On 2021-09-18 11:20 p.m., Robin Goodfellow wrote:
> Nobody lies like Apple lies...
> The only iCloud data Apple can't routinely read are in the following areas:
> Apple Card transactions
> Home data
> Health data
> iCloud Keychain (saved accounts & passwords)
> Maps Favorites, Collections, and search history
> Payment information
> QuickType Keyboard learned vocabulary
> Safari History and iCloud Tabs
> Screen Time
> Siri information (although temps in Ireland were listening)
> Wi-Fi passwords
> W1 and H1 Bluetooth keys for AirPods and Beats Headphones
Your source for this claim?
> Most of these weren't stored encrypted until later versions of iOS.
Keychain passwords (including WiFi passwords) have always been encrypted.
So your source for THAT claim?
> For example, Maps and Safari data are only encrypted in iOS 13+.
> Does anyone notice conspicuously missing from that E2EE list above of what
> Apple doesn't have the key for, based on Apple's own documents, are:
> iMessages (in your iCloud Backup)
> iCloud Photo Library
> The lack of security for iMessages is because the end-to-end encryption key
> for your Messages data is actually stored in your iCloud Backup. Only if you
> disable iCloud Backups is a new key automatically generated (which only then
> would make Messages in the Cloud more secure, but only if you leave iCloud
> Backups permanently off).
> Your iCloud Backups and your iCloud Photo Library are merely 'encrypted at
> rest' which means that although they are stored on Apple's servers in a
> generic encrypted form, Apple has full and complete access to that generic
> encryption key which they can use for any purpose they want to use it for.
> Apple never tells the truth, except when forced to, in a court of law.
'iCloud secures your information by encrypting it when it's in transit,
storing it in iCloud in an encrypted format, and using secure tokens for
authentication. For certain sensitive information, Apple uses end-to-end
encryption. This means that only you can access your information, and
only on devices where you’re signed into iCloud. No one else, not even
Apple, can access end-to-end encrypted information.'
'End-to-end encrypted data
End-to-end encryption provides the highest level of data security. Your
data is protected with a key derived from information unique to your
device, combined with your device passcode, which only you know. No one
else can access or read this data.
These features and their data are transmitted and stored in iCloud using
Apple Card transactions (requires iOS 12.4 or later)
Health data (requires iOS 12 or later)
iCloud Keychain (includes all of your saved accounts and passwords)
Maps Favorites, Collections and search history (requires iOS 13 or later)
Memoji (requires iOS 12.1 or later)
QuickType Keyboard learned vocabulary (requires iOS 11 or later)
Safari History and iCloud Tabs (requires iOS 13 or later)
W1 and H1 Bluetooth keys (requires iOS 13 or later)'