Apple may have ditched encrypted backups, but Google hasn't - Android Central - Canada News Media
Connect with us

Tech

Apple may have ditched encrypted backups, but Google hasn't – Android Central

Published

on


A bombshell report from Reuters suggests Apple ditched end-to-end encryption for iCloud backups at the behest of the FBI. Citing several former Apple employees and FBI officials, the publication notes that Apple planned to switch to end-to-end encryption for iCloud — putting it on the same level as iPhones and iPads — but reversed course after consulting with the FBI.

iCloud data is also encrypted by default, but Apple holds a key to decrypt it. So in a scenario where an iCloud user is locked out of their account for whatever reason, Apple has the ability to decrypt the contents of that iCloud library. It is this reasoning that Tim Cook gave in defence of the move last year:

We do this because some users lose or forget their key and then expect help from us to get their data back.

According to Reuters, Apple was considering switching to end-to-end encryption wherein it won’t be able to recover data even when served with a court order. However, the company ultimately decided to not do so:

More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.

Under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form even under court order.

In private talks with Apple soon after, representatives of the FBI’s cyber crime agents and its operational technology division objected to the plan, arguing it would deny them the most effective means for gaining evidence against iPhone-using suspects, the government sources said.

When Apple spoke privately to the FBI about its work on phone security the following year, the end-to-end encryption plan had been dropped, according to the six sources.

It isn’t clear if FBI was able to persuade Apple to not switch, or whether the company decided of its own volition. What is clear though is that Apple has the means to provide law enforcement agencies access to your data should a court require it.

Our favorite VPN service is more affordable now than ever before

Here’s where Google comes in. The search giant quietly enabled end-to-end encryption for Android backups back in 2018, with a Titan security chip housed in Google’s datacenter ensuring data integrity. The system ensures that only you have access to your data, and should you lose your client device (your phone), there won’t be any way to recover the information as Google doesn’t hold a decrypt key. Here’s how the system works:

Starting in Android Pie, devices can take advantage of a new capability where backed-up application data can only be decrypted by a key that is randomly generated at the client. This decryption key is encrypted using the user’s lockscreen PIN/pattern/passcode, which isn’t known by Google. Then, this passcode-protected key material is encrypted to a Titan security chip on our datacenter floor.

The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user’s passcode. Because the Titan chip must authorize every access to the decryption key, it can permanently block access after too many incorrect attempts at guessing the user’s passcode, thus mitigating brute force attacks.

The limited number of incorrect attempts is strictly enforced by a custom Titan firmware that cannot be updated without erasing the contents of the chip. By design, this means that no one (including Google) can access a user’s backed-up application data without specifically knowing their passcode.

Basically, your phone PIN or passcode acts as a decryption key for the Titan module, and without it you won’t be able to access your data. So if you are looking for end-to-end encryption for backups, Google is the way to go.

A key distinction here is that the system only works for application backups and not content stored in your Google Drive. If you want to secure your data in Drive, you should look at Cryptomator or try rclone if you like to tinker.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

Apple Dropped iCloud Encryption Plans After FBI Complaint: Report – Infosecurity Magazine

Published

on


Apple dropped plans to offer end-to-end encrypted cloud back-ups to its global customer base after the FBI complained, a new report has claimed.

Citing six sources “familiar with the matter,” Reuters claimed that Apple changed its mind over the plans for iCloud two years ago after the Feds argued in private it would seriously hinder investigations.

The revelations put a new spin on the often combative relationship between the law enforcement agency and one of the world’s biggest tech companies.

The two famously clashed in 2016 when Apple refused to engineer backdoors in its products that would enable officers to unlock the phone of a gunman responsible for a mass shooting in San Bernardino.

Since then, both FBI boss Christopher Wray, attorney general William Barr and most recently Donald Trump have taken Apple and the wider tech community to task for failing to budge on end-to-end encryption.

Silicon Valley argues that it’s impossible to provide law enforcers with access to encrypted data in a way which wouldn’t undermine security for hundreds of millions of law-abiding customers around the world.

They are backed by world-leading encryption experts, while on the other side, lawmakers and enforcers have offered no solutions of their own to the problem.

Apple’s decision not to encrypt iCloud back-ups means it can provide officers with access to target’s accounts. According to the report, full device backups and other iCloud content was handed over to the US authorities in 1568 cases in the first half of 2019, covering around 6000 accounts.

Apple is also said to have handed the Feds the iCloud backups of the Pensacola shooter, whose case sparked another round of calls for encryption backdoors from Trump and others.

It’s not 100% clear if Apple dropped its encryption plan because of the FBI complaint, or if it was down to more mundane usability issues. Android users are said to be able to back-up to the cloud without Google accessing their accounts.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

The Morning After: Sonos 'legacy' plan makes smart homes look silly – Engadget

Published

on


Sponsored Links


Sonos

Hey, good morning! You look fabulous.

The more connected devices you put in your house, the more you’re counting down to the day they’re eventually obsolete. Just yesterday, we learned about Under Armour pulling the smart plug on some fitness devices it used to sell, but the big news is Sonos and its decision to put the “legacy” tag on a slew of older devices.

If you’re a Sonos fan from way back, then you probably have an older Play:5, Bridge or Zone player laying around, and now the company is telling you that it won’t get any more updates — ever. Even worse, simply continuing to use one of them could hold back your entire setup, new devices included, from receiving future updates. While the company says it’s working on a way to segment older hardware and avoid that situation, there’s enough bad news and uncertainty going around to make the situation real uncomfortable.

However things shake out for Sonos, I’m just looking around the room at various TV boxes, speakers and wristbands, trying to figure out how much time they have left.

— Richard


Calling all Photoshop experts.Is this the back of the Xbox Series X?

Now we’ve seen the next Xbox from the front, everyone is wondering what’s hiding on the other side. Pictures posted to gaming forum NeoGAF appear to show an Xbox Series X development kit in the wild, complete with a back plate lacking the Xbox One’s HDMI-passthrough setup. We’ll see if this alleged prototype holds up when the real hardware ships later this year, but for now all we have are rumors and speculation.


It will reportedly launch in March.Bloomberg: Apple will start making a smaller, cheaper iPhone in February

Apple might launch a new low-cost iPhone very, very soon. According to Bloomberg, the tech giant’s suppliers will start assembling a more affordable iPhone model, the first since the iPhone SE, as soon as February. Apple will reportedly unveil the cheaper-than-an-iPhone 11 device in March. Sources expect it to look like the iPhone 8, with a 4.7-inch screen and a current generation A13 chip, like 2019’s iPhones. Expect a return of the home button, and no Face ID.


Netflix and HBO Max will give more people access to deep-cut Ghibli classics.Studio Ghibli has embraced streaming, and the world is better for it

After years of resistance, Studio Ghibli is bringing its works to streaming services. In the US, it will launch in HBO’s Max service, while Netflix will stream the Japanese animations everywhere else, except Japan. Nick Summers explains why this is good news for all.


One app creates a printable envelope to put your phone in.Google’s experimental apps shame you into taming phone addiction

Activity Bubbles, Screen Stopwatch and Envelope are all part of the latest push from Google to get you to put your phone down (after you finish reading this, of course). The first two add on-screen reminders of how much time you’ve spent staring at a screen, while Envelope creates some physical separation. Do the apps go too far? Do they not go far enough? I can’t stay off my phone for long enough to check.


Up to five times as much as the usual price set by Uber.Uber experiment lets California drivers set their own fares

Uber is testing another new feature in what is presumably a bid to help mitigate the restrictions of Assembly Bill 5, which requires the company to treat its drivers as employees, not independent contractors. Some drivers in California will now have the ability to set their own fares.

Starting Tuesday morning, drivers operating around airports in Santa Barbara, Palm Springs and Sacramento can take part in a bidding system that allows them to increase fares in 10 percent increments, up to a maximum of five times the usual Uber price. When a ride is requested, Uber will match the rider with the driver with the lowest price. As reported by The Wall Street Journal, a person familiar with the new feature says that Uber is trialling it in smaller cities in a bid to limit potential damage to its business. What if other rideshare options are cheaper?


Two years ago…Apple reportedly dropped iCloud encryption plans amid FBI pressure

Apple may encrypt your iOS device’s locally stored data, but it doesn’t fully encrypt iCloud backups. According to Reuters sources, Apple dropped end-to-end encryption plans for iCloud, fearing another FBI confrontation. (This was following the debate over unlocking Syed Farook’s iPhone after the San Bernardino shooting.) One former Apple worker said the company might have ditched the plan over concerns customers could be locked out of their data more often.

That doesn’t mean your iCloud backup is open to all — anything in your Keychain, including passwords, as well as health data and payment information are all end-to-end encrypted.

But wait, there’s more…


The Morning After is a new daily newsletter from Engadget designed to help you fight off FOMO. Who knows what you’ll miss if you don’t Subscribe.

Craving even more? Like us on Facebook or Follow us on Twitter.

Have a suggestion on how we can improve The Morning After? Send us a note.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comment



Comments

Share

Tweet

Share

Save

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

Trump demands Apple unlock iPhones: 'They have the keys to so many criminals and criminal minds' – CNBC

Published

on


President Donald Trump, in a CNBC interview Wednesday, stepped up his pressure over Apple‘s refusal to unlock iPhones for authorities in criminal cases.

“Apple has to help us. And I’m very strong on it,” Trump told “Squawk Box” co-host Joe Kernen from the World Economic Forum in Davos, Switzerland. “They have the keys to so many criminals and criminal minds, and we can do things.”

Apple CEO Tim Cook has been credited with being able to work with the president and his administration in a way other Silicon Valley companies have stumbled. In November, Cook toured Apple’s Austin campus with Trump.

Trump told CNBC he’s helped Apple a lot.

“I’ve given them waivers, because it’s a great company, but it made a big difference.” The president was referring to waivers from tariffs put on Chinese-made imports in the trade war between Washington and Beijing.

Last week, Trump slammed Apple for declining the government’s request to unlock password-protected iPhones used by the shooter who killed three people in December at the Pensacola, Florida, Naval Air Station before being fatally shot.

In a statement, Apple said it provided gigabytes of information to law enforcement related to the Pensacola case but that it would not build a “backdoor” or specialized software to give law enforcement elevated access.

Trump told CNBC on Wednesday: “They could have given us that information. It would have been very helpful.”

The president said he’s not concerned about his relationship with Cook or Apple because the stakes are so high.

“You’re dealing with drug lords and you’re dealing with terrorists, and if you’re dealing with murderers, I don’t care,” Trump said.

Let’s block ads! (Why?)



Source link

Continue Reading

Trending