receive automatic alerts if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications,” Apple noted.
“And for even higher security, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call.”