What is going on with Apple? Is my iPhone’s encryption going to save me from foreign and domestic hackers? Is iPhone encryption enough to keep the F.B.I. where it belongs (in my neighbors backyard)? Just how private and secure is iOS for iPhone and iPad these days?
It depends. If you don’t use iCloud, and if you have a lengthy password that can prohibit robotic entry, and if you set your iPhone or iPad to self destruct after a limited number of attempts to gain entry, and if you are not subject to threats of physical violence to turn over the aforementioned lengthy password, well, your device is rather private and secure.
What if you use iCloud to backup your iPhone or iPad?
Different story. Electronic Frontier Foundation:
Data on your Apple device is encrypted so that no one but you can access it, and that’s great for user privacy. But when data is backed up to iCloud, it’s encrypted so that Apple, and not just the user, can access it. That makes those backups vulnerable to government requests, third-party hacking, and disclosure by Apple employees. Apple should let users protect themselves and choose truly encrypted iCloud backups.
In other words, if you keep Apple out of the mix, iPhone and iPad alone are more private and secure than the backup in iCloud. Use iCloud for a backup, and it doubles the number of sources who can access your private information. You. And Apple.
The device itself– Mac, iPhone, iPad– are about as private and secure as an average do-gooder citizen should expect. The Mac can be encrypted and you get a password and key. Lose them both and your Mac’s information is, well, toast; unrecoverable.
What about the billion or so iPhone and iPad customers? Why does Apple insist on adding itself to the mix of those who can access your private information in iCloud?
Apple is protecting users from catastrophic data loss by *not* encrypting cloud backups. If it offered encrypted backups, then there would be massive wailing and gnashing of teeth from millions of users who went with the encrypted option and then forgot their password, locking themselves out of ever seeing the data (precious family photos, etc) that was on their lost/broken phone ever again.
There you have it. A good, rather pragmatic reason why you’re not the only one who can have access to your own information backed up in iCloud. Apple is saying that customers cannot be trusted with their own passwords for iCloud, so Apple wants to do right and help out where it can.
Except for one thing. Governments and judicial proceedings can be brought against Apple to force them to open your iCloud backups.
So, what I propose is the obvious. The Mac’s FileVault is encryption that cannot be broken; lose the password and key and the data is not something Apple– or anyone else– can easily retrieve. Apple can give customers who backup to iCloud a similar toggle switch. Leave it off, and both you and Apple have access to the iCloud backup. Turn it on, and you take the situation into your own hands– only you can access the backup, and if you lose the password, you won’t be able to get the data back again.
And, of course, neither will government officials or the courts.