Mikey Campbell
In a move sure to complicate the ongoing Apple vs. FBI court case, Apple is reportedly developing stronger iCloud encryption methods that would prevent even it from accessing and extracting user data protected by a passcode.
Citing sources familiar with Apple's plans, The Wall Street Journal on Tuesday reported that while preparations for a more secure iCloud are underway, executives are still trying to find a workable balance between strong encryption and customer convenience.
Currently, iCloud can be configured to store daily device backups, messages, photos, notes and other data, much of which is accessible by Apple. But the purported plan is to encrypt that data and restrict access to holders of user-created passkeys. Apple's supposed encryption plans were first report by the Financial Times in late February.
If Apple does enact stronger iCloud security measures, particularly those that would render warrants for data access moot, it could exacerbate an already tenuous situation. The company is embroiled in a heated court battle over the unlocking of an iPhone used by San Bernardino shooter Syed Rizwan Farook. Apple was compelled by a federal magistrate judge to help in FBI efforts to break into the device, but the company has so far resisted, sparking a contentious debate over privacy rights and national security.
Currently, iCloud backups are Apple's go-to, non-destructive option for law enforcement requests. And for agencies like the FBI, iCloud has quickly become the only way to access data as part of a criminal investigation.
Apple introduced strong on-device encryption with iOS 8, making it nearly impossible to extract usable intel from hardware running the latest OS. Certain information, however, is sent up to the cloud and can potentially be accessed by Apple on behalf of the government. That all ends if Apple puts encryption keys wholly in the hands of its customers.
A version of this all-or-nothing strategy is already up and running in iCloud Keychain. The feature lets users store especially sensitive data like passwords and credit card information that can be accessed remotely, synced and transferred to and from other devices. Apple is unable to decrypt and read the data, but at the same time it can't restore or retrieve the information if a user loses or forgets their password.
It remains unclear when Apple intends to implement the iCloud changes, if at all. However, given the company's intractable stance on strong encryption, consumers could see enhancements roll out sooner rather than later.
William Gallagher
Christine McKee
Sponsored Content
Malcolm Owen
Andrew Orr
Wesley Hilliard
43 Comments
Go for it Tim !!!
The governments of the world can go figure.
There will always be a way to show them the finger, (even if Apple engineers don't do it).
They'll have to move iCloud servers outside the US if they want real security with strong encryption.
So what does this mean for users being able to set up a device from iCloud backup? Will that still be possible or are you sol if you forget your password?
We can cheer Apple on, but if the government wins and decides to fine Apple per iPhone for not being able to circumvent encryption, this could cause Apple to price the iPhone out of most people's reach.
The biggest setback would be other countries not trusting Apple anymore.
The government cannot and should not win this.