by Sami Fathi
As you may have heard, Apple this week announced it's expanding end-to-end encryption to additional types of data stored in iCloud with a feature called Advanced Data Protection, including device backups, photos, messages, and more. With the new change, even more types of data stored in iCloud will be fully end-to-end encrypted, a higher level of encryption standard.
To help MacRumors readers better understand what the new feature is, how it works, and more, we've created this short post answering some of the most-asked questions about Advanced Data Protection.
What does it do and why is it new?
Before Advanced Data Protection, Apple only encrypted certain types of user data in iCloud, such as passwords and health data. By encrypting data, only a trusted user device can access that information. Other information stored in iCloud, however, such as your photos, messages, and device backups, were not fully end-to-end encrypted meaning if Apple wanted to, it could access your information. With Advanced Data Protection, that all changes.
With Advanced Data Protection enabled for a specific iCloud account, the vast majority of data stored in the cloud will be end-to-end encrypted, meaning no one, not Apple, law enforcement, or governments can ever gain access to that information. Only a trusted device can decrypt that information.
What data will be fully end-to-end encrypted?
With Advanced Data Protection, users will have the following types of data end-to-end encrypted in iCloud alongside Health data and passwords.
- Device Backup
- Messages Backup
- iCloud Drive
- Photos
- Reminders
- Safari Bookmarks
- Siri Shortcuts
- Voice Memos
- Wallet Passes
It's worth noting that iCloud Mail, Contacts, and Calendar will not be end-to-end encrypted as they all require the ability to connect to external sources, such as Gmail, Yahoo, etc.
Is it enabled by default, and if not, how do I enable it?
Advanced Data Protection will not be enabled by default for users. In a recent interview, Apple's senior vice president of software engineering Craig Federighi explained that Advanced Data Protection requires extra effort from the user to enable a recovery method. The extra process and responsibility that lies on the shoulders of users in case they forget their password or lose access to their account make it impractical to force every user to go through that process, Federighi explained.
Nonetheless, even if not enabled by default, it's still easy to enable. When the feature rolls out to all US users by the end of this month, depending on when you activated your device, you'll be able to go into Settings, iCloud, and Advanced Data Protection, enable it and follow the on-screen prompts.
Can I use it now?
Not yet. Advanced Data Protection will roll out to all US users by the end of this month, and Apple says it will launch globally in early 2023. Specific dates for a global rollout are unknown.
Is it free?
Yes, it's free. Advanced Data Protection is an additional layer of protection offered to anyone with an iCloud account, at no extra charge.
What has the reaction been?
As expected, the reaction from users has been positive. With Advanced Data Protection, user data will stay more secure and private. Privacy groups have also praised the decision by Apple, calling it a "victory for user privacy." On the flip side, governments don't seem especially thrilled about the new option given to users.
[ 109 comments ]
Popular Stories
Apple Reportedly Suspends Work on Vision Pro 2
Tuesday June 18, 2024 8:17 am PDT by Hartley Charlton
Apple has suspended work on the second-generation Vision Pro headset to singularly focus on a cheaper model, The Information reports. Apple was widely believed to have plans to divide its Vision product line into two models, with one "Pro" model and one lower-cost standard model. The company is said to have been deprioritizing the next Vision Pro headset over the past year, gradually...
Read Full Article • 543 comments
Apple Explains iPhone 15 Pro Requirement for Apple Intelligence
Wednesday June 19, 2024 4:48 am PDT by Tim Hardwick
With iOS 18, iPadOS 18, and macOS Sequoia, Apple is introducing a new personalized AI experience called Apple Intelligence that uses on-device, generative large-language models to enhance the user experience across iPhone, iPad, and Mac. These new AI features require Apple's latest iPhone 15 Pro and iPhone 15 Pro Max models to work, while only Macs and iPads with M1 or later chips will...
Read Full Article • 454 comments
M4 MacBook Pro Models Expected to Launch in Late 2024
Tuesday June 18, 2024 10:50 am PDT by Juli Clover
MacBook Pro models with an M4 chip are expected to launch in the fourth quarter of 2024, according to display analyst Ross Young. In a tweet for subscribers, Young said that panel shipments for new 14-inch and 16-inch MacBook Pro models are set to begin in the third quarter of 2024, which suggests a launch toward the end of the year. Apple started its M4 chip refresh in May with the launch...
Read Full Article • 271 comments
Apple's 2024 Back to School Sale Launching This Week
Monday June 17, 2024 12:27 pm PDT by Juli Clover
Apple will launch its annual Back to School promotion for university students in the United States and Canada this week, according to Bloomberg's Mark Gurman. Apple's back to school sales provide students with a free Apple gift card when purchasing a Mac or an iPad, and this year's promotion could help Apple push the new M2 iPad Air and M4 iPad Pro models. Last year, Apple offered U.S....
Read Full Article • 118 comments
iOS 18: Calendar App Design Changes and Reminders Integration
Tuesday June 18, 2024 6:16 am PDT by Tim Hardwick
Apple in iOS 18 has given the Calendar app a major update, adding some welcome interface design changes, not to mention long-awaited integration with Reminders. In the month-by-month calendar view, the month now appears in large bold font in the top left, while the Events list toggle has been replaced by a new button that lets you choose between Compact, Stacked, Details, and List views. ...
Read Full Article • 73 comments
watchOS 11 Supports Automatic Nap Detection
Monday June 17, 2024 4:05 pm PDT by Juli Clover
watchOS 11 appears to include a new feature that allows an Apple Watch to automatically detect and record when you're taking a nap. As shared on Reddit, an Apple Watch owner took a nap and was able to see the sleep data recorded in the Health app, despite not putting the device in Sleep Mode. Right now, the Apple Watch only tracks and records sleep when it is in Sleep Mode, and there is no...
Read Full Article • 68 comments
Top Rated Comments
zorinlynx
20 months ago
Generally when the people like something and governments are upset about it, it's a good thing. :)
Score: 35 Votes (Like | Disagree)
poorcody
20 months ago
I for one would like to store information in Notes that I would not want a hacker to ever access, so this is a very positive development for me.
Score: 14 Votes (Like | Disagree)
DEMinSoCAL
20 months ago
Apple is waiting for the FBI to ramp up their servers for the Apple<->FBI APIs. Apple never said the government could not access the keys.
Yesterday's article ('https://www.macrumors.com/2022/12/07/apple-advanced-data-protection/') says that "Not even Apple has access to the encryption keys".
Score: 9 Votes (Like | Disagree)
centauratlas
20 months ago
What about Notes? Are Notes not included in the advanced protection?
Notes are supposed to be included.
"
* Advanced Data Protection for iCloud ('https://support.apple.com/en-us/HT202303#advanced') is an optional setting that offers our highest level of cloud data security. If you choose to enable Advanced Data Protection, your trusted devices retain sole access to the encryption keys for the majority of your iCloud data, thereby protecting it using end-to-end encryption. Additional data protected includes iCloud Backup, Photos, Notes, and more.
."
https://support.apple.com/en-us/HT202303
Score: 8 Votes (Like | Disagree)
centauratlas
20 months ago
Which is a lie because in the security document iCould Security Overview ('https://support.apple.com/en-us/HT202303') it says
"You can turn off Advanced Data Protection at any time. Your device will securely upload the required encryption keys to Apple servers, and your account will once again use standard data protection."
Maybe it should say, "Not even Apple has access to the encryption keys unless you tell your phone to give them to Apple by turning ADP off".
Score: 8 Votes (Like | Disagree)
centauratlas
20 months ago
How so, the keys are sent to Apple so yes they do have access to them. The code exists in the device, the process exists in the device and at Apple, only the claim that it only happens when the user does something. How do you know that there are not other ways to make this happen. Or how do you know that there is not other code that sends the keys directly to the government when requested. No one knows, this is why proprietary security is dangerous.
The keys have to exist on any device as part of the process of encryption and decryption as I am sure you know.
You are right though, there is no guarantee that they are not being uploaded in the background. Opening sourcing the code is one option. Having people monitor the network is another option to see what is going on. Of course if they aren't targeting you right then, you never know what could be sent when.
Of course, one doesn't know if TSMC has inserted a back door into the chipsets without Apple's knowledge at the behest of <name the adversary: CCP, CIA, FBI, MVD etc> or via bribe to employee(s). Or if Motorola etc has in the network chips. Or if the display manufacturer's processor can detect the word "key" on the screen and then send via some backdoor a screenshot.
There are a ton of attack vectors, whether to trust Apple here is a personal choice.
It is certainly better than before. :)
Score: 7 Votes (Like | Disagree)
Read All Comments
