For years, I’ve been covering the security benefits of Apple hardware and software. When it comes to mainstream consumer tech, few products are as safe and as private as Apple’s devices and apps. And that’s a pretty big accomplishment, given how popular Apple’s products are. Today, I’m pleased to announce that in the near future, your Apple products are going to be even more secure thanks to new iCloud encryption features.
That’s right, the infamous “iCloud Loophole“, which I covered back in 2020, has finally been resolved. Or at least, mostly resolved.
In this post, we’re going to be covering everything you need to know about the new security features coming to Apple users, as well as what the FBI has to say about these features.
What is iCloud encryption?
First, though, let’s talk about what iCloud encryption is. After all, I don’t expect everyone to fully understand it.
Encryption is a way of scrambling the data your computer stores. Say I send you a text message. I want you to read it, but not the employees at Apple. So our iPhones encrypt that message using a key that only our iPhones can decrypt. To you and I, the message is plain to read. But to anyone who intercepts that message with a different device or network, it’ll look like gibberish.
This is not unique to Apple – tech companies all over the world use encryption to secure user data.
What is unique to Apple, however, is iCloud. iCloud is Apple’s cloud storage service. It’s where your photos, messages, contacts, calendar events, files, emails, health data, and more are stored. And for a long time, Apple has only been encrypting a portion of that data. Your messages and health data have been private from Apple, but your photos and iPhone backups haven’t been.
For a company that prioritizes security and privacy, this has been a pretty big weakness of iCloud, and it’s why the “iCloud Loophole” is a problem.
Apple recently announced, however, that it’s going to be closing this loophole with upcoming changes to iCloud encryption. This will ensure that far, far more of your iCloud data is encrypted, not just your most sensitive data.
Why does iCloud encryption matter?
iCloud encryption is important for a number of reasons. First, it keeps your data secured. If Apple is storing your data in the cloud, then anyone who can hack into iCloud can access your data, right?
Well, if that data isn’t encrypted, then the hacker can literally just read, copy and paste, and otherwise steal your data. But if it is encrypted, then all that the hacker will see is a bunch of scrambled nonsense.
This is one of the core reasons why strong encryption matters. It means that even if Apple is hacked, most of its users’ data isn’t going to be stolen.
An example of this at work is Apple Pay. Whenever you use Apple Pay at a cash register, your credit card number is encrypted. So if that cash register is hacked, the credit card numbers of non-Apple Pay users will be visible, while those who used Apple Pay will not have their credit card numbers exposed.
This also matters when it comes to privacy. Not only does end-to-end encryption protect you from hackers, but it also protects you from snooping eyes at Apple. It means that Apple execs and employees can’t go in and peek at John Smith’s photos or health data.
And it means that authorities can’t do this either. So if the police or FBI seize your data from Apple, a good portion of that data won’t be visible to them.
At least, that’s how it seems to work. It should be noted that authorities are capable of seizing and decrypting data in a number of ways, so please do not use this as advice for illicit activities.
How far does iCloud encryption go?
Alright, so now that you have an idea of what iCloud encryption is and why it matters, it’s time to cover the extent that these new encryption features go. Previously, Apple was providing end-to-end encryption for 14 categories of iCloud storage, including health data, messages, and so on. Now, Apple is providing end-to-end encryption for 23 categories, including the following three key categories.
iCloud Backup
The first major iCloud category to receive end-to-end encryption is iCloud Backup. To be clear, iCloud Backup is not your general iCloud file storage.
Instead, it refers to the backups your iPhone or iPad makes to iCloud. You know how when you get a new iPhone, your old iPhone data is backed up and copied to your new iPhone?
Well, in the past, those backups were not end-to-end encrypted. That means that they could have been hacked, intercepted, or viewed by staff at Apple.
Not anymore! The backup image of your iPhone or iPad will now be protected with end-to-end encryption, so you can backup your iPhone while resting easy.
Notes
Another category of iCloud storage that has been updated with end-to-end encryption is the Notes app. Your Notes in the default Notes app are shared between your devices using iCloud and that’s made possible by storing your Notes in iCloud.
Whenever these new iCloud encryption features roll out to Apple users, your Notes will now be end-to-end encrypted moving forward. That means you’ll have more privacy when taking and keeping notes on your iPhone, which is great news.
Photos
The last and perhaps most important iCloud category to receive end-to-end encryption in this new iCloud encryption update are your photos. Any photos that you store in the Photos app have, up until now, not been end-to-end encrypted.
I probably don’t need to tell you why that’s a terrible thing. No doubt that all of us have photos on our devices that we would not like shared with the rest of the world.
Moving forward, all of your photos that are backed up with iCloud will be protected with end-to-end encryption. Again, this is a huge win for Apple users and privacy overall.
When is end-to-end iCloud encryption arriving?
Alright, so when is this expansion on iCloud encryption arriving? If you’re in the U.S., it’s available right now. Update your iPhone, iPad, or Mac.
Once it’s updated, open the Settings app (System Preferences on Mac), tap/click your iCloud account, scroll down and select Advanced Data Protection, then enable it. You can find more detailed directions here.
If you do not live in the U.S., then Apple says you’ll have to wait a little longer for these advanced iCloud protections. They should be arriving by the end of 2023, though, and I’d wager that we get them in the first half of 2023. So keep your devices updated and keep an eye out!
Wait – is the FBI worried about the new iCloud encryption feature?
If you’ve been following the news on these iCloud encryption updates, then you may have heard tell that the FBI isn’t happy with this iCloud update. As you can probably imagine, this is a bit of a complex detail, so give me a moment to give you the scoop.
According to a statement given to the Washington Post, the FBI is concerned that by limiting the data they have access to, Apple is going to make it more difficult for the FBI to stop cyberattacks, organized crime, and terrorism.
On one hand, this doesn’t sound wrong to me. I can see how encrypting data that the FBI would otherwise use to stop crimes could end up being a problem for the agency.
On the other hand, the FBI and American government as a whole hasn’t exactly done a lot to make the public feel comfortable with the ways they openly and secretly use our digital data. So, admittedly, hearing that the FBI isn’t happy about these privacy changes does on some level make me feel more encouraged about these changes. But I’ll leave it up to you to form your own opinion on the situation!
Either way, it is true that the FBI has voiced disapproval over the iCloud encryption changes.
Apple announced two other new security features coming to Apple users
That’s right! While we’ve been focusing on the changes to iCloud encryption, there are actually two other new security features that Apple has announced for its users. While not as exciting (especially for the average user) these are some pretty neat updates that are worth mentioning.
iMessage Contact Key Verification
The second security feature that Apple recently announced is iMessage Contact Key Verification. This is a niche feature for those who face “extraordinary digital threats”. For instance, if you’re a public figure or someone in a position of power. If you’re in this sort of position, then you’re more likely to be the victim of impersonation attempts.
That’s exactly what this key verification feature is built to resolve. It’ll help you verify that the person you’re talking to is not an impersonator, allowing you to better control how sensitive information is spread and delivered.
It’s not yet clear whether or not this feature will be limited to at-risk individuals, or if it will be available to everyone. Either way, I imagine that this feature will be complicated, sluggish, and difficult to implement. So it’s probably not worth the hassle for the majority of users.
In other words, if you aren’t at risk for this kind of fraud, I wouldn’t worry about using this feature.
Hardware Security Keys for Apple ID
The third security feature that Apple announced is hardware security keys for Apple ID. Already, when logging into your Apple ID on a new device, a code will appear on another Apple device you own. This is a way of verifying that you really are the person setting up the new device.
Well, hardware security keys will take that a step further. They’ll be an additional code, tied to a specific piece of hardware that you own. You’ll have to provide this code and the one-time verification code to be able to access your Apple account on a new device.
While the average user can opt into this, this feature is again intended for those who are at risk. For everyday users, this is overkill and will likely be more of an inconvenience than its worth. But if you are in a position where you are likely to be the target of a cyberattack, then using this feature is probably advisable.
What else can you do to keep your Apple usage private?
Before closing out this post, I did want to give you some tips on keeping your Apple usage secure and private. Unfortunately, I think most people overlook this aspect of using their devices, which can lead to serious consequences over time.
Fortunately, Apple makes it easy to keep your data private and secure. The first thing I recommend doing is taking advantage of Keychain and its strong suggested passwords. You can read more about using Keychain here.
Next, you can switch to a privacy-first search engine. That means anything that isn’t Google Search. Personally, I use DuckDuckGo and love it.
Lastly, you can take advantage of iCloud+ and its privacy features, like Hide My Email. You can read more about that here.
Take advantage of the iCloud encryption update and keep your data safe
And that’s it! That’s everything you need to know about the new iCloud encryption features. This is great news for all Apple users, and especially those who are at risk for cyberattacks.
For more insights, news, and guides on all things Apple, check out the rest of the AppleToolBox blog.
See you next time!
Old Coot says
I read to day that the feature “ Apple’s Advanced Data Protection” is still not available in some areas in the US and not even available in Canada or the UK. Apple was some what premature I believe and should have put a footnote on their press release last week announcing it.