While the authorities may not like this development, digital rights advocates do. “Being able to go with end-to-end iCloud backups is a very good thing,” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, a San Francisco-based digital rights group that has been asking apple to allow people to encrypt iCloud backups for years, he told BuzzFeed News. “Law enforcement loved using the iCloud backup loophole as a way to gain access to the contents of people’s iPhones without having to get the phone or find a way in.”
Apple said, however, that iCloud email and iCloud-backed contacts and calendars won’t be encrypted, because those features must interact with apps and platforms owned by other companies.
By default, Advanced Data Protection will be disabled on iPhones and iPads. When you sign up, Apple will ask you to set up a recovery key, a complex password that you can store in a safe place, or assign a trusted friend or family member as a recovery contact to help you unlock your encrypted iCloud backup. when you get a new phone or iPad.
It’s important to set up a way to unlock your data backed up by any of these means, because it will mean that only you can access your backup, not Apple. But forget or lose the recovery key and you won’t be able to unlock your iCloud backup.
“I prefer hard defaults,” Galperin said. “But if you give users the power to lock themselves out of all their data forever, they’ll do it, and then they’ll get mad and stop using your product. So I understand the business case [for having to opt in] here.”
In addition to Advanced Data Protection, Apple also announced security enhancements to iMessage, which will allow people to share a code with each other to verify who they’re chatting with. iMessage will also now warn people if state-sponsored attackers try to intercept their conversations.
If you really need extreme security, you will also be able to make it so that you need to connect a hardware security key on your iPhone and iPad to unlock them.
