A bombshell report from Reuters suggests Apple ditched end-to-end encryption for iCloud backups at the behest of the FBI. Citing several former Apple employees and FBI officials, the publication notes that Apple planned to switch to end-to-end encryption for iCloud — putting it on the same level as iPhones and iPads — but reversed course after consulting with the FBI.
iCloud data is also encrypted by default, but Apple holds a key to decrypt it. So in a scenario where an iCloud user is locked out of their account for whatever reason, Apple has the ability to decrypt the contents of that iCloud library. It is this reasoning that Tim Cook gave in defence of the move last year:
We do this because some users lose or forget their key and then expect help from us to get their data back.
According to Reuters, Apple was considering switching to end-to-end encryption wherein it won't be able to recover data even when served with a court order. However, the company ultimately decided to not do so:
More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.
Under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form even under court order.
In private talks with Apple soon after, representatives of the FBI's cyber crime agents and its operational technology division objected to the plan, arguing it would deny them the most effective means for gaining evidence against iPhone-using suspects, the government sources said.
When Apple spoke privately to the FBI about its work on phone security the following year, the end-to-end encryption plan had been dropped, according to the six sources.
It isn't clear if FBI was able to persuade Apple to not switch, or whether the company decided of its own volition. What is clear though is that Apple has the means to provide law enforcement agencies access to your data should a court require it.
Here's where Google comes in. The search giant quietly enabled end-to-end encryption for Android backups back in 2018, with a Titan security chip housed in Google's datacenter ensuring data integrity. The system ensures that only you have access to your data, and should you lose your client device (your phone), there won't be any way to recover the information as Google doesn't hold a decrypt key. Here's how the system works:
Starting in Android Pie, devices can take advantage of a new capability where backed-up application data can only be decrypted by a key that is randomly generated at the client. This decryption key is encrypted using the user's lockscreen PIN/pattern/passcode, which isn't known by Google. Then, this passcode-protected key material is encrypted to a Titan security chip on our datacenter floor.
The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user's passcode. Because the Titan chip must authorize every access to the decryption key, it can permanently block access after too many incorrect attempts at guessing the user's passcode, thus mitigating brute force attacks.
The limited number of incorrect attempts is strictly enforced by a custom Titan firmware that cannot be updated without erasing the contents of the chip. By design, this means that no one (including Google) can access a user's backed-up application data without specifically knowing their passcode.
Basically, your phone PIN or passcode acts as a decryption key for the Titan module, and without it you won't be able to access your data. So if you are looking for end-to-end encryption for backups, Google is the way to go.
A key distinction here is that the system only works for application backups and not content stored in your Google Drive. If you want to secure your data in Drive, you should look at Cryptomator or try rclone if you like to tinker.
We may earn a commission for purchases using our links. Learn more.
iOS 14 widgets make Android's look like an absolute embarrassment
If you want your home screen to look good, you should want widgets that look great. Apple knows this, and it made sure that widgets on each of the
OnePlus Nord review: Setting a new standard for mid-range phones
The OnePlus Nord is aiming to be the best mid-range phone in 2020. With a 90Hz AMOLED display, Snapdragon 765G chipset, 48MP camera at the back, and clean software, it delivers the basics. Is OnePlus onto another winner here? Let's find out.
AC Podcast 492: TikTok/WeChat Ban; LG Wing; Pixel 5s; PS5
Daniel and Jerry are joined by Alex Dobie and Joe Maring to make sense of the impending (at the time of recording) TikTok and WeChat bans in the U.S. The crew also preview the LG Wing and discuss Apple's recent Watch and iPad announcements in comparison to Android-compatible watches and the Galaxy Tab S7. Alex also reports on the rumored Pixel 5s. Plus, the next-gen consoles are coming...
The best replacement bands for your 46mm Galaxy Watch
The strap included with the Galaxy Watch is fine, but these offer much more customization. Not only do these straps offer you the chance to change up the style of your watch, but you also get materials that bring added durability for a strap that can take what you throw at it.